Recent Questions - Server Fault |
- Rebuild installed nginx (openresty) with extra module
- Cloud DNS setup correctly, but when trying to login to wp-admin, it will route to ip address
- Dynamic NVM node path for service unit file
- VirtualGL desktop on headless Ubuntu
- iostat 100%util when not reading/writing much
- Unable to Downgrade OpenSSL from openssl-1.0.2k to openssl-1.0.1e-58 due to openssl-libs-1:1.0.2k-25.el6 dependencies
- What could be the reason for about 10x memory usage after upgrade from Apache 2.2 to 2.4?
- GoDaddy/DNS Configurations for AWS CloudFront
- OpenVPN - How to suppress WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
- DNS Server - how to differentiate clients?
- What's it called? Feature in remote desktop software? Client is told to put a code in a website which starts a remote desktop session?
- Azure new Virtual Machine Windows Server 2022 can't make IIS work for a simple website
- Nginx reverse proxy through wireguard tunnel
- Windows Server 2012 R2 - Adding Cipher
- Tomcat servlet will not complete websocket connection
- Nginx: CSS and JS files inside my wordpress blog directory are served wrong
- Change External NIC to Public on Windows Server 2016
- Logon options greyed out for AD FS Service
- Office 2013 Slow to Open/Save with Folder Redirection
- pgpool2 parallel mode: Non-superusers must provide a password in the connection string
- Intermittent communication issues with Office 365 (Exchange Online)
- Setting variable depending on NAS-IP-Address in Freeradius
- How to restore Ubuntu server on a VMWare image after disk failure?
- Mapping UID and GID of local user to the mounted NFS share
- MS SQL 2008 - Can I use Windows Authentication to connect from a Mac
- How do I configure MailScanner to use a remote clamd?
- Apache RewriteRule Proxy has bad headers
- best way of testing HD throughput for random reads on linux
- Exporting logon/logoff events from Windows event log
- problems connecting through vncviewer
| Rebuild installed nginx (openresty) with extra module Posted: 01 Jul 2022 06:15 PM PDT I have an Openresty installation with the following
Wrapped argument list for better readability:
I tried to simply copy all arguments and add The bottomline is: I need to install Thanks! |
| Cloud DNS setup correctly, but when trying to login to wp-admin, it will route to ip address Posted: 01 Jul 2022 04:46 PM PDT Cloud DNS setup correctly, dig +trace swisstar.com.tw received 60 bytes in 50 ms, but when trying to login to wp-admin, it will route to ip address. Any suggestion where I should look into? Thanks |
| Dynamic NVM node path for service unit file Posted: 01 Jul 2022 04:42 PM PDT I recently migrated from using node installed on my Ubuntu server to using NVM to manage my node, but the issue is the application I use on this server uses a Line: Full File: |
| VirtualGL desktop on headless Ubuntu Posted: 01 Jul 2022 04:12 PM PDT I'm trying to get an Ubuntu VM to have a persistent desktop with GPU enabled. The remote access to it would be something like Chrome Remote Desktop, but I don't actually care about trying to improve that experience. What I need is the VM to have a desktop and capture it through OBS. It seems like xpra and virtualgl will do what I want, but I'm having trouble putting them together in a useful way. If I try to use virtualgl to run startx or startplasma-x11, it doesn't seem to help the session and OBS framerate is still terrible. If I attach it to the same display number that CRD uses when it connects, the CRD session just comes up black. I've been able to use virtualgl to launch OBS in the session, but that doesn't seem to help as the desktop environment is still being rendered without GPU so the framerate is terrible. Here are some options I've added to my xorg.conf, I'm not really sure what else to configure. |
| iostat 100%util when not reading/writing much Posted: 01 Jul 2022 03:44 PM PDT I have a standalone server that recently started to produce strange data in the I am confused with the information that I receive and I am stuck in my investigation. Is there any way to see what is going on? My system is built of two disks in RAID 1 array. Thank you for any input. Best regards, Maciej |
| Posted: 01 Jul 2022 02:42 PM PDT Due to issues with old CentOS6 machines and the Let's Encrypt root certificate that recently expired I found a solution online which involves installing a Patched version of openssl-1.0.2k from CentOS7. This is something I've done before and it always worked perfectly, however, in one specific server, as soon as I installed this version of OpenSSL, for some reason sshd threw a segmentation fault and now it doesn't start throwing this error: So I just tried Downgrading OpenSSL to the previous version, but since openssl1.0.2k now uses a seperate package (openssl-libs), when I try to downgrade I just get this error Manually removing openssl-libs doesn't work either cause pretty much everything depends on it, including yum. Does anyone know how I can ignore this dependency while downgrading? Or perhaps install the old version while ignoring if a newer version is installed? |
