FAIL2BAN blocks access to „.ocdata“ file! Apache Error Log: ..AH01630: client denied by server configuration: … cloud/data/.ocdata create with a Custom Rule for FAIL2BAN do: $sudo nano /etc/fail2ban/filter.d/apache-auth.local insert: [apache-auth] ignoreregex = nextcloud/data/.ocdata do: $sudo service fail2ban restart Check Log: tail -f n50 /var/log/apache2/error.log Remark: Sometimes the Login take long time after Enter the Password this indicates a filled up „oc_bruteforce_attempts“ Table!! login into mysql: $mysql -u user -p select database: USE Nextcloud; show all values from the oc_bruteforce_attempts table, use: SELECT * FROM oc_bruteforce_attempts; remove „ALL“ IP’s from the table, do step by step: DELETE FROM oc_bruteforce_attempts WHERE IP="xxx.xxx.xxx.xxx"; […]
Kategorie: Open Source Software Bug Reports
I did a deeper firewall test on my fresh installed OpenWRT Router and activated a „Ads Blacklist“ after this my owncloud Share Login loops! Result: Seems that some IP’s of the „Update Check Tool“ Servers, which is installed inside the PHP-Kit is blacklisted. So it seems the Code calls home! With this option its possible to count and collect IPs of Setups! Perhaps checkout unpatched Versions! I didn’t check deeper, but the behavior was clear without viewing the codes. After publish this Info via Twitter: REMARKS: No Company / Developer works for „free“ After Setup of PHP-Kits do a […]
If you are current using Nextcloud / Owncloud or other PHP-Kits for File Handling you should know these remarks: Based on this Article You must know: Details of Security about your current used PHP Versions (7.X) Details of your used Database Version (MySQL..) Details of hardened OS and Webserver Version (Apache,Firewall,fail2ban,file policys, selinux, apparmor filter) See ALWAYS PHP-Kits of opensource with the trust of NON HARDENED SOFTWARE (prefer NON-PUBLIC ACCESS) You can ACCESS this Software thru SSH TUNNELS with a local running non-caching PROXY (privoxy) Use the SSH Tunnels on unknown Ports and Login via Key Files which must be […]
I have often seen that the Unity Topbar of Ubuntu LTS is hidden or not clean loaded after Login. It’s Caching Problem of Unity (Compiz) and Lightdm, if the PC is not clean rebooted or started. Howto fix: sudo rm -fr ~/.cache/compizconfig-1 \ && sudo rm -fr ~/.compiz && sudo service lightdm restart Now relogin and check.. if ok do a Profile Backup! with: tar -cvzf /usb-backup-stick/compiz.tgz \ /home/username/.cache/compizconfig-1 /home/username/.compiz
If you use a Amazon Kindle Fire 2015 (45$) Generation „Ford“ or other Android Tablets,Smartphones you must know some MAJOR Informations about the Firmware Handling. If you were asked by the Fire OS or Android to „Upgrade“ the Firmware OS, DON’T PUSH YES it without READING DETAILS! I prefer ALWAYS NO FIRST! Use ALWAYS a SDCARD to hold the MAJOR Data of your Tablet, cause if bricked or damaged you can’t pull off the DATA!!! Android Firmware Images INCLUDE not only the OS, it includes DRIVERS, and the MAJOR BOOTLOADER!! Cause Android Devices use no real BIOS!! If you Upgrade, you […]
After some weeks of cleaning up my blog, i remarked a very bad ranking from under the first 10 on google to nirvana What did i change? saved wp-login with htaccess to non-public set post content with „read more“ buttons Background: Search engine like google wasn’t able to pull content of posts which are cut by „more“ Search engine wasn’t able to pull relinks over the wp-admin url by the internal wordpress feeds I was forced to turn back my settings and wait for better ranking.. not safe but must be..
Last days there was a high count of news about the Bot Attacks against T-Com Telekom Router devices. To understand the behavior about this up comming security problems you should know following points : Every network supported device can be a goal for a attack ( Routers, Modems, PC, Fridges,IP-TV, IP Switches, IP-Cams…) You have to update the OS for each device monthly, if not supported by the manufacter, then dont buy! Try to get Opensource Hardware with Opensource Software for full access (ssh / console) to have full control Reduce the count of devices who are connected direct to […]
Today i was touched by a Bug of my fritzbox 7490, after installing a USB 3.0 Stick as NAS the Wifi connect was broken to all devices! After some search on net i found this post: http://avm.de/service/fritzbox/fritzbox-7490/wissensdatenbank/publication/show/1636_WLAN-Stoerungen-bei-angeschlossenem-USB-3-0-Geraet/ Background: The high magnetic frequency’s of USB 3.0 data transfer inside the cable or stick hangup the WIFI chips! It works like a WIFI JAMMER!! DONT USE A ROUTER AS NAS! If it fails or overheat all devices are offline!! It’s a really big joke that most Manufacter sell devices without TESTING!! I call it Banana Hardware..