General: Tips & Tricks and one-liners (Part III)

by Kliment Andreev
0 comment
Reading Time: 2 minutes

Part I and Part II.

WordPress – prevent unauthorized admin logins

If you have a WordPress blog, you probably know that there are tons of attempts from users/scripts to try to take over your blog and post spam. There are a lot of plugins there that can take care of different security aspects, but by far, this simple solution works best for me.
It prevents anyone except white listed IPs to access your login page. Instead they’ll get error 404, page not found. The only problem is that you can’t have your own user base. So, if someone wants to post a comment, it can’t be a user registered on your blog. I use the Social Login plugin that allows users to login and register with one click on this blog, using their own social network’s logins.

Anyway, you need mod_rewite installed on your web server. Look for this line and if it’s commented, remove the # and reload the config.

LoadModule rewrite_module libexec/apache24/mod_rewrite.so

In the root of your blog, edit the .htaccess file and make sure it looks like this.
In my example, I have only two IPs allowed that can access the wp-login page. The rest will get page not found when accessing wp-login.php or wp-admin.

ErrorDocument 401 /index.php?error=404
ErrorDocument 403 /index.php?error=404

 <IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
 RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
 RewriteCond %{REMOTE_ADDR} !^198.16.3.247$
 RewriteCond %{REMOTE_ADDR} !^24.184.123.233$
 RewriteRule ^(.*)$ - [R=403,L]
 </IfModule>
 # BEGIN protect xmlrpc.php
 <files xmlrpc.php>
 order allow,deny
 deny from all
 </files>
 # END protect xmlrpc.php

AWS: ssh to a server with private IP only

I was playing with some servers in AWS. One of them had a public IP, but the second one had a private IP only. In order to access the 2nd server with private IP only, open up the key that was given to you for the 2nd server by AWS in PEM format in your favorite text editor. Select the text and copy it to the clipboard. The key looks like this. This key should belong to the 2nd server.

Now, log to the first server with the public IP as ec2-user.
Create a new file with nano or vi and paste the content. Save it as some_file.pem.
Change the permissions.

chmod 600 some_file.pem

Then log to the 2nd server with the private IP.

ssh -i some_file.pem <internal_IP>

NTP sync in a domain environment

On the PDC domain controller.

w32tm /config /manualpeerlist:"0.us.pool.ntp.org 1.us.pool.ntp.org 2.us.pool.ntp.org 3.us.pool.ntp.org" /syncfromflags:manual /reliable:yes /update 

On all other DCs.

w32tm /config /syncfromflags:domhier /update 

Resync manually.

w32tm.exe /resync /rediscover

Check the status.

w32tm /query /status

Ubunty 18 – DNS

First, configure the YAML file /etc/netplan, do netplan apply and then…

sudo rm -f /etc/resolv.conf
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

Ubuntu 18 – Change hostname

hostnamectl set-hostname <new_hostname>

Edit /etc/cloud/cloud.cfg and replace preserve_hostname: false to true

Change Windows password from command line prompt

Open up PowerShell/CMD with admin privileges and type:

net user username new_password

FreeBSD vmtools in vCenter

If you want to install VMWare Tools in FreeBSD running in vCenter, install this package.

pkg -y install open-vm-tools-nox11

If you want the full tools that cover X11, install open-vm-tools without “-nox11” suffix in the above command.

FreeBSD change from DHCP to static IP, default gateway and DNS

Edit /etc/rc.conf and you’ll see a ifconfig DHCP assignment somewhere. Change the DHCP keyword with your static IP and netmask and don’t forget the default gateway.

ifconfig_vmx0="inet 192.168.1.11 netmask 255.255.255.0"
defaultrouter="192.168.1.1"

The DNS settings are under /etc/resolv.conf.

Related Articles

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More