Tag: SysAdmin

You can now get up to 33% off the price of a cPanel-managed Web Hosting plan at Heart Internet.

Did you know that the fonts you use on your website can impact the way your customers perceive and interact with your brand?

Including options for optimising your cart, boosting customer loyalty, and selling tickets.

Discover the appeal of .ninja, .coffee, .guru and more - all available in our domain name sale.

We’ve just slashed the price of WordPress Hosting at Heart Internet.

A guide to what to do next once you've chosen your perfect domain name.

Including quotes from Amelia Earhart and Barack Obama, to give you a little pick me up.

When browsing through hosting packages, you’ll often come across the word cPanel. But what exactly does this word mean and what are the benefits of buying a hosting package with cPanel included?

Did you know that domains can be so much more than a mere address or waymark? In this blog, we look at how they can be a powerful tool for online brand protection.

Celebrating World Wide Web Day by looking at why it's never been more important to have an online presence.

An email is not being sent and being logged by Postfix with the following error default._domainkey.example.ws: key data is not secure: /etc/opendkim/keys/example.ws/default.private is in group 124 which has multiple users (e.g., "postfix") [...] milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; Testing the key returns as expected opendkim-testkey: using default configfile /etc/opendkim.conf opendkim-testkey: checking key 'default._domainkey.example.ws' opendkim-testkey: key not secure opendkim-testkey: key OK Directory /etc/opendkim/keys/example.ws/ shows the following files and permissions drwxr-xr-x 2 opendkim opendkim 4096 Apr 28 09:03 . drwxr--r-- 10 opendkim opendkim 4096 Apr 28 09:01 .. -rw-r--r-- 1 opendk

We bought USG flex 100 into our office and we added it to the nebula. Now, we need to setup site-to-site tunnel into our datacenter. On nebula site we have network 10.5.1.0/24 and in datacenter we have subnets 10.1.4.0/24 and 10.8.0.0/23. I need to have both networks from datacenter connected to the nebula device in our office, but nebula can't write two subnets to the remote networks. In datacenter I have kerio router and Debian server, which has installed strongswan, so I can connect nebula to one of them. It doesn't matter, which of them it will be… Do you know, how to do it? Thanks

I'm helping out a not for profit whose site is hosted on Bluehost. Their primary broadcast email is getting mail delivery failures to Gmail address of the type "SMTP error from remote mail server after end of data:550 .... sender rejected AUP#DNS" Other emails on the same domain deliver OK to Gmail but get SPF softfails from Gmail due to cloudfilter.net, which I assume is a relay service used by Bluehost (and possibly other hosts) . The softfails mention: omta34.uswest2.a.cloudfilter.net. [35.89.44.33] omta40.uswest2.a.cloudfilter.net. [35.89.44.39] The bounces mention: eig-west.smtp.a.cloudfilter.net [34.217.196.71] eig-east.smtp.a.cloudfilter.net [18.215.58.191] Can I create a single SPF include that covers the variants like the above? DKIM and DMARC seem OK, is there anything else I need to check for the bounce errors? Thanks.

I following a tutorial on a blog about opensense. I have a client server and opnsense server. I want the client server to use opnsense for its network and have access to public network through the opnsense. I installed opnsense in hetzner. I use vtnet0 as wan but after installation and I added vtnet1 to interfaces as LAN then changed the IPv4 to DHCP and apply changes, opnsense become unreachable. I am following this tutorial: https://community.hetzner.com/tutorials/how-to-route-cloudserver-over-private-network-using-pfsense-and-hcnetworks#step-3---set-up-the-client-server I don't know if this is because this is opnsense

I am a newbie in opnsense. I installed opnsense on hetzner. I want to add LAN to interface but I can't find LAN interface on the assignment menu. What I can add is opt1. How do I add LAN to interfaces?

I need to have a web load balancer with active health check. This frontend machine should handle https certificate, a bit of caching and, most important, proxy to backend server only if they are healthy. I tried nginx but unfortunately I discovered nginx opensource supports only passive health checks and then I have few alternatives. Trying to use one of forks for nginx active health check, not supported and probably hard to install. Develop a custom bash script, set in in a cron schedulation, to check the health of servers that changes the nginx configuration and reload the instance. Install HAProxy that supports active health check and configure it in cascade from nginx. So nginx will handle certificate and caching and will proxy to local HAProxy, then HAProxy will handle just the balancing with health check. I have few doubts for all solutions. The last one seems to be the most solid, but is it a good idea to have 2 webser

Assumptions (based on AWS docs): AWS WAF (whether used directly or via Shield Advanced) is what AWS provides as a service. The pricing structure of WAF means every request incurs a cost, even from IPs that it may decide to block, as it still needs to process and respond. Hence a DDoS attack can result in a cost spike. Services like Route53 and CloudFront have AWS Shield Standard enabled by default, which only protects from layer 3/4 DDoS attacks. Questions: Are my assumptions correct? I have read articles where customers have mentioned using external services like CloudFlare to provide authoritative DNS, as their layer 7 DDoS protection is far more cost effective. However, wouldn't that only protect from attacks needing IP resolution? I.e., if an attacker has the IP to the AWS service (like Global Accelerator) resolved, can't they attack it directly without needing to go via CloudFlare?

I have an C++ application that loads a Kaldi ASR model. If the model is small, the application is able to load the model and run in command line as well as a systemd service under Debian 12. However, when I am loading a bigger Kaldi ASR model, service fails to load, but it runs fine from command line. I am really scratching my head here, what is the limitation being applied here while running as service. There is no memory limit specified in the service file. Following is the service file: [Unit] Description=kaldiasr-english Wants=network-online.target After=syslog.target local-fs.target network.target network-online.target [Service] ; service Type=simple PIDFile=/var/log/kaldiasr-english.pid PermissionsStartOnly=true ; blank ExecStart= line flushes the list Environment="LD_LIBRARY_PATH=/usr/local/lib" ExecStart=kaldiasr 8010 60 English vosk-model-en-us-0.22 TimeoutSec=45s Restart=on-failure ; exec WorkingDirectory=/home/test User=test Group=

We are using Datadog for tracing by including the dd-trace library in our NodeJS microservices. We started to notice strange DNS lookups in our traces. These lookups show the IP address of the kubernetes node where the service pod is located. We don't do any DNS lookups in the service code. I am attaching a screenshot with 3 DNS lookups: Image with 3 DNS lookups As you can see in the trace there are no requests to other services except to MySQL, but it has different IP address and located on different instance. What are these DNS lookups? It does not look normal for me... May it be the dd-trace library itself attempting to resolve current host name to the ip address?

I am setting up a VLAN. My current network has a single DHCP scope. I am creating a second scope, and understand a DHCP relay will serve addresses based on my router IP. How can I stop addresses from the second scope being used by endpoints on the untagged VLAN, which has the DHCP server broadcasting on it and I want to limit to the original scope?