Sysadmins of the North is just another technical blog, like so many others out there. Most posts are written in English, some in Dutch. For the most part, I write as it comes; posts may seem incoherently written sometimes (my apologies). Here on Saotn.org you’ll find all kinds of computer, server, web, sysadmin, database and security related stuff. Browse the latest posts per category here, search for posts, or make a selection from the categories menu.

 
Drop me a comment somewhere to say hi, or discuss about security, website or WordPress, MySQL optimization and performance, Windows Server and IIS web server topics.
 

 

 

 

High-risk vulnerabilities in TheCartPress leaves WordPress sites at risk

TheCartPress eCommerce Shopping Cart – a popular WordPress e-commerce plugin that is actively used on over 5,000 websites – contains high-risk vulnerabilities that can be exploited to compromise customers’ data, execute arbitrary PHP code, and perform Cross-Site Scripting attacks against users of WordPress installations, claim High-Tech Bridge researchers. Users are advised to disable or remove the plugin.

Read more

Tunnel RDP through SSH

Remote Desktop through SSH/PuTTY

In a situation where you need to perform remote administration on a Windows Server, and the RDP port 3389 is blocked on a firewall, you can tunnel Remote Desktop through SSH with PuTTY. This particulary comes in handy when there is no VPN available to the remote network…

Read more

Send authenticated email over TLS from Zen Cart

Zen Cart is an open source shopping cart software. Unfortunately, Zen Cart has some difficulties sending email from a website. Here is how to let Zen Cart send email over an encrypted TLS connection, when the following condition is met: StartTLS is required. Upon investigating why Zen Cart couldn’t send authenticated SMTP over a TLS secured connection using StartTLS, I noticed two problems: …

Read more

XSS Vulnerability Affecting Multiple WordPress Plugins

Where the Vevida Optimizer WordPress plugin kept plugins on all my WordPress sites up-2-date

Sucuri reports that multiple WordPress plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within WordPress. If you haven’t configured automatic updates for WordPress plugins, please update NOW!

Read more

Secure WordPress wp-content/uploads folder, disable PHP execution

In many hacked WordPress sites, a PHP backdoor is found within the WP_CONTENT_DIR/uploads directory. Often because this is the location where uploads are placed automatically. From the backdoor within wp-content/uploads other backdoors are uploaded to various locations, and scripts are injected with malware.

The following PHP function will disable the execution of PHP scripts in wp-content/uploads, on IIS web servers.
Read more

Vevida WordPress Optimizer plugin

Easily configure automatic updates from the WordPress Dashboard, and modernize your MySQL database.

Installing WordPress is one thing, keeping it up to date is something else. Each week brings new bugs or potential attack scenarios that will make a WordPress website vulnerable to hacks. Enabling automatic updates for all or at least most parts of WordPress solves a large number of problems with irregularly maintained WordPress websites.

Read more

Monitor Windows services with PowerShell

Start, stop, restart and monitor services with PowerShell Get-Service and Start-Service cmdlets

As a Windows Server and IIS administrator, you’ll want your Windows services to run at all times. One can monitor Windows services in many, many, ways. Some of our customers websites may depend on certain services, which may be hard to monitor externally. For those Windows services that need local monitoring, I like to schedule a PowerShell script. Here is one…

Read more

IIS application pool recycle on specific times, not regular time interval

By default, an IIS application pool (an “AppPool” hereinafter) recycles on a regular time interval of 1740 minutes, or 29 hours. One reason for this time interval is that application pool don’t recycle at the same moment every day (every day at 07.00 for example). However, sometimes you may want to change this regular time interval to specific times. And when you try to confingure this in IIS Manager, it gives you an error. Luckily, appcmd comes to the rescue!

Read more

Turn off swap

turn off swap in Linux

Not every Linux server I administer needs to have a swap partition and to start swapping. For instance, the MySQL servers I maintain all have more than enough RAM on board to do their work. Yet, when a swap partition is enabled Linux starts swapping, which may degrade MySQL database performance…

Read more

Open-Xchange Power-ing up

Open-Xchange stays on the takeover path: On stage live at World Hosting Day in Rust today Rafael Laguna (CEO, Open-Xchange) had the privilege of announcing that we’ve done it again – we’re merging with another pioneer in the open source and domain communities, Netherlands-based software company PowerDNS.


Read the announcement: Open-Xchange Power-ing up

Open-Xchange and Dovecot announce merger to create world’s leading open source messaging software provider

Yesterday, Open-Xchange AG and Dovecot OY announced the completion of a merger between the two companies. The combined company is now the world’s leading provider of open source cloud software for ISPs, telcos and cable companies providing one point of contact for an integrated solution – from email backend to application frontend. Under the terms of the merger, Dovecot has become a subsidiary of Open-Xchange.


Read the announcement: Open-Xchange and Dovecot announce merger to create world’s leading open source messaging software provider

PHP, MySQL and IPv6: still slow

Years ago, I noticed that PHP connections to MySQL were significantly slower over IPV6 (where a hostname has an IPv6 address or AAAA record), when no MySQL service is listening on that address. The connection is refused, and PHP has to fallback to IPv4. The fallback takes a significant amount of time. Too much time if you’d asked me. Unfortunately this fallback to IPv4 is still slow today…

Read more

Software deployment through WDS

Install software packages during a Windows Deployment Services (WDS) deployment, without Microsoft Deployment Workbench (available in the Microsoft Deployment Toolkit, or MDT).

In my environment, I had to set up a new Windows Deployment Services (WDS) configuration for Windows 8.1 Enterprise. To roll out in our office (some 20+ workstations). I wanted to install some additional software at the same time, without using Microsoft Deployment Workbench, because I find the interface too slow. The solution? Read on…

Read more

Monit monitoring on Ubuntu 14.04 VM on Hyper-V

Monitor websites and services with Monit on Ubuntu 14.04 LTS on Hyper-V, on either Windows Server 2012 R2 or Windows 8.1.

This post is about setting up a monitoring service using Monit. Monit is a free and open source service monitoring application which can perform various event-based actions. Monit can send email notifications, restart a service or application, or take other responsive actions. We set Monit up on a Ubuntu 14.04 VM, built on Hyper-V. And we use Monit to monitor several websites, and send out notifications on downtime.

Read more

ITFAQ.nl

For my more novice Dutch readers, I started a new website project: ITFAQ.nl. A website dedicated to explain commonly used computer and internet techniques. Some of the topics include: What is DNS?, How do I edit wp-config.php through FTP?, How do I send an email with telnet?, and so on.

Read more