FAIL2BAN blocks access to “.ocdata” file! Apache Error Log: ..AH01630: client denied by server configuration: … cloud/data/.ocdata create with a Custom Rule for FAIL2BAN do: $sudo nano /etc/fail2ban/filter.d/apache-auth.local insert: [apache-auth] ignoreregex = nextcloud/data/.ocdata do: $sudo service fail2ban restart Check Log: tail -f n50 /var/log/apache2/error.log Remark: Sometimes the Login take long time after Enter the Password this indicates a filled up “oc_bruteforce_attempts” Table!! login into mysql: $mysql -u user -p select database: USE Nextcloud; show all values from the oc_bruteforce_attempts table, use: SELECT * FROM oc_bruteforce_attempts; remove “ALL” IP’s from the table, do step by step: DELETE FROM oc_bruteforce_attempts WHERE IP="xxx.xxx.xxx.xxx"; […]
Category: Open Source Software Bug Reports
I did a deeper firewall test on my fresh installed OpenWRT Router and activated a “Ads Blacklist” after this my owncloud Share Login loops! Result: Seems that some IP’s of the “Update Check Tool” Servers, which is installed inside the PHP-Kit is blacklisted. So it seems the Code calls home! With this option its possible to count and collect IPs of Setups! Perhaps checkout unpatched Versions! I didn’t check deeper, but the behavior was clear without viewing the codes. After publish this Info via Twitter: REMARKS: No Company / Developer works for “free” After Setup of PHP-Kits do a […]
If you are current using Nextcloud / Owncloud or other PHP-Kits for File Handling you should know these remarks: Based on this Article You must know: Details of Security about your current used PHP Versions (7.X) Details of your used Database Version (MySQL..) Details of hardened OS and Webserver Version (Apache,Firewall,fail2ban,file policys, selinux, apparmor filter) See ALWAYS PHP-Kits of opensource with the trust of NON HARDENED SOFTWARE (prefer NON-PUBLIC ACCESS) You can ACCESS this Software thru SSH TUNNELS with a local running non-caching PROXY (privoxy) Use the SSH Tunnels on unknown Ports and Login via Key Files which must be […]
I have often seen that the Unity Topbar of Ubuntu LTS is hidden or not clean loaded after Login. It’s Caching Problem of Unity (Compiz) and Lightdm, if the PC is not clean rebooted or started. Howto fix: sudo rm -fr ~/.cache/compizconfig-1 \ && sudo rm -fr ~/.compiz && sudo service lightdm restart Now relogin and check.. if ok do a Profile Backup! with: tar -cvzf /usb-backup-stick/compiz.tgz \ /home/username/.cache/compizconfig-1 /home/username/.compiz
If you use a Amazon Kindle Fire 2015 (45$) Generation “Ford” or other Android Tablets,Smartphones you must know some MAJOR Informations about the Firmware Handling. If you were asked by the Fire OS or Android to “Upgrade” the Firmware OS, DON’T PUSH YES it without READING DETAILS! I prefer ALWAYS NO FIRST! Use ALWAYS a SDCARD to hold the MAJOR Data of your Tablet, cause if bricked or damaged you can’t pull off the DATA!!! Android Firmware Images INCLUDE not only the OS, it includes DRIVERS, and the MAJOR BOOTLOADER!! Cause Android Devices use no real BIOS!! If you Upgrade, you […]
After some weeks of cleaning up my blog, i remarked a very bad ranking from under the first 10 on google to nirvana What did i change? saved wp-login with htaccess to non-public set post content with “read more” buttons Background: Search engine like google wasn’t able to pull content of posts which are cut by “more” Search engine wasn’t able to pull relinks over the wp-admin url by the internal wordpress feeds I was forced to turn back my settings and wait for better ranking.. not safe but must be..
Last days there was a high count of news about the Bot Attacks against T-Com Telekom Router devices. To understand the behavior about this up comming security problems you should know following points : Every network supported device can be a goal for a attack ( Routers, Modems, PC, Fridges,IP-TV, IP Switches, IP-Cams…) You have to update the OS for each device monthly, if not supported by the manufacter, then dont buy! Try to get Opensource Hardware with Opensource Software for full access (ssh / console) to have full control Reduce the count of devices who are connected direct to […]
Today i was touched by a Bug of my fritzbox 7490, after installing a USB 3.0 Stick as NAS the Wifi connect was broken to all devices! After some search on net i found this post: http://avm.de/service/fritzbox/fritzbox-7490/wissensdatenbank/publication/show/1636_WLAN-Stoerungen-bei-angeschlossenem-USB-3-0-Geraet/ Background: The high magnetic frequency’s of USB 3.0 data transfer inside the cable or stick hangup the WIFI chips! It works like a WIFI JAMMER!! DONT USE A ROUTER AS NAS! If it fails or overheat all devices are offline!! It’s a really big joke that most Manufacter sell devices without TESTING!! I call it Banana Hardware..
Details: If you enable the basic builtin RSS Widget Module and set the RSS Feed URL like http://www.domainname.com/feed/ the widget set the URL only on the little “RSS Icon” but NOT on the RSS Hyperlink ! The Hyperlink is pulling the Value of $url (www.domainname.com) but not adding “/feed/” subdir value. Solution: go ../wp-includes/widgets/ edit with $nano class-wp-widget-rss.php go line 81 show title “rsswidget” href ” ‘ . esc_url ( $link ) . #change here $link to $url exit and save.. check results..
If you boot your PC on a Setup CD into “live” mode after some time the Desktop Unity or Gnome starts. After successful testing the PC with the current Drivers and Kernel you can select “Install” by pressing the icon left on the desktop. But here the Problem appear that you dont see any informations about bugs, crashes, or other major messages during the setup. Without this you are not able to find any errors later, or you cant tell a supporter what happend! Workaround (#comments!): Always open a gnome-terminal as first step instead of pressing the installer icon! move the gnome-terminal […]
gvfs-smb Bug #1075923 (seen on Debian+Ubuntu+Centos..more..) Workaround: downgrade gvfs-* to Version 1.12 of 12.10 with: add /etc/apt/sources.list deb http://de.archive.ubuntu.com/ubuntu precise main deb-src http://de.archive.ubuntu.com/ubuntu precise main run: sudo apt-get update install synaptic: sudo apt-get install synaptic run synaptic: sudo synaptic remove all gvfs-* nautilus with synaptics (REALLY CHECK ALL! see “dpkg -l | grep gvfs”) search gvfs-*, select, press CTRL+E (Force Menu) select: gvfs-* Versions 1.12 install by run install button search and install nautilus again.. Voila…Test Nautilus copy 1TB Files without freeze
Problem: My brand new Seagate Drives running as Raid1 with two Seagate ST3000DM001-9YN166 on Debian clicks sometimes. Background: Noise is made by parking heads and spin control by the firmware, often seen on Home NAS (Update 2017: The Firmware of this Generation is buggy, Fault rate 70% after 2 Years) Solution: go to Manufacter Site and download the firmware update iso burn it to CD reboot the PC on this CD, using Freedos and the Update tool update the firmware and reboot to Linux again edit with sudo vi /etc/rc.conf /sbin/hdparm -W 0 /dev/sda #Systemdrive disable Cache against Powerloss! /sbin/hdparm […]