| What could be the reason for about 10x memory usage after upgrade from Apache 2.2 to 2.4? Posted: 01 Jul 2022 01:00 PM PDT I have used Apache 2.2 with PHP 7.1 on Linux for years and have recently upgraded to Apache 2.4 with PHP 8.1 After the upgrade, the processes spawned by Apache have gone from about 200MB to 2GB in RAM usage. I use these modules: Is there anything obvious or commonly seen that could be the reason for this massive increase in RAM usage? |
| GoDaddy/DNS Configurations for AWS CloudFront Posted: 01 Jul 2022 12:10 PM PDT I have a domain called, say, What specific DNS configurations (A record, CNAME, etc.) do I need to make to my domain in GoDaddy, and what specific CloudFront configurations do I need to make, so that going to My understanding is that you can't use CNAMEs with domain names (only subdomains) and that A records require specific IP addresses. However the IP address of a CloudFront distribution will constantly change. |
| Posted: 01 Jul 2022 11:47 AM PDT In OpenVPN GUI, I am getting the red message
I do not want to always re-type my password again and again. Is there a way to suppress the warning without using the I do not want to get myself used to habitually ignoring a red warning in the log dialog. This bad habit might prevent me from noticing an actual issue in the future. We have I want to emphasize that I am not choosing between security and convenience, but I am asking for higher security! Multiple internet sources I found on this warning (e.g. here, here or here) tell that the risk is minimal. However the risk that I become used to ignore warnings seems much higher to me. |
| DNS Server - how to differentiate clients? Posted: 01 Jul 2022 05:48 PM PDT I am running my own DNS server on a remote machine using Bind9. This server is currently only used by machines that are connected to the same router. The problem that I am having is that as the DNS server is used on a single network, all of the client machines that connect to it have the same external IP. So, when I am going through the logs, I can't differentiate which client machine each query or issue came from. I cannot move the DNS server locally so it is on the same network as the machines. Is there anyway around this? |
| Posted: 01 Jul 2022 04:42 PM PDT I saw it once while I was fixing this one guys computer. We went to a website and put some numbers in a box. These numbers then prompted an executable which we downloaded and ran, which then started a single-use remote desktop session. I also see scammers using this method all the time. Is this possible on Teamviewer? What is this feature called, and does it even have a name? I know I could just send then a Teamviewer link and have them text a picture of a link, but having a one step process is like really nice. |
| Azure new Virtual Machine Windows Server 2022 can't make IIS work for a simple website Posted: 01 Jul 2022 06:52 PM PDT I got a new Azure Virtual machine server 2022 datacenter edition, they don't have the option "endpoints" where you configure the port 80 for http, I tried option "networking" 'add Inbound port rule' nada, the issue is: I can't see the website from outside. then I went to 'connection troubleshoot' the result is 'network connectivity allowed' but the website still not working, I checked the IIS setup all seems fine. seems like I'm missing something but I can't find it. is there any step that I need to follow to allow IIS to work? I went to azure support they want to charge me $XX. I have a classic Azure virtual machine windows server 2012 that I run a very html simple website, I remembered to used the option "endpoints" where you configure the port 80 for http. I will need to make a .Net core web API application to work, since the .Net API application doesn't work on Windows server 2012 r2. Any help please will be appreciated!! |
| Nginx reverse proxy through wireguard tunnel Posted: 01 Jul 2022 06:29 PM PDT I set up a wireguard tunnel between an AWS instance (acting as server) and a personal computer acting as client. Wireguard is installed on both in a docker container (using linuxserver image). On the local computer I have a website that I would like to access from the server using a proxy with Nginx. Basically I want to connect to the ip of the AWS instance and be redirected through the Wireguard tunnel to the website on my local machine. I can curl my website from the docker container of Nginx on the AWS instance but the proxy doesn't work. How can I solve this problem? AWS instance (Wireguard server and Nginx proxy) Nginx configuration of the proxy: Local machine with Wireguard and local website: |
