In some cases, it may be necessary to move the mysql database from the default directory (/ var / lib / mysql) to another directory or even to a separate partition. For example, to protect databases from damage, in case the file system on the primary partition is damaged.
Forward Secrecy for nginx
In today's world, data encryption is not just a whim, but a direct necessity. In particular, encrypting http traffic is of great importance for all sites where any personal data is processed. And also to protect against mitm attacks.
Thus, the use of Forward Secrecy on web servers becomes mandatory for each site that works using the https protocol and allows you to improve the strength of information encryption.
Forward secrecy can be properly configured in nginx.
(Further…)
Ssh key authentication with putty on windows
Authentication in ssh by key has several advantages. First, the convenience. You can have several servers and one key. It is not necessary to enter the password from the server you need each time, which will save time. Secondly, it is safe. You can disable password authentication and ssh will be protected from brute force.
In this article we will analyze work with Putty on Windows. For it there is a handy utility - pgagent, capable of booting automatically when the OS starts, and storing a private key in memory. It can be used not only for Putty, but also for Filezilla.
MySQL Error: [Warning] user entry root @
After installing the mysql server, the following error appears in the daemon.log log:
Jul 24 15:29:08 srv mysqld: 140724 15:29:08 [Warning] 'user' entry 'root@example.com' ignored in --skip-name-resolve mode. Jul 24 15:29:08 srv mysqld: 140724 15:29:08 [Warning] 'proxies_priv' entry '@ root@example.com' ignored in --skip-name-resolve mode.
ClamAv: simplest site scan for viruses
ClamAv not bad copes with the search for shells and viruses on sites. One day, he helped me discover a shell cast on a site with WordPress. The problem turned out to be in some kind of plugin, but this is already beyond the scope of the article. :)
Incorrect display of htop colors in putty
In the old version putty 0.62 all htop colors were displayed as follows. In the latest version 0.63, some colors are not displayed. Or they are displayed, but only when you select the process with arrows on the keyboard or with the mouse. In general, it looks like this:
Fight against wordpress brute force
For quite a long time on various websites and forums there were articles and topics that spoke of numerous brute-force attacks on wordpress sites. Recently had to face this infection. :)
In this post, I would like to tell you about my experience in dealing with the selection of a password on sites that work on WordPress. Immediately, I note that all my sites work on nginx + php-fpm .
Iptraf: interactive network monitoring
I found a convenient program to view the current load on the network. Called iptraf. The most interesting thing for me in this program is the detailed load on a specific interface, indicating the outgoing and incoming traffic, the number of packets, etc.
Tinyproxy: your proxy server in five minutes
A proxy server is often a necessary thing. Applications of this wonderful tool - weight. For example, visiting a site where your ip address is blocked by the administrator. :)
Tinyproxy will be considered - a small but convenient proxy server. Let's try setting it up by spending no more than five minutes on it. First, install it:
# aptitude install tinyproxy
File and folder permissions
Task: prevent access to user files on the server from being read by other users. It can be useful if there are several users on the server, the first one has been hacked and on its behalf they are trying to view directories of other users.