Category Archives: Linux

google pagespeed – centos installation


Let’s edit/create google-mod-pagespeed.repo

vi /etc/yum.repos.d/google-mod-pagespeed.repo

and add

Let’s install it with yum!
yum install mod-pagespeed
Then we need to restart apache!
service httpd restart


This is how we test it…

curl -D- http://localhost/ | head -10


[[email protected] webroot]# curl -D- http://localhost/ | head -10
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 4328 100 4328 0 0 27929 0 –:–:– –:–:– –:–:– 28103
HTTP/1.1 200 OK
Date: Wed, 12 Sep 2018 15:52:41 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.38
X-Powered-By: PHP/5.6.38
Vary: Accept-Encoding
Cache-Control: max-age=0, no-cache, s-maxage=10
Content-Length: 4328
Content-Type: text/html; charset=iso-8859-1



fail2ban.actions [14644]: NOTICE [sshd] already banned

Meanwhile in a new VPS…

2018-04-18 19:56:42,211 fail2ban.actions [14644]: NOTICE [sshd] already banned
2018-04-18 19:56:43,213 fail2ban.actions [14644]: NOTICE [sshd] already banned
2018-04-18 19:56:44,214 fail2ban.actions [14644]: NOTICE [sshd] already banned
2018-04-18 19:56:45,215 fail2ban.actions [14644]: NOTICE [sshd] already banned
2018-04-18 19:56:46,217 fail2ban.actions [14644]: NOTICE [sshd] already banned
2018-04-18 19:56:47,218 fail2ban.actions [14644]: NOTICE [sshd] already banned
2018-04-18 19:56:48,219 fail2ban.actions [14644]: NOTICE [sshd] already banned

Take a look at /etc/fail2ban/jail.local or /etc/fail2ban/jail.d/00-firewalld.conf
banaction = firewallcmd-ipset
banaction = iptables-multiport


Meltdown & Spectre – CentOS

This is, for what I’v read about, the two main things that we need to have updated…


Check them trought uname -r and dmesg | grep microcode


[[email protected] www]# systemctl status microcode -l
● microcode.service - Load CPU microcode update
 Loaded: loaded (/usr/lib/systemd/system/microcode.service; enabled; vendor preset: enabled)
 Active: inactive (dead) since Fri 2018-01-05 17:43:08 CET; 1 weeks 6 days ago
 Process: 692 ExecStart=/usr/bin/bash -c grep -l GenuineIntel /proc/cpuinfo | xargs grep -l -E "model[[:space:]]*: 79$" > /dev/null || echo 1 > /sys/devices/system/cpu/microcode/reload (code=exited, status=0/SUCCESS)
 Main PID: 692 (code=exited, status=0/SUCCESS)

Jan 05 17:43:08 sd-56969 systemd[1]: Starting Load CPU microcode update...
Jan 05 17:43:08 sd-56969 systemd[1]: Started Load CPU microcode update.




SFTP allow user to login via SFTP

If we are just allowing both on AllowUsers in file /etc/ssh/sshd_config, new users won’t be allowed to access the server.

So!, lets edit it a add the new user. Find AllowUser line and add it there.

sudo nano /etc/ssh/sshd_config

This should look something like

#PermitRootLogin without-password
PermitRootLogin no
StrictModes yes
AllowUsers bofh newuser

Save and Exit!
Restart SSH

service ssh restart

Now the user!

addgroup --system filetransf

usermod -G filetransf username
chown root:root /home/username
chmod 755 /home/username

cd /home/username
chown username:filetransf *




dashboard for VMware, SNMP, REST API and more

Simple dashboard system for sysadmins with modules for VMware, SNMP, REST API and more

SysAdminBoard is a simple dashboard system written in Python, HTML and Javascript and served on a simple CherryPy Webserver (included). It was originally written to reformat snmp data for the Panic Statusboard iPad App, but has since become a fully stand-alone project that can grab data from a variety of sources and render charts and graphs in a web browser.