| Windows Server 2012 R2 - Adding Cipher Posted: 01 Jul 2022 05:04 PM PDT this might be a complete newbee question. I have an 2012 R2 Server on which an application should call a partner who only offers the following ciphers: (0xc02f) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 (eq. 3072 bits RSA) FS 128 (0xc030) TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 (eq. 3072 bits RSA) FS If i check schnannel reg key my system offers: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA SSL_CK_RC4_128_WITH_MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 Can i just add the cipher in the regkey and restart or do i have to make an update of some kind? Best Regards Moritz |
| Tomcat servlet will not complete websocket connection Posted: 01 Jul 2022 03:06 PM PDT I am moving a set working servlets from one server to another I have about 5 servlets running from the old server all are OK, except the one servlet that has 3 websocket connections. Everything else runs in the servlet but the websockets. Tomcat is reverse proxied behind apache. My configuration for one of the reverse proxies Output from apache error_log LogLevel debug proxy:trace5 The last line says 'http' released connection? is that apache? Output from apache access_log a 404 It appears that maybe apache is dropping the connection? But why? I removed the reverse proxy connecting to tomcat directly at URL:8080 and the websockets were fine. It appears Apache reverse-proxy from 2.2 to 2.4 is screwing the pooch. Edit # 1 Here are the logs (LogLevel debug)of a working 2.2 server and my new 2.4 server during revers proxy The most obvious difference is the 2.2 working server is proxying to a wss: address while the 2.4 broken server is proxying to a http: address. I don't know if that is a logging bug or an error on the proxy service. I don't see wstunnel being used at all in the broken server? Edit #2 Finally a brake through of sorts. I noticed that the proxy_fcgi was being called on the web-socket address and failing, so I removed it's LoadModule and now proxy_wstunnel was called though it failed with a [Hint: SSLProxyEngine] So I enabled SSProxyEngine at the top of the reverseProxy.conf SSLProxyEngine on It now gets even farther, actually connecting the websocket but it fails in the SSL module: Here is the log Almost there!!!! now proxy.c is Running the wss sceme and the address of the URL is wss://localhost:8080/AdminConsole?userName=derricks&source=web Which is the URL my client has always sent! The error is in the SSL module SSL Library Error: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol Looking for a solution??? edit 3 I can connect to this server using https:/IP because the old server that this is replacing is using the correct DNS IP<-> domain name. I installed the certificates form that server becasue I will be swapping IP's soon. I wonder if that is the reason for the error? edit 4 Still looking for a solution to this. When I try to proxy the websocket I get this error in the httpd error_log with loglevel debug the pertinent lines It was suggested I move the reverse proxy inside the vhost section so here that is |
| Nginx: CSS and JS files inside my wordpress blog directory are served wrong Posted: 01 Jul 2022 02:03 PM PDT I set up an Amazon ec2 LEMP server for my photography website, which previously was on apache, which I'm a lot more familiar with. I have everything running generally ok, except for in the blog directory. The CSS and JS files seem to be served by PHP and have content type text/html, for example here are the response headers for my theme's stylesheet ( vs the headers for my own stylesheet ( I've read lots of threads that deal with very similar problems. However, I'm confused because my problem is confined to the A few of the other questions/answers I read mentioned I changed it: and restarted nginx via Can't imagine what I'm missing.. Ready to throw in the towel and switch back to apache.. :( Anyone see what I missed? UPDATE: Config files /etc/nginx/nginx.conf: /etc/nginx/sites-available/mikewillisphotography.com.conf /etc/nginx/sites-available/includes/php.conf /etc/nginx/sites-available/includes/wordpress.conf |
| Change External NIC to Public on Windows Server 2016 Posted: 01 Jul 2022 03:06 PM PDT I've got a cloud network: 192.168.100.0/24 with:
In Windows Network Sharing Center I've disabled the External NIC for obvious security reasons. However I would like to make my NIC1 'public' instead of 'Domain Network'. This way I can use Windows Firewall to block all traffic on the Public profile except Updates and other important traffic. Why not over the Pfsense? Due to bandwith limitations of my provider and VPS's. How can I change my external NIC (NIC1 on WinServer2016) to Public? |
