Web servers sometimes get lots of requests from bots looking to exploit security holes. For example previously I have written about brute force WordPress login attempts. Attacks like these can involve thousands of IP addresses and how you block the attack depends on how many unique IPs are involved and the frequency with which they are used. Here’s how you can find out.
Continue reading
linux server administration
Upgrading from Debian Squeeze to Debian Wheezy
The latest Debian stable version named Wheezy was recently released. It is possible to upgrade from Squeeze to Wheezy without reinstalling the operating system from scratch. Let’s look at how that can be done.
Localhost as remote host in Apache log file
I recently noticed something weird in my Apache access log files. There were entries like this:
abdussamad.com:80 localhost - - [09/May/2013:14:26:47 +0500] "POST /wp-login.php HTTP/1.0" 200 3784 "abdussamad.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" |
Now the second column above is supposed to contain the remote host that made this request i.e. the user’s computer. But here it is shown as localhost. One possibility is that the requests originated on my server but I ruled that out. So how is this possible?
Stop Brute Force WordPress Login Attempts with Fail2Ban
WordPress is the most popular content management system for websites and as a result it attracts a lot of automated attempts at brute force login. Blocking such bots before they get very far is the topic of this post.
Continue reading
Debian Linux: Setting the timezone and synchronizing time with NTP
I have previously written about setting the time and timezone in CentOS. Setting the timezone is much easier in Debian.