Technical Bits n Pieces


This really is and aide memoire, a scrap pad, random commands etc ……. as I come across errors, workarounds, fixes.

This is all about making those notes so that I don’t have to trawl Google again to find the answers and at least I know these commands work ūüôā

How to grep IP addresses in a file?

I needed to tail a file for IP addresses as some thing was using a large amount of web server resource. The log file is called httpd-access

¬†tail -f httpd-access_log | grep -E -o “([0-9]{1,3}[\.]){3}[0-9]{1,3}”

How to deny and ip address from accessing your server?

Yes you can use a firewall, but if you are behind a load balancer or proxy server then you can not.

In either the httpd.conf or the .htaccess file add the following lines :-

httpd.conf – add these to the directory element of the file

Order allow,deny
Allow from all
deny from Enter IP address

At the end of the file

<Files 403.shtml>
order allow,deny
allow from all

.htaccess – add this to the IfModule element, You can deny IP addresses or use a RewriteCond and Rule.

# Block Bad Bots
RewriteCond %{HTTP_USER_AGENT} ^.*(Vagabondo).*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(AhrefsBot).*$ [NC]
# ISSUE 403 / SERVE ERRORDOCUMENT
RewriteRule . - [F,L]
order allow,deny
allow from all

deny from Enter Ip address here

Add this at the end of the file

<Files 403.shtml>
order allow,deny
allow from all
</Files>

The server will redirect traffic to a 403 error.

 

How to log the source IP address when behind a load balancer or proxy?

You use a load balancer to spread the load of your web sites, but how can you find the ip address of who is using your site, this is specific to the Apache server but something similar will work on nginx I am sure.

In the httpd.conf file change the

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

to

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{X-Forwarded-For}i\"" combined

You now should create some custom logs files, again in httpd.conf add the following lines to the virtualhost element

ErrorLog logs/httpd-error_log
CustomLog logs/httpd-access_log combined

…..

Allowing SSH access to Ubuntu 14.0 LTS Desktop

We are running some software that needs a Linux desktop, I am not a big fan of Ubuntu but it is one of the listed supported platforms.

I obviously need vnc access, wow what a pain. Centos / Redhat easy to do Ubuntu !!!!

So I though ssh on and just configure, well there is no SSH access out of the box. Build for the GUI generation. To get ssh access

sudo apt-get update
sudo apt-get install openssh-server

 

You now have ssh access!!!

 

Create a patch file and then the application of the patch

If you need to create a differential file for redeployment on another system then creating a patch file is ideal.

You will need the patch utilities installed

yum install patch

Now to create your patch file. Copy the original file into the same directory

e.g. cp config.php config.php_chg

Now update the config.php_chg file with all of your amendments

Now to create the file

diff -Naur config.php config.php_chg > config.php.patch

If you want to now apply the patch

patch config.php < config.php.patch

You now should keep the file in a safe place or if it is not a sensitive change, i.e. containing passwords then you can add it to https://gist.github.com/

 

 

 

 

 

 


					
Advertisements


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s