How To Redirect www To non-www And Vice Versa with Nginx

In this short tutorial I’ll show you how to make permanent redirect from a www URL to non-www and vice versa. I’ll assume that you have superuser privileges, sudo  or root access and Nginx already configured, as well as DNS records. More specifically, you need to have an A records for www.yourdomain.com  and yourdomain.com .

Redirect non-www to www

To redirect users from a plain, non-www domain to a www domain, you need to add this snippet in your Nginx domain configuration file:

Save your configuration and exit. Before restarting Nginx make sure to test your configuration:

Continue reading How To Redirect www To non-www And Vice Versa with Nginx

Facebook Privacy: Chats Are Being Scanned By A CIA Funded Company

During the testing of an application we’ve set up in a non-published area we have noticed some unusual activity. The link for the app was sent via facebook chat and afterwards comes the interesting part:

Lots of IPv6 for a single facebook check.

We went a step further. Forced IPv4 and tracked logs for an URL that was freshly created and sent via facebook chat.

x.x.x.x were our IP addresses and after the facebook checking the link there was no activity for ~3 minutes. As it can bee seen from the logs next hit was with “Recorded Future” signature (here we’ll disregard two hits that were made from US/Illinois 16 minutes later even though it’s not anything related to our company or area)

Search for terms “facebook chat scan” gave us this result: http://mashable.com/2012/07/12/facebook-scanning-chats/, but in this case it’s a third party. Company unrelated to Facebook.

Recorded Future is an American-Swedish startup backed by both Google Ventures and American intelligence agencies. ”
http://www.fastcolabs.com/3014444/does-world-history-repeat-one-cia-backed-startup-plans-to-find-out

They also claim:

Considering that they were crawling links that were not published anywhere else and only sent via FB chat “open Web” seems to be an understatement.

Also, the interesting part is that recent focus of “Recorded Future” are terrorist groups such as ISIS, cyber criminal organizations and any kind of “public” internet activity that’s related to possible threats.

Conclusion would be that the privacy on facebook does not exist and their lawyers covered it well with EULA and their privacy policy:

 

Installing Icinga2 (fork of Nagios) on Debian 7 (Wheezy)

Preface

Icinga is a fork of Nagios monitoring system. There are lots of changes and upgrades compared to Nagios, especially in version 2. The main visible difference is UI which is built on ext js. Other significant differences are in hosts and services definitions (it will be covered in part 2).

For this tutorial we’re going to use Digital Ocean smallest droplet with installed Debian 7.8.

Continue reading Installing Icinga2 (fork of Nagios) on Debian 7 (Wheezy)

SSH Authentication With Keys Instead Passwords

SSH is a must have tool for every System administrator or DevOps Engineer. It provides you a secure way to access remote servers. But, if you use standard password authentication there is always a chance that someone will break into system due to weak password.  This potential risk increases if multiple users have SSH access to the server, because system administrator can’t influence to the users to make a better passwords.

Continue reading SSH Authentication With Keys Instead Passwords

Apache2 – mod_fcgid: HTTP request length exceeds MaxRequestLen

Few days ago I found a very good Open Source project for sharing and synchronization (Dropbox alternative) called Pydio. Heard before for this project, but I have never tried to install it before. I tried the demo and decided to install Pydio on my own server and check this little bit more. Installation procedure went smoothly and in 5 minutes I had my sharing web site ready to use.

But, when I tried to upload multiple files, all of them larger than 3Mb, browser simply returned:

Then I checked Apache2 log, and here is what I found:

It seams that MaxRequestLen directive of mod_fccgid is too low. To fix this, you need to update few options in your php.ini file. Search for upload_max_filesize which puts limit on any single file, default value should be set to this:

change this value to whatever you want, but I strongly suggest you to set >50M. Then search for post_max_size, default value is:

this is the size of the entire body of the request, which could include multiple files. Set this value at lest 2-3x as upload_max_filesize. Continue reading Apache2 – mod_fcgid: HTTP request length exceeds MaxRequestLen