| Logon options greyed out for AD FS Service Posted: 01 Jul 2022 05:01 PM PDT I am trying to change the service account for AD FS service. I go to services.msc and pull up the settings for Active Directory Federation Services. In the Logon tab, the options to change the service account are greyed out. Is there anything I can do to enable this option to make the change? |
| Office 2013 Slow to Open/Save with Folder Redirection Posted: 01 Jul 2022 12:05 PM PDT We recently deployed folder redirection for a few individuals in the office. We are using a DFS Namespace share on a Server 2012r2 VM. We are redirecting Desktop and My Documents only. Clients are running 8.1 and 7. When using Word/Excel 2013, there is a popup that says "trying to connect to: \\DFSNAME\userfolder" and its stays there for 1-5 minutes before the browse window opens. This also occurs when trying to attach a file to an email in outlook. There are no delays if the file is double clicked on their desktop. We've tried the following solutions (whcih seemed to describe our problem perfectly aside from the version):
The only thing that is different about this deployment of Folder Redirection is permissions. Instead of following the standard checkbox of exclusive access we used this ancient guide from microsoft - http://support.microsoft.com/kb/288991/. Could our permissions be causing these weird issues? |
| pgpool2 parallel mode: Non-superusers must provide a password in the connection string Posted: 01 Jul 2022 01:01 PM PDT I have two AWS RDS postgres nodes backing a parallel mode pgpool setup on EC2. After using pgbench to populate test tables, I get odd behavior from test queries. Any query that uses a function produces the error mentioned in the subject line, while other queries work as expected. Three examples showing success, expected failure, and unexpected failure: Success -- Yields the expected record set: Since the backing nodes are on RDS, md5 authentication is required. Authentication appears to be working fine in the case of non-function queries, as can be seen by replacing the correct password above with an incorrect one. Expected authentication failure: Here's the part that has me baffled -- If I put a function like min() or count() into the query, I get authentication problems: As can be seen from this last query, the password is supplied in the connection string (to the fronted, anyway) and it is the correct password as shown in the first query. Why would my first query work fine with no auth problems, but the third one fail? Have I overlooked a setting somewhere? Edit 2014-10-23: Adding more information. I added superuser privileges to user pgpool on the (frontend) system database and no longer get Turning on debugging for pgpool and looking in the log, I see the query being rewritten as the following, which, in the call to dblink, does not contain the password specified in the original connection string: |
| Intermittent communication issues with Office 365 (Exchange Online) Posted: 01 Jul 2022 01:01 PM PDT Four or five users (out of 30-35 users) at one of our office locations are having odd issues with Outlook 2010 and 2013 losing the connection to Office 365: Occasionally, when sending an email, the progress bar goes almost all the way to completed but then stays there. |
| Setting variable depending on NAS-IP-Address in Freeradius Posted: 01 Jul 2022 04:01 PM PDT The setupWe currently have a Freeradius server used to authenticate our Wifi users against our Active Directory server. The link between Freeradius and the Active Directory is done by Winbind. In order for the user to be able to obtain authorization, it needs to be belong to a group in the Activer Directory. This is done by adding an argument to the ntlm_auth command. What we are trying to achieveWe are now adding 802.1X to our cabled networks and would like to re-use the existing Radius server to authenticate against the same Active Directory. Everything will be the same except the authorization will need to be based on whether the user belongs to a different one than that of the Wifi networks. What we have already triedI have read many things on freeradius in the documentation and have seen that it is possible to use conditionnals and variables. My plan therefore was to put a variable in the ntlm_auth command that would contain the group SID (as suggested on Freeradius mailing-lists). The group SID would be dependent on the IP of the network device which should be contained in "NAS-IP-Address". This should just be a case of writing a simple conditionnal statement and setting a variable. Nonetheless, I have not been able to do this as Freeradius will not start everytime I try to add a conditionnal to the configuration files. So my questions are :
|
