If you use modsecurity2 Plugin Filter on a Apache2 / Apache24 Setup then on my Blogs Gutenberg fails to SAVE Pages and Drafts. Workaround: Install the old but useful “Classic Editor Plugin” and replace Gutenberg for all Users! Background: It seems the lastest stable mod_security2 Rules not modified for Gutenberg post urls!
On Debian Sid i have seen that ufw service is stopped on logrotate!! Its a bad known bug! Workaround: Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2) Disable unneeded Services ! like Samba, FTP… move config from /etc/logrotate.d/ufw to /root/ to disable ufw logrotate !! edit /etc/ufw/ufw.conf set LOGLEVEL to “off” restart the Server and check open Ports next Days from outside with: $sudo nmap -PN my.server.com
FAIL2BAN blocks access to “.ocdata” file! Apache Error Log: ..AH01630: client denied by server configuration: … cloud/data/.ocdata create with a Custom Rule for FAIL2BAN do: $sudo nano /etc/fail2ban/filter.d/apache-auth.local insert: [apache-auth] ignoreregex = nextcloud/data/.ocdata do: $sudo service fail2ban restart Check Log: tail -f n50 /var/log/apache2/error.log Remark: Sometimes the Login take long time after Enter the Password this indicates a filled up “oc_bruteforce_attempts” Table!! login into mysql: $mysql -u user -p select database: USE Nextcloud; show all values from the oc_bruteforce_attempts table, use: SELECT * FROM oc_bruteforce_attempts; remove “ALL” IP’s from the table, do step by step: DELETE FROM oc_bruteforce_attempts WHERE IP="xxx.xxx.xxx.xxx"; […]
I did a deeper firewall test on my fresh installed OpenWRT Router and activated a “Ads Blacklist” after this my owncloud Share Login loops! Result: Seems that some IP’s of the “Update Check Tool” Servers, which is installed inside the PHP-Kit is blacklisted. So it seems the Code calls home! With this option its possible to count and collect IPs of Setups! Perhaps checkout unpatched Versions! I didn’t check deeper, but the behavior was clear without viewing the codes. After publish this Info via Twitter: REMARKS: No Company / Developer works for “free” After Setup of PHP-Kits do a […]
If you use the wordpress app to publish posts you must set the User Role from Author to Editor, if not you got errors to upload post updates!
Apparmor has a current bug with the Kernel 4.14 on Debian and seems Ubuntu too, it blocks MySQL and other services from clean run. Bug touches Network Stack of the Kernel
I have often seen that the Unity Topbar of Ubuntu LTS is hidden or not clean loaded after Login. It’s Caching Problem of Unity (Compiz) and Lightdm, if the PC is not clean rebooted or started. Howto fix: sudo rm -fr ~/.cache/compizconfig-1 \ && sudo rm -fr ~/.compiz && sudo service lightdm restart Now relogin and check.. if ok do a Profile Backup! with: tar -cvzf /usb-backup-stick/compiz.tgz \ /home/username/.cache/compizconfig-1 /home/username/.compiz
If you work on older Laptops and you use a Console only System Setup like on Debian there is a Bug on systemd and the console-setup package since years. After reboot all Font Settings seems gone. But the Settings are not real gone, cause systemd does not pull the settings on boot! How to fix? edit the crontab of root by sudo su – crontab -e insert the /bin/setupcon command on “@reboot” means on every boot! @reboot /bin/setupcon > /dev/null 2>&1 save and exit, reboot now now the PC should echo big Fonts for old eyes “Terminus 20×12 Frambuffermode”
Current is a UNFIXED Bug on Debian 9.0 Stretch which makes impossible to easy install DKMS Nvidia-Legacy Drivers 304/340 for older Geforce Cards https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852152 To run nouveau on upgrade 8.0 to 9.0 go to /etc/modprobe.d and remove MANUAL all blacklist configs (*.conf) of nvidia cause some glued on upgrade and are not purged automatic by the upgrade. Cause they will block nouveau load at boot (xserver-xorg-video-nouveau) Then run on Terminal: $sudo update-initramfs -u -k all $sudo update-grub $sudo reboot Remarks: Older Hardware isn’t supported by Legacy Drivers after Nvidia-375!! If you not forced to upgrade to 9.0, then WAIT! up […]
If you use two Linux Servers with NFS Shares connect over Gigabit Interfaces for Backups, you perhaps remark performance problems on using rsync. It does often pause transmissions or reach only a rate of 32Mb/s. That’s bad and waste time and energy. Background: After some Tests of running Backups with single files and compressed big archives, the scans of my tools like iftop, systat, iptraf found out that the used Option “rsync -avz” was the bottle neck, cause the Data Rate break down at intervals. The “z” compress option was described on howtos as must have for slower networks did […]
If you use Ubuntu Desktop 16.10 you will run sometimes into freezes of the Desktop with a Default Setup. Background: Theres a known Bug of the Deja-Dup Backup Service which is started by Cron. The Service take 100% Ram and 100% CPU usage. This did my PC with 16GB Ram too! Only HARD RESET helps to get back Control! Solution: Purge the deja-dup service with: $sudo apt purge deja-dup Use instead the “rsync” tool by command line with users crontab to Backup your User Homes to external or 2nd. Disk. This should fix the problem.
If you use the current “head” Version (Release 12) of FreeBSD with a svn updated /usr/src path you could run into errors after updating the OS via buildworld from sources. There’s a bug ahead Revision “r314099” at the “portsnap” lib that will stop on extracting the ports.tgz to /usr/ports! Solution: Pull again sources to /usr/src with $svn update /usr/src $make buildworld $make buildkernel $make installkernel $reboot $mergemaster -p $make installworld $mergemaster -FiU $reboot $portsnap fetch update #again.. to update ports tree $portupgrade -a $reboot This should work now, the failed portsnap extract function was a known bug. If you dont […]