On ubuntu server running icecast, when i try enable SSL as per CentovaCast Enable SSL on icecast, i get following error
|
1 |
connection/get_ssl_certificate No SSL capability |
I don’t compile my own icecast installation as it use Ubunu version of icecast, that get updated using apt. Instead of getting icecast serve steam using SSL, i installed Nginx, and proxy traffic […]
To block hotlink protection or bandwidth stealing, you can add following to server configuration of your web site.
|
1 2 3 4 5 |
valid_referers none yourdomain.tld www.yourdomain.tld; if ($invalid_referer) { return 403; } |
If you need to allow hotlink from a specific domain, you can edit the valid_referers line and add the url. If you only want to limit access to images and videos, you can put above code […]
When adding custom SSL on Nginx Proxy Manager, i get following error. Upload failed: Certificate Key is not valid (Command failed: openssl ec -in /tmp/15dbf072-4022-aee94-0f88e4fb8d86/tmp -check -noout 2>&1 ) I tried upgrading Nginx Proxy Manager to latest version with following commands
|
1 2 3 |
cd ~/nginx-proxy-manager/ docker-compose down docker-compose down |
Even after the upgrade this error persist. I checked logs for the docker […]
When creating a wordpress web site on EasyEngine, i get following error
|
1 2 3 4 5 6 7 |
root@ee:~# ee site create smartandsolar.serverok.in --wp Starting site creation. Warning: Could not create user smartandsolar.serverok.in-8LHl6l. Please check logs. Warning: Initiating clean-up. Success: Site smartandsolar.serverok.in deleted. Report bugs here: https://github.com/EasyEngine/site-type-wp root@ee:~# |
This is because EasyEngine try to create a WordPress admin user, that failed to create due to length. To fix the error, you can specify a shorter wordpress admin user name with option –admin-user=admin
|
1 |
ee site create smartandsolar.serverok.in --wp --admin-user=admin |
See EasyEngine […]
When using git version control to deploy application, many forget to secure .git folder. This allows anyone to clone your git repository. If you have any credentials commited to your git version control, then hacker will be able to gain access. To avoid this, it is better plan the git repo in a way you […]
Nginx status is provided by http_stub_status module. To verify if your Nginx is installed with this module, run
|
1 |
nginx -V 2>&1 | grep -o with-http_stub_status_module |
If the result shows “with-http_stub_status_module”, you have the module installed. To enbale stats edit nginx configuration file for your web site, add following code
|
1 2 3 |
location /nginx_status { stub_status; } |
To linmit access to this page, you can use allow
|
1 2 3 4 5 6 |
location /nginx_status { stub_status; allow 127.0.0.1; allow YOUR_IP_HERE; deny all; } |
[…]
When i login to a PrestaShop web site, i get error on a Plesk server.
|
1 |
502 Bad Gateway |
On checking error login for the site in folder /var/www/vhosts/domain.com/logs/proxy_error_log, i found following error message proxy_error_log:2020/11/25 19:41:41 [error] 1809#0: *39664 upstream sent too big header while reading response header from upstream, client: 59.92.71.53, server: tulivesi.com, request: “POST /en/login?back=my-account HTTP/2.0”, […]
On Ubuntu/Debian, install nginx geoip module with
|
1 |
apt install geoip-database libgeoip1 libnginx-mod-http-geoip -y |
Now edit nginx.conf
|
1 |
vi /etc/nginx/nginx.conf |
Find
|
1 |
http { |
Add below
|
1 2 3 4 5 6 7 |
geoip_country /usr/share/GeoIP/GeoIP.dat; map $geoip_country_code $my_country_blocker { default no; US yes; AU yes; CA yes; } |
You can add 2 letter country code and set ye/no as required. To implement GeoIP blocking for a web site, you need to edit server entry for the web site. In this cause, i will use the default […]
Start Nginx
|
1 |
nginx |
Stop Nginx
|
1 |
nginx -s stop |
Reload Nginx
|
1 |
nginx -s reload |
Test Nginx configuration
|
1 |
nginx -t |
See Nginx […]
Install Requirements CentOS/RHEL/Fedora
|
1 |
yum install glib2-devel openssl-devel pcre-devel bzip2-devel gzip-devel |
Ubuntu/Debian
|
1 |
apt-get install libpcre3-dev |
Create nginx user
|
1 |
useradd -c "Nginx user" -s /bin/false -r -d /var/lib/nginx nginx |
Downoad and insta Nginx You can download latest version of Nginx source code from https://nginx.org/en/download.html To install version 1.19.2, run
|
1 2 3 4 5 6 7 |
cd /usr/local/src wget https://nginx.org/download/nginx-1.19.2.tar.gz tar xvf nginx-1.19.2.tar.gz cd nginx-1.19.2 ./configure --user=nginx --group=nginx --prefix=/usr/share --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/log/run/nginx.pid --lock-path=/var/log/lock/subsys/nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_mp4_module --with-http_secure_link_module --with-http_v2_module make make install |
Test Nginx To start nginx run
|
1 |
/usr/sbin/nginx |
Configuration file is at
|
1 |
/etc/nginx/nginx.conf |
See Nginx […]