| How to restore Ubuntu server on a VMWare image after disk failure? Posted: 01 Jul 2022 12:05 PM PDT After a disk failure on a VMWare GSX I was able to start the raid with one disk and copy the VMWare image to my ESXi server. After repairing the image with and converting it to ESXi with I am not able to boot the image an just get and the cursor does not even blink. What are my options now? Is it possible to recover somehow with a rescue CD? What are the steps? UPDATE: I followed the advice to create a new Ubuntu server and add the VMWare image as new disk. However I get the following. I was trying to restore the superblock but had no luck with the following commands. The above printed several numbers (as described in http://linuxexpresso.wordpress.com/2010/03/31/repair-a-broken-ext4-superblock-in-ubuntu/). I just keep getting "The superblock could not be read...". Do I have any chance to get the data on this ext3 file system back? |
| Mapping UID and GID of local user to the mounted NFS share Posted: 01 Jul 2022 04:41 PM PDT I have a server with NFSv4. I am mounting contents of the home folder of remote user to local host. Able to read and write contents, but when I am checking ownership of files at the mounted volume from the local host, they all belongs to corresponding remote user and group (512). Is there any way to make it look like they belong to the local user and group (1000) on the local host? /etc/exports on remote host (IP is 192.168.1.110) /etc/fstab on local host (IP is 192.168.1.142) |
| MS SQL 2008 - Can I use Windows Authentication to connect from a Mac Posted: 01 Jul 2022 06:06 PM PDT I have been using Navicat SQL on Mac (Snow Leopard) to connect to MS 2005 via "Basic Auth" and all is good. However the DB is now being migrated to MS 2008 and try as I might I cant get on via Windows Auth. I get the message... [FreeTDS][SQL Server]Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [FreeTDS][SQL Server]Unable to connect to data source Any Ideas would be v greatfuly accepted. Many Thanks. |
| How do I configure MailScanner to use a remote clamd? Posted: 01 Jul 2022 05:04 PM PDT I decided to decrease the workload on my mail gateway by moving anti-virus processing to a separate server. I created the server, installed clamav-daemon on it, and tested it by running clamdscan from the mail gateway. Satisfied, I then changed MailScanner as following: I restarted mailscanner, and got the following result: Obviously, MailScanner is not sending the file to be scanned. Instead, it is just telling it to scan a file which, obviously, does not exist on clamd's server. I find it difficult to believe using clamd in this manner with mailscanner is not possible at all. Rather, I suspect I'm missing something. So... is it possible? If so, what configuration am I missing? |
| Apache RewriteRule Proxy has bad headers Posted: 01 Jul 2022 02:03 PM PDT Im trying to create a proxy from a location on our site to a thrird party's site. Eg http://www.mysite.com/cat -> proxys to http://www.cat.com This is the line from my config: The proxy essentially works, but the problem is that it returns an error 400 Bad Request. Looking at the Apache access log of the site im proxying to, the incoming request is: There is no referrer, host, anything. The server returns to the browser: Any ideas- any help would be great! Thanks |
| best way of testing HD throughput for random reads on linux Posted: 01 Jul 2022 02:57 PM PDT Is there a benchmark program I can use to measure random read speeds of a vps without interference from the kernel cache? Also looking for something where you can change the read sizes say 4k-64k. |
| Exporting logon/logoff events from Windows event log Posted: 01 Jul 2022 04:38 PM PDT Environment: Windows Server 2008 R2 with Samba 3.5 domain & OpenLDAP backend. Background: on our previous Terminal Server (Windows Server 2003) we used logon/logoff scripts to log user logins and logouts respectively to plain text files on a network drive. Unfortunately we couldn't capture the remote IP address, only the workstation name. Now that we're moving to Server 2008, we've discovered that the Event Log captures a huge amount of data - including the remote IP - but there doesn't seem to be an easy way to get the data that we want in the format that we want. There are several resources that might be a step in the right direction: My question is: do I try and get some sort of real-time export of events in human readable form (and how), or do I perform periodic parsing via a scheduled task (and how)? |
| problems connecting through vncviewer Posted: 01 Jul 2022 06:06 PM PDT I am currently connecting ok, but all that displays is a black screen in windows vncviewer. I looked at the log and this is what I got. Can someone help explain? |
| You are subscribed to email updates from Recent Questions - Server Fault. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment