Category: Apache

mj12bot hammer mediawiki

Here some IP’s of some Botnet Servers of mj12bot.com: the Botnet ignores robots.txt and hammers on Mediawiki’s! A sorted output of a Log done with :   cat /var/log/apache2/other*.log|grep MJ | awk '{ print $2 }' | sort | uniq -c | sort -n Output for ufw Firewalls: 162.210.196.97 144.76.3.131 148.251.195.14 5.9.158.195 173.208.157.186 176.31.255.65 178.63.34.189 69.30.198.186 144.76.60.198 40.121.210.108 5.189.152.91 5.9.66.153 69.30.198.242 69.30.205.218 81.109.126.245 192.99.10.47 If this doesn’t help the use “Apache AUTH Basic” to block unwanted access!! It’s easy to setup.

WordPress Gutenberg Editor fails on modsecurity2

If you use modsecurity2 Plugin Filter on a Apache2 / Apache24 Setup then on my Blogs Gutenberg fails to SAVE Pages and Drafts. Workaround: Install the old but useful “Classic Editor Plugin” and replace Gutenberg for all Users! Background: It seems the lastest stable mod_security2 Rules not modified for Gutenberg post urls!

Convert WordPress Blog into Static Websites

For some reasons you want to convert your WordPress with Linux Tools into a Static Website: low level Hosting no SQL + PHP for higher Security Then open a Terminal and enter into a Text Editor: nano wp2statis.sh: #!/bin/bash wget \ –recursive \ –no-clobber \ –page-requisites \ –html-extension \ –convert-links \ –restrict-file-names=windows $url-of-site exit 0 Advantage? wget runs on most WP-Themes low Load on the convert Process Script can be used to run by Cron automaticly every Night !

Website Speed Test with Linux

If you own a Blog and want to check the Speed with your local Linux Computer use a commandline tool called curl. Open a Terminal and enter:   curl -o /dev/null -s -w 'Connect: %{time_connect}\nStart Transfer: %{time_starttransfer}\nTotal: %{time_total}\n' https://www.yourdomain.de System Echos: Connect: 0,084774 Start Transfer: 0,173280 Total: 0,228651 Advantage? You will see the Website Load Time of Users at your Location (Country Area) You can check “high performance Clouds” vs. “bare metal Servers” or “virtual Hosting” You see that mostly expensive Hosting is wasted money cause “shared” IO V-Host is SLOWER! You get the real “felt” IO for Users who […]

WordPress Speed Test Optimization

If you use WordPress and you want to get better results on search engines and  social media checkout: Load Speed at Google free Speed Analyser for Developer https://developers.google.com/speed/pagespeed/insights/ Reduce and Control the Plugins Reduce and Control Images at Content and Image Sizes 50-100 kb Limits Use latest PHP Version if possible 7.3 Use cached MySQL if available Result: If green your Job is done well.. cause old rule, LESS is often MORE  

Apache MEMCACHED UDP Protection

Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called “memcached” Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to localhost or socket Admins MUST setup a FIREWALL like “ufw” (iptables) and MUST check own Server for OPEN PORTS with nmap The Problem is that Attackers can run Scripts against to your Server in a 10^6 Range like a BOTNET !! with ONE PC cause […]