Sysadmins of the North, a technical blog in English and Dutch

Sticky!

In mijn dagelijkse werk als systeembeheerder kom ik nog te vaak tegen dat websites van klanten gehackt of aangepast worden. Websites worden voorzien van iframes of andere codes. Of iets simpels als dat men geen e-mail meer kan versturen of ontvangen omdat een virusscanner instellingen heeft aangepast. Vaak is de computerbeveiliging niet op orde waardoor websites worden gehackt, spam verzonden en bankrekeningen via internetbankieren geplunderd.
Gezien het aantal artikelen over computerbeveiliging en tips daarvoor betekent dit dat de artikelen en/of materie te moeilijk, te onduidelijk, niet interessant of te complex is.

In dit artikel zal ik proberen een aantal tips te geven, in -hopelijk- normaal en begrijpelijk Nederlands.

Read More

Magento maintenance on IIS webservers

Magento Community Edition is a very popular ecommerce and webshop solution. And very bloated as we all know. Anywhere you run your Magento webshop, it’s important to carry out maintenance. Carrying out maintenance on a regular basis optimizes Magento’s -and thus your website’s- speed and performance.
Two of such tasks are clearing out and emptying the MySQL database cache and log tables, and file system cache directories in /var. Most scripts and solutions out there are for Linux- and Unix webservers only. I decided to modify a Magento maintenance script to run on Windows Server and IIS too. For MySQL database optimization, it utilizes my MySQLi multi_query statement to optimize all MySQL tables in one statement.

Ask your hosting provider to schedule this script as a Windows Server scheduled task, for instance once a day, and you’ll notice a speed improvement of your Magento webshop. Next, add support for WinCache and your Magento webshop is very, very fast, even on IIS!

Read More

Mod_evasive

Mod_evasive is a module for Apache and IIS (with Helicon Ape), to provide protection and evasive action in the event of an HTTP DoS-, DDoS or bruteforce attack. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denies an IP address access to a website if it’s requesting the same page more than 10 times a second. This is configurable. Properly configured and tested, mod_evasive provides great security and protection from Denial of Service (DoS)- or Distributed Denial of Service (DDoS) attacks, and bruteforce attacks.

Read More

Umbraco listens to both http://example.com and http://www.example.com. This is not good for your Google ranking and SEO, since this will be seen as duplicate content. Fortunately, it is pretty easy to redirect your website to it’s www variant. Here you’ll learn how to accomplish this.

Read More

WordPress XMLRPC DDoS attacks?

Since today, I notice a huge increase in HTTP POST requests on WordPress xmlrpc.php, on multiple websites. Anyone got a clue what is causing this? Are you seeing this too? Please comment.
I’ll update this post when (if) more information comes available, might it be something new.

This could be related to WordPress’ xmlrpc.php pingback DDoS vulnerability discoverd last March and reported by Sucuri, or it may be related to the WordPress pingback vulnerability reported by Acunetix. But it might be something new as well.

Read More

IIS loves to tell the world that a website runs on IIS, it does so with the Server response header as shown below. In this post I’ll show you how to rewrite and remove unwanted response headers in IIS, because we don’t want to give hackers too much information about our servers.

Read More

When the .svc web service handler doesn’t work on IIS 8.0 with ASP.NET 4.5

When a WCF web service returns a 404 Not Found error, after installing the HTTP-Activation feature in IIS, then you might need to add an extra Handler to your IIS configuration:

• Request path: *.svc
• Type:

  System.ServiceModel.Activation.ServiceHttpHandlerFactory, 
  System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, 
  PublicKeyToken=31bf3856ad364e35

• Name: svc-Integrated-4.0

Read More

Everyone wants a fast loading website, whether it’s based on WordPress, Drupal, Joomla, or something else. For WordPress, a lot of posts are available here to optimize WordPress performance, and Drupal can easily be improved with the BOOST module. But what about Joomla?

Here are three basic tips to improve Joomla performance and loading speed. All changes can be made through the administrator back-end of Joomla, or by downloading and editing the configuration.php file.

Read More

Jason Deacon, from Australia’s design and development company Wiliam , writes about how to use a back-end instance of Umbraco 7, which is completely decoupled from the front-end (an ASP.NET MVC 5 site).

Decoupling Umbraco
Our approach leverages a file called “Umbraco.config” which is really just a XML file which Umbraco publishes all its public content to whenever a node is published in the interface. This XML structure mirrors the document types and properties of the site structure populated in Umbraco and therefore offers the perfect snapshot of the content the site can serve, without having to query a database for it.

Read Decoupling Umbraco from your front-end website.

At Vevida, we like to help our customers as much as possible. Even with optimizing a MySQL database if they don’t ask for it (when they don’t know performance can be improved), just because we spot a slow query in our slow-query log.

The other day I spotted the following in MySQL slow-query log:

# Time: 140605 16:41:34
# User@Host: database[database] @ server-01.example.com [1.1.11.111]
# Thread_id: 4660034  Schema: database  QC_hit: No
# Query_time: 3.010892  Lock_time: 0.000062  Rows_sent: 872  Rows_examined: 8035
use database;
SET timestamp=1401979294;
SELECT * FROM sContent WHERE sYear = '2014' AND sPublish = 1 and ('2014-06-05 16:41:30' Between sVisible_from And sVisible_untill or sVisible_unlimited

Roughly 3 seconds to examine 8035 and send 872 rows. That must be a good canidate for optimization, so I started with examining the query.

Read More

Let’s continue on the PGP (GnuPG, OpenPGP) and email security/privacy topics. Riseup put together an OpenPGP Best Practises guide.