To periodically backup the configuration of our new routers with Mikrotik RouterOS, I wanted to have a cronjob: get an export of the active configuration, perhaps even a system backup, store in a backup folder and keep them for a defined retention period.
The importance of a certain anti-spam-method is not always easy to measure: with DKIM, the DomainKeys Identified Mail, it gets harder again.
Völlig unerwartet (haha…) kam es heute zu Problemen beim Upgrade von Debian, das Plesk 11.5 erdulden darf.
After setting up and using the previously described solution to store syslogs in a MySQL-database, we quickly ran in some issues:
- the MySQL table did consume a lot of disk space
- “expiring” entries (read: deleting all entries older than 7 days) did also consume a lot of time and did not reset the auto_increment counter
- a full text search could take so long that Nginx resettet the connection to the PHP5-FPM process, yielding in a fatal error
To solve this issues, we switched from MySQL to MongoDB. Syslog-NG supports this backend natively as well, so the switch was without any major interruption.
Continue reading Storing Syslogs with MongoDB and Syslog-NG
For our webhosting servers, we still rely on Confixx. Initially created by “Yippie-Yeah GmbH” in Germany, which was then bought by SW-Soft and is now discontinued by Parallels after being the most popular webhosting control panel in Germany.
Unfortunenately, development ended already in 2012: the web interface, which still contains unaltered parts from Confixx 2.0 and older, merely got support for PHP 5.3. Support for PHP 5.4 is missing and will not be published by Parallels at all.
For our hosting servers we partially rely on ISPConfig as the hosting interface our customers may use to configure their services.
Previously, I wrote articles in German only. This is my first language, so I am naturally confident in writing and publishing texts.
But when trying to solve tech problems, I had to experience that posts or articles in German could not reach the technical level I had in the problems – instead, I specialized in reading English articles, which tend to solve my problems way faster than just German contents. This resulted in me altering my browser(s) as well: when changing the preferation of the accepted language (in technical terms: the content of the HTTP header “Accept-Language”) from German first to English first, Google (and other search engines like DuckDuckGo) presented the – in my opinion – better search results faster.
Realizing this, I made a decision: I will try to write articles about technical problems like my tutorial for Syslog-NG from now on in english: this should not only broaden the reader spectrum, but also – hopefully – result in me writing (and possibly speaking) better English 🙂
“Personal” issues like the new office will be and stay written in German.
For any mistakes in the written (english) word I apologize in advance and hope to be corrected and not banned from writing any more 🙂
When administrating a larger farm of servers, not only the security gain gives enough reasons to archive syslog messages at a central location: after a remote server has been compromised those logs may not be altered by the attacker. Additionally, logs may be analyzed over all hosts at the same time.
Die Alternativen an Webserver-Software sind eigentlich recht überschaubar, wobei jede eine gewisse Daseinsberechtigung aufweist.
Aktuell läuft eine größere Angriffswelle gegen WordPress-Installationen, bei denen versucht wird, mittels Wörterbuchattacke den Account “admin” zu knacken.
WordPress führt dabei nach einem erfolgreichen Login auf der “wp-login.php” einen 302-Redirect durch, fehlgeschlagene Logins hingegen werden mit dem HTTP-Status-Code 200 im Access-Log aufgezeichnet.