2016-06 mercury admin
Upgrade notes for mercury.bonmot.ca Date: 22 June 2016 Notes 20:29h Initial update went OK. Looking for . . . SSL cert installed. Followed instructions in https://www.e-rave.nl/create-a-self-signed-ssl-key-for-postfix . . . code execution vulnerability (described in https://drupal.org/SA-CORE-2013-003), it is recommended . . . many of the fixes are backported from there) at https://www.samba.org/samba/history/samba-4.2.0.html . . . and https://www.samba.org/samba/history/samba-4.2.11.html . . .
12K - last updated 2016-06-23 10:47 UTC by Dan
2017-11 virus
===Warnings=== <pre> Nov 15 06:59:08 mercury sshd[28025]: Accepted password for www-data from 200.187.150.144 . . . ; COMMAND=cat /etc/passwd it’s this code: https://forums.gentoo.org/viewtopic-t-1071762.html?sid=dd3123941f591f81c8ab5b8c4769dd1f . . .
4K - last updated 2017-11-28 09:20 UTC by Dan
2017 mercury move
Copied from [[2013-06 Move]] * New machine: mercnew.bonmot.ca 199.255.223.73 Debian 9.11 * Old mercold . . . running # Do hardening - guide here: https://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html . . .
4K - last updated 2020-02-04 23:30 UTC by Dan
2020 mercury move
==Move Options== ; Pay Up : just give Giles $50/mo. Adv: no work required, Canadian, local ; canadianwebhosting . . . kimsufi are discount tiers. : KS-1 in Montreal https://www.kimsufi.com/ca/en/servers.xml This would . . . data centre in Roubaix, France ==Shopping== ; https://www.scaleway.com/fr/dedibox/tarifs/ : 7.99€/mo . . . : Nothing seems to work on their site? https://bignodes.com/budget-high-storage-vps/ $20/year . . . year. But with minimal storage ; hostwinds.com : https://www.hostwinds.com/vps/unmanaged-linux.php?gclid=CjwKCAiAnfjyBRBxEiwA-EECLOBy-zyPyCwoVQljDtUWkuGkDfRd_9quzGW3N1s1JTeAmGp6u_r-sBoC8rMQAvD_BwE . . .
4K - last updated 2021-11-04 14:37 UTC by Dan
2021-01-07
SteveBromwich recommended some IP tuning on mercury.bonmot.ca Most suggestions are from https://enterprise-support.nvidia.com/s/article/linux-sysctl-tuning . . .
1K - last updated 2023-01-26 10:16 UTC by Dan
2021-03-19
PHP upgrade due to security concerns <pre> root@mercury:/local/home/daniel/www/Recipes# apt list --upgradable . . . ==nmap exploration== <pre> Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-19 10:37 EDT Nmap scan . . . EXPLOITPACK:98FE96309F9524B8C84C508837551A19 5.8 https://vulners.com/exploitpack/EXPLOITPACK:98FE96309F9524B8C84C508837551A19 . . . EXPLOITPACK:5330EA02EBDE345BFC9D6DDDD97F9E97 5.8 https://vulners.com/exploitpack/EXPLOITPACK:5330EA02EBDE345BFC9D6DDDD97F9E97 . . . *EXPLOIT* | EDB-ID:46516 5.8 https://vulners.com/exploitdb/EDB-ID:46516 *EXPLOIT* . . .
11K - last updated 2021-03-19 11:49 UTC by Dan
2021-07 updates
mercury hadn't been rebooted since I set it up in 2020-03. Get a spare server named mercnew and configure . . . - 50-odd packages including MariaDB * "Err:8 https://packages.sury.org/php stretch InRelease The . . .
1K - last updated 2021-07-10 08:51 UTC by Dan
2023-01 update
Done on 2023-01-19 Original plan: upgrade mercury from Debian 9 "stretch" to 10, "buster." #nslug denizen . . . convinced me to then do 10 --> 11, "bullseye". [https://www.debian.org/releases/buster/amd64/release-notes/ch-upgrading.en.html . . . stretch --> buster instructions here] [https://www.cyberciti.biz/faq/update-upgrade-debian-10-to-debian-11-bullseye/ . . . gone? - no, just some. Now do 10 --> 11 with https://www.cyberciti.biz/faq/update-upgrade-debian-10-to-debian-11-bullseye/ . . .
