User Tools
server_maintenance
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
server_maintenance [2016/06/02 11:46] zoza |
server_maintenance [2016/06/02 12:45] zoza [mysql] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== server maintenance ====== | ====== server maintenance ====== | ||
| - | * logging activity | + | ===== logging activity ===== |
| apache error log | apache error log | ||
| Line 15: | Line 15: | ||
| <code>geoiplookup THE.IP.ADD.RE.SS</code> | <code>geoiplookup THE.IP.ADD.RE.SS</code> | ||
| - | * IP filtering | + | ===== IP filtering ===== |
| check existing iptables filters | check existing iptables filters | ||
| Line 22: | Line 23: | ||
| <code>iptables -A INPUT -s THE.IP.ADD.RE.SS -j DROP</code> | <code>iptables -A INPUT -s THE.IP.ADD.RE.SS -j DROP</code> | ||
| - | * mysql | + | ===== mysql ===== |
| remove comments from a wordpress site | remove comments from a wordpress site | ||
| Line 32: | Line 33: | ||
| http://brunzino.github.io/blog/2016/05/21/solution-how-to-debug-intermittent-error-establishing-database-connection/ | http://brunzino.github.io/blog/2016/05/21/solution-how-to-debug-intermittent-error-establishing-database-connection/ | ||
| https://www.linode.com/docs/websites/apache-tips-and-tricks/tuning-your-apache-server | https://www.linode.com/docs/websites/apache-tips-and-tricks/tuning-your-apache-server | ||
| + | |||
| added the following lines | added the following lines | ||
| <code> | <code> | ||
| Line 55: | Line 57: | ||
| </code> | </code> | ||
| to all /etc/apache2/sites-available/domain.com configuration files which host a WordPress, to enable lynx analytics report, which clearly showed many **xmlrpc** requests in seconds. | to all /etc/apache2/sites-available/domain.com configuration files which host a WordPress, to enable lynx analytics report, which clearly showed many **xmlrpc** requests in seconds. | ||
| + | Solved the memory issue by blocking the ip that was sending xmlrpc requests (iptables drop) after geoiplocating it in lithuania | ||
| + | consider also this: | ||
| + | http://www.blogtips.org/block-wordpress-brute-force-attacks-via-xmlrpc-php/ | ||
| + | also, dataclub.biz domain appears in other brute-force attacks | ||
server_maintenance.txt · Last modified: 2016/06/19 12:13 by zoza
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
