Category Archives: Linux

wp_wfConfig too large

While debugging some bottlenecks in one of my servers…

i’v realised that one of my db queries to Wordfence tables were causing it.

Solution was to… uninstall wordfence – to clean all their tables – anda reinstall it.

After removing it 23:30, CPU usage and Load Average was a significantly reduced.

explainshell.com

write down a command-line to see the help text that matches each argument

 

Hello,

This site contains 29761 parsed manpages from sections 1 and 8 found in Ubuntu’s manpage repository. A lot of heuristics were used to extract the arguments of each program, and there are errors here and there, especially in manpages that have a non-standard layout.

It is written in Python and uses bashlex, a bit of NLTK (to find the interesting parts of the manpage), a little d3.js (for the connecting lines graphic) and Flask. It is served with uwsgi and nginx. Source code is available on github.

My name is Idan Kamara and you can contact me at idan at explainshell dot com for any questions or suggestions.

google pagespeed – centos installation

 

Let’s edit/create google-mod-pagespeed.repo

vi /etc/yum.repos.d/google-mod-pagespeed.repo

and add

[googlemodpagespeed]
name=googlemodpagespeed
baseurl=http://dl.google.com/linux/mod-pagespeed/rpm/stable/$basearch
enabled=1
gpgcheck=0
Let’s install it with yum!
yum install mod-pagespeed
Then we need to restart apache!
service httpd restart

 

This is how we test it…

curl -D- http://localhost/ | head -10

 

[root@sd-hooray webroot]# curl -D- http://localhost/ | head -10
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 4328 100 4328 0 0 27929 0 –:–:– –:–:– –:–:– 28103
HTTP/1.1 200 OK
Date: Wed, 12 Sep 2018 15:52:41 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.38
X-Powered-By: PHP/5.6.38
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Cache-Control: max-age=0, no-cache, s-maxage=10
Content-Length: 4328
Content-Type: text/html; charset=iso-8859-1

 

 

fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned

Meanwhile in a new VPS…

2018-04-18 19:56:42,211 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:43,213 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:44,214 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:45,215 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:46,217 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:47,218 fail2ban.actions [14644]: NOTICE [sshd] 195.72.223.106 already banned
2018-04-18 19:56:48,219 fail2ban.actions [14644]: NOTICE [sshd] 195.72.223.106 already banned

YAH!
Take a look at /etc/fail2ban/jail.local or /etc/fail2ban/jail.d/00-firewalld.conf
banaction = firewallcmd-ipset
or
banaction = iptables-multiport

 

Meltdown & Spectre – CentOS

This is, for what I’v read about, the two main things that we need to have updated…

kernel-3.10.0-693.11.6.el7.x86_64
microcode_ctl-2.1-22.2.el7.x86_64

Check them trought uname -r and dmesg | grep microcode

 

[root@sd-56969 www]# systemctl status microcode -l
● microcode.service - Load CPU microcode update
 Loaded: loaded (/usr/lib/systemd/system/microcode.service; enabled; vendor preset: enabled)
 Active: inactive (dead) since Fri 2018-01-05 17:43:08 CET; 1 weeks 6 days ago
 Process: 692 ExecStart=/usr/bin/bash -c grep -l GenuineIntel /proc/cpuinfo | xargs grep -l -E "model[[:space:]]*: 79$" > /dev/null || echo 1 > /sys/devices/system/cpu/microcode/reload (code=exited, status=0/SUCCESS)
 Main PID: 692 (code=exited, status=0/SUCCESS)

Jan 05 17:43:08 sd-56969 systemd[1]: Starting Load CPU microcode update...
Jan 05 17:43:08 sd-56969 systemd[1]: Started Load CPU microcode update.