If you are running a truly enormous system and want to have off-the-shelf orchestration for it, Kubernetes may be the tool for you. For 99.9% of people out there, it's just an extra layer of complexity that adds almost nothing of value.
The quick and simple editor for cron schedule expressions by Cronitor
«Docker MUST NOT run any databases in production, EVER.»
«The docker hype is not only a technological liability any more, it has evolved into a sociological problem as well.»
Security in WordPress is taken very seriously, but as with any other system there are potential security issues that may arise if some basic security precautions aren't taken. This article will introduce you to basic security concepts and serve as an introductory guide to making your WordPress website more secure.
This article is not the ultimate quick fix to your security concerns.
You can use this script to fix wordpress permission:
#!/bin/bash
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
#
WP_OWNER=www-data # <-- wordpress owner
WP_GROUP=www-data # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=www-data # <-- webserver group
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;
save it to a file and run it and pass it your wp installation directory:
wget https://gist.github.com/Adirael/3383404/raw/6c5446d56477426faeb709e5b807f00422acdea2/fix-wordpress-permissions.sh
chmod +x fix-wordpress-permissions.sh
sudo ./fix-wordpress-permissions.sh /var/www/html
Node.js as a running service is becoming more and more popular these days. One of the issues many developers face is how to ensure their node.js service starts automatically, and more importantly how to keep it running should it crash. Previously one had to install modules such as forever, and then create some autostart script to start the daemon when the server booted.
Most Linux systems have recently switched to using systemd, which makes this process a lot simpler and more efficient, and means that we do not need forever any more.
When you run Express apps for production, it is helpful to use a process manager to achieve the following tasks:
A process manager is somewhat like an application server: it’s a “container” for applications that facilitates deployment, provides high availability, and enables you to manage the application at runtime.
The most popular process managers for Express and other Node.js applications are as follows:
Using any of these three tools can be very helpful, however StrongLoop Process Manager is the only tool that provides a comprehensive runtime and deployment solution that addresses the entire Node.js application life cycle, with tooling for every step before and after production, in a unified interface.
Here’s a brief look at each of these tools. For a detailed comparison, see http://strong-pm.io/compare/.
Let's say you want http://www.example.com/secure/ to always be sent over SSL (I presume here that both the normal and the SSL vhost have the same content). You could do this by linking to the correct page from within your HTML pages... but there will always be some user who will sneak by it that way.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.example.com
Redirect permanent / https://secure.example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName secure.example.com
DocumentRoot /usr/local/apache2/htdocs
SSLEngine On
# etc...
</VirtualHost>
MySQLTuner is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions.
MySQLTuner supports in this last version ~250 indicators for MySQL/MariaDB/Percona Server.
MySQLTuner is maintained and indicator collect is increasing week after week supporting a lot of configurtion sush as:
Most options can be set using their actual names in the my.cnf.
Le module mod_rewrite utilise un moteur de réécriture à base de règles, basé sur un interpréteur d'expressions rationnelles PCRE, pour réécrire les URLs à la volée. Par défaut, mod_rewrite met en correspondance une URL avec le système de fichiers. Cependant, on peut aussi l'utiliser pour rediriger une URL vers une autre URL, ou pour invoquer une requête interne à destination du mandataire.
mod_rewrite fournit une méthode souple et puissante pour manipuler les URLs en utilisant un nombre illimité de règles. Chaque règle peut être associée à un nombre illimité de conditions, afin de vous permettre de réécrire les URLs en fonction de variables du serveur, de variables d'environnement, d'en-têtes HTTP, ou de repères temporels.
mod_rewrite agit sur la totalité de l'URL, y compris la partie chemin. Une règle de réécriture peut être invoquée dans httpd.conf ou dans un fichier .htaccess. Le chemin généré par une règle de réécriture peut inclure une chaîne de paramètres, ou peut renvoyer vers un traitement secondaire interne, une redirection vers une requête externe ou vers le mandataire interne.
To have a specific package skipped when upgrading the system, specify it as such:
$ yaourt -Syau --ignore foo,bar,baz
For multiple packages use a space-separated list,
$ usermod -a -G group user
If you don't use "-a" it will remove all the groups you belong before
GoAccess' dashboard gives you an overview of server metrics by displaying summaries of different
Pflogsumm is a log analyzer for Postfix. It can mail out a summery on a daily, weekly or monthly basis and is fully configurable. The generated report can show you patterns in email traffic so you can better determine bandwidth limitations, mail server abusers or if your mail server needs to be upgraded. Statistics can be very helpful in showing, for example, when most of your mail is sent or received or if that one mail user is sending out more than their fair share of mail. Pflogsumm will give you the ability to quickly determine what machines on your network are the top (ab)users and the proof to follow up company policies with numbers.
Pflogsumm is a single perl file and its only dependancies are perl, the perl module Date::Calc (which is probably already installed on your system) and the proper location of a Postfix log file.
ncdu (NCurses Disk Usage) is a disk utility for Linux systems. Its name refers to its similar purpose to the du utility, but ncdu uses a TUI under the [n]curses programming library.[1] Users can navigate the list using the arrow keys and delete files that are taking up too much space by pressing the 'd' key. Version 1.09 and later can export the file listing in JSON format.
ncdu was developed by Yoran Heling to learn C and to serve as a disk usage analyzer on remote systems over ssh.
pflogsumm.pl is designed to provide an over-view of postfix activity, with just enough detail to give the administrator a "heads up" for potential trouble spots. The following is an over-view of the reports produced.
find . -iname '*.gz' -print0 | xargs -0 zgrep PATTERN
Ncdu is a disk usage analyzer with an ncurses interface. It is designed to find space hogs on a remote server where you don't have an entire gaphical setup available, but it is a useful tool even on regular desktop systems. Ncdu aims to be fast, simple and easy to use, and should be able to run in any minimal POSIX-like environment with ncurses installed.
Using manjaro-settings-manager-gui, I managed to upgrade my kernel and fix that stupid "8 minutes boot time".
When you upgrade to a new major version of Perl, the XS modules have to be rebuilt :
$ cpanm --reinstall Broken::Module
When you upgrade to a new major version of Perl, the XS modules have to be rebuilt :
$ cpanm --reinstall Broken::Module
Sometimes, the content of your trash cannot be emptied by your regular user.
Quelques infos et conseils intéressants