If you meet this error when trying to connect to a server via ssh, you probably think there was a network error causing this. Maybe the ip configuration is not correct on the target server. But you can indeed ping…
If you meet this error when trying to connect to a server via ssh, you probably think there was a network error causing this. Maybe the ip configuration is not correct on the target server. But you can indeed ping…
Recently, I got iptables settings that seem to harden server.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 |
iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere INPUT_direct all -- anywhere anywhere INPUT_ZONES_SOURCE all -- anywhere anywhere INPUT_ZONES all -- anywhere anywhere DROP all -- anywhere anywhere ctstate INVALID REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere FORWARD_direct all -- anywhere anywhere FORWARD_IN_ZONES_SOURCE all -- anywhere anywhere FORWARD_IN_ZONES all -- anywhere anywhere FORWARD_OUT_ZONES_SOURCE all -- anywhere anywhere FORWARD_OUT_ZONES all -- anywhere anywhere DROP all -- anywhere anywhere ctstate INVALID REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination OUTPUT_direct all -- anywhere anywhere Chain FORWARD_IN_ZONES (1 references) target prot opt source destination FWDI_public all -- anywhere anywhere [goto] FWDI_public all -- anywhere anywhere [goto] Chain FORWARD_IN_ZONES_SOURCE (1 references) target prot opt source destination Chain FORWARD_OUT_ZONES (1 references) target prot opt source destination FWDO_public all -- anywhere anywhere [goto] FWDO_public all -- anywhere anywhere [goto] Chain FORWARD_OUT_ZONES_SOURCE (1 references) target prot opt source destination Chain FORWARD_direct (1 references) target prot opt source destination Chain FWDI_public (2 references) target prot opt source destination FWDI_public_log all -- anywhere anywhere FWDI_public_deny all -- anywhere anywhere FWDI_public_allow all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere Chain FWDI_public_allow (1 references) target prot opt source destination Chain FWDI_public_deny (1 references) target prot opt source destination Chain FWDI_public_log (1 references) target prot opt source destination Chain FWDO_public (2 references) target prot opt source destination FWDO_public_log all -- anywhere anywhere FWDO_public_deny all -- anywhere anywhere FWDO_public_allow all -- anywhere anywhere Chain FWDO_public_allow (1 references) target prot opt source destination Chain FWDO_public_deny (1 references) target prot opt source destination Chain FWDO_public_log (1 references) target prot opt source destination Chain INPUT_ZONES (1 references) target prot opt source destination IN_public all -- anywhere anywhere [goto] IN_public all -- anywhere anywhere [goto] Chain INPUT_ZONES_SOURCE (1 references) target prot opt source destination Chain INPUT_direct (1 references) target prot opt source destination Chain IN_public (2 references) target prot opt source destination IN_public_log all -- anywhere anywhere IN_public_deny all -- anywhere anywhere IN_public_allow all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere Chain IN_public_allow (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW Chain IN_public_deny (1 references) target prot opt source destination Chain IN_public_log (1 references) target prot opt source destination Chain OUTPUT_direct (1 references) target prot opt source destination |
This comes from a newly-provisioned vps. The iptables block all ports of the server except the ssh port(22). If you change the ssh port from the default 22…
You may see on a web page a video that is hosted by wistia.com. I mean the web page is not one of wistia.com pages but the video is indeed served by wistia by embedded code. How to download it?…
Interestingly, the owner:group of /var/www/domainhostseotool.com/public_html is apache:apache and the mode is 755 . The owner:group of /var/www/domainhostseotool.com/public_html/.htaccess is also apache:apache and the mode is 644. Why does it complain the file is not readable and/or the directory is not executable?…
I’ve been wondering why every major release of CentOS breaks yum on older release. For example, after CentOS 6 is EOL, you cannot use yum on CentOS6; after CentOS 7 EOL, you cannot use yum to install a software on…
After installing and activating the License Manager for WooCommerce wordpress plugin, you need to import the serial numbers to sell. You need to copy the SNs in a .txt file(one sn per line), then head into wordpress admin panel/WooCommerce/License Keys…
Yes, this is that famous wordpress plugin. If you type woocommerce as the keyword to search the plugin on your website’s wordpress admin/Add Plugin page, it appears as the first plugin with 5 million+ installations. But frankly speaking, this plugin…
I cannot connect to a pptp vpn. The following errors occur when clicking the connect button in windows 10: The modem(or other connecting device) has reported an error A device attached to the system is not functioning A connection to…
Today, when I accessed my website, it showed “database connection failed”. I opened the mysql log file /var/log/mariadb//mariadb.log and saw the following error: wp_options’ is marked as crashed and last (automatic?) repair failed I tried to repair the wp_options table:…
This error occurs when I run the following command:
|
1 |
mysqlcheck -u root -p databasename |
Note that the command prompts for a password, and I input the correct password for the user root. Why does it still deny the access for root? If you ran…