There are instances where a full htaccess redirect rule is not the best solution, specifically to enforce only a single page to be encrypted. This may occur during PCI compliance scans which report an insecure login page. In this example, simply adding the following code to the header of the SSL-desired page will force it […]
Read MoreBy default, bind will allow recursive queries for lookups on other domains that are not master zones on the name server. This presents some PCI compliance issues and some informational vulnerabilities (allowing third parties to query the nameserver). It is important to restrict who can perform DNS queries, in addition to what is allowed to […]
Read MoreRecently, there’s been a few instances I’ve come across where DNS updates have been “stuck” or broken due to people screwing up the zone serial numbers. The fields of the zone’s SOA resource record, in particular the “serial number”, determines whether an actual data transfer need occur at all. The name servers compare the serial […]
Read MoreWhen attempting to compile using PECL install, you will likely get an error stating: checking whether the C compiler works… configure: error: cannot run C compiled programs. This is due to the environment CentOS and Redhat flavors have for the /tmp directory. Rather than remounting /tmp without exec, you can compile the module manually on […]
Read MoreFrom time to time, I’ll hear a request from a customer to setup custom nightly automated backups using ftp, rsync, or scp. I’ve created this script for my own personal backup needs, but have since realized it’s value for implementing in customer environments as well. The script relies on rsync, and can be setup to […]
Read MoreUse this to output a human readable list of suspended cPanel users. Helpful when performing disk reclamations, outputs an available suspension reason along with size of the account: # cd /var/cpanel/suspended # for i in * ; do echo -n "$i - "; cat $i ; echo -n " ### suspension date: `ls -la $i […]
Read MoreA long awaited release for eDesk is live as of my evening off this morning. It includes a new frontend, Iframes, and I’ve included separate functionality for separating queues by department and Tier, as well as the addition of the “Search Frog” which allows easy lookup of client information or case details. For more information, […]
Read MoreSometimes you will find issues where we’re constantly having to regenerate the logs due to server load issues, log file size, or other factors. Or, the customer may actually request this access. We can enable a particular user to update his Awstats through an update link on the top of his Awstats window. Follow the […]
Read More
Erik
Thursday, January 28, 2010
linux administration - tips, notes and projects
3 Comments