3K - last updated 2023-04-24 12:33 UTC by Dan
2023-02 RebuildWayvesSite
Dialog with consultant I need a custom theme for a d10 site, that looks similar to https://wayves.ca . . . things: the main page, and the Article page: https://wayves.ca/halifax-pride-exec-director-2022-11 . . . Upgrade * Enable the Migrate modules. * Visit https://new.wayves.ca/upgrade * [ ] Disable the Migrate . . .
2K - last updated 2023-02-18 10:00 UTC by Dan
2024-04 email blockage
Norval had complained about not getting his mail. I wasn't getting texts sent to 9024990488@txt.bell.ca . . . with this tool: * log in to kimsufi account * [https://ca.api.kimsufi.com/console/#/ip/%7Bip%7D/spam/%7BipSpamming%7D/unblock~POST . . .
1K - last updated 2024-04-10 13:02 UTC by Dan
2024-06-20
Removed all of Solar NS zone and files and site * Drupal 8 site solarns.ca ** did a copy of the site . . . to https://bonmot.ca/solarns.ca_2024-06-14 ** tarr'd and . . .
1K - last updated 2024-06-20 12:39 UTC by Dan
Drupal
=Common Drupal Procedures= * Drupal 10 is in /etc/drupal/10 ===Set Yer Var=== drupal=10 ===Update drupal=== . . . Shows / Sliders / Slideshows=== Tutorial here: https://www.youtube.com/watch?v=ku_97a6Bgkg You need . . . to install this js stuff: https://www.drupal.org/docs/contributed-modules/views-slideshow/installation-requirements . . . A Static Archive=== Follow instructions [https://www.drupal.org/docs/administering-a-drupal-site/creating-a-static-archive-of-a-drupal-site . . . here.] httrack https://solarns.ca -O /local/bonmot/solarns -N "%h%p/%n/index%[page].%t" . . .
5K - last updated 2024-09-07 11:23 UTC by Dan
MaliciousPHP
2021: notice malicious PHP files written in EVERY apache-writable directory in the filesystem. Not very . . . of sports gambling info? Decode the php with https://www.unphp.net/ 2021-02-28: Notice that these . . .
2K - last updated 2021-06-30 10:07 UTC by Dan
MySQL
Data is in /var/lib/mysql Config files: * THIS IS THE REAL ONE: /etc/mysql/conf.d/mysql.cnf * /etc/mysql/my.cnf . . . systemctl restart mariadb Tuning code wget https://raw.githubusercontent.com/BMDan/tuning-primer.sh/main/tuning-primer.sh . . . from 10.1 to 10.3 Following directions from https://mariadb.com/docs/deploy/upgrade-community-server-cs103-debian9/ . . .
2K - last updated 2023-02-17 09:14 UTC by Dan
apache
Config is in /etc/apache2/ ==Useful Apache Commands== Enable / Disable: a2ensite fruitcake.ca a2dissite . . . reload apache2 * [[php dot ini]] * Enable [[https]] instructions here . . .
1K - last updated 2021-03-09 16:48 UTC by Dan
https
2020-03-18 * followed instructions at https://wiki.debian.org/LetsEncrypt * apt install python-certbot-apache . . . renew ; systemctl reload dovecot * test with https://www.ssllabs.com/ssltest/ * test with https://whynopadlock.com/ . . .
2K - last updated 2025-02-03 15:27 UTC by Dan
postfix-spf-dkim
Some time in 2020??? gmail started bouncing mail from bonmot. Add: SPF thing: First try: IN TXT "v=spf1 . . . ip4:5.39.78.158 ~all" but then this tool: https://www.spfwizard.net/ says to just use: bonmot.ca. . . . IN TXT "v=spf1 mx a -all" and test with https://www.dmarcanalyzer.com/spf/checker/ DMARC: Use . . . DMARC wizard https://dmarcian.com/dmarc-record-wizard/ to create: . . . adkim=s; aspf=s;" DKIM: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy . . .
1K - last updated 2023-03-10 08:15 UTC by Dan
17 pages found.