Category: Linux

How to disable ModSecurity rules

gintautas

1. View ModSecurity Audit Log File.

  • We need to first find the rules that are being triggered by ModSecurity on your webserver.
  • Open the tail end of the ModSecurity log file called modsec_audit.log to view the last entries made to the log file.
  • For Apache2 servers it is located in /var/log/apache2/ 
  • Open the Terminal Window and enter :
sudo tail /var/log/apache2/modsec_audit.log --lines 60 | less
  • The output should look similar to this screenshot below.
  • Look for Access denied with code 403 and work backwards to find the start of the rule entry based on the log entry id.
  • In this case the log entry ID is –00aee77f (see marked in yellow)
  • Find the GET item – in this example it is /modern-classic (see marked in blue)
  • Find the ModSecurity rule that was triggered by the GET – in this example the rule id 958291 (see marked in purple)

Read More

One Liner Command to Check If Linux Process is Running

gintautas
I would like to share one liner command to check if a Linux process is running. Below is the one liner command and you can replace “sendmail” to any process you want to check: –

chkdaemon="sendmail" ; ! pgrep $chkdaemon >/dev/null && echo "$chkdaemon not running" || echo "$chkdaemon is running"

I will be sharing more useful commands. Thank you and have fun.

Setup Relay Host Port and SMTP Authentication Client in Postfix

gintautas

This setup will help you to route all outgoing email through your ISP SMTP server using different port number and that SMTP server requires you to authenticate before relaying. For this scenario, the ISP SMTP server is Exim.
1. Edit this file /etc/postfix/main.cf and add relayhost to point to your ISP SMTP server with port number as below: –
relayhost = mail.example.com:2525
2. Add the next parameter to allow Postfix to authenticate before relaying outgoing email as below: –
smtp_sasl_auth_enable = yes Read More

Create CSR using OpenSSL Without Prompt (Non-Interactive)

gintautas

In this article you’ll find how to generate CSR (Certificate Signing Request) using OpenSSL from the Linux command line, without being prompted for values which go in the certificate’s subject field.
In the first example, i’ll show how to create both CSR and the new private key in one command.
And in the second example, you’ll find how to generate CSR from the existing key (if you already have the private key and want to keep it).
Both examples show how to create CSR using OpenSSL non-interactively (without being prompted for subject), so you can use them in any shell scripts. Read More

Test HAProxy

gintautas

To check whether HAproxy is working properly, we can do the following.
First, prepare test.php file with the following content:

< ?php
header('Content-Type: text/plain');
echo "Server IP: ".$_SERVER['SERVER_ADDR'];
echo "\nX-Forwarded-for: ".$_SERVER['HTTP_X_FORWARDED_FOR'];
?>

Read More

Using inotify-tools to watch a directory and take action

gintautas

The inotify-tools can be used to watch a directory or file for activity and take an action when a file is changed, added, edited or simply read. You can find a workaround (or call it solution) for the absence of the inotify-tools in the repositories here.
Sometimes, for various reasons, a directory needs to be watched for new files, file changes, etc. When a change occurs, a certain action should be taken, like copying the files elsewhere or send an email with to notify someone of the changes. There are a lot of such imaginable scenarios to think of. Read More