Blocking By Country

There are times when you’ll want to limit access and block whole countries. Why? Because there are times when it’s necessary. Here’s a script that builds a script…. It downloads the IP ranges from, works through a list of two letter country codes to create a bash script that will: Delete an existing iptables … [Read more…]

“Fixing” troublesome filenames.

Windows has a number of reserved characters that aren’t allowed in file/folder names: ◦The following reserved characters: ◾< (less than) ◾> (greater than) ◾: (colon) ◾” (double quote) ◾/ (forward slash) ◾\ (backslash) ◾| (vertical bar or pipe) ◾? (question mark) ◾* (asterisk) I’d also advise against the use of curly braces {} The following … [Read more…]

“Nesting” Variables in bash

Many thanks to “Gavin Smith” on for the first part of this tip. Expressions like ${${a}} do not work. To work around it, you can use eval: b=value a=b eval aval=\$$a echo $aval Output is value Thanks for the tip Gavin! Ok, so why would you want to? For me, I needed to test … [Read more…]

Fail2Ban Behind A Proxy/Load Balancer

Problem You’ve users that you want to ban / block from your web servers using Fail2Ban but your web servers are behind a proxy so all traffic appears to be coming from the proxy server IP/Interface. Ideally you should have learning rules on your proxy or load balancer where you can automatically filter/rate/take actions, but … [Read more…]

Checking SSL Expiry Dates From The Command Line

This is a simple way to check your sites SSL certificate expiry date from the command line. I’ll probably expand the script to work with lists and to send alerts if under XX days are remaining, but for now it just works with ./ #!/bin/bash DOMAIN=$1 EXPIRES=$(echo | openssl s_client -connect ${DOMAIN}:443 2>/dev/null | … [Read more…]

Using Google Authenticator with more than one device

Ok, so if you’re using Google Authenticator to protect logins on servers or just for your own Google mail / apps login you may come across the situation where you want it on more than one device. For example I’ve an Android phone and a tablet, and sometimes the phone is like really far…. like … [Read more…]

Disable SELinux on CentOS 6

To disable SELinux on CentOS 6, edit the following config file: # nano /etc/selinux/config Change SELINUX=enforcing # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing – SELinux security policy is enforced. # permissive – SELinux prints warnings instead of enforcing. # disabled … [Read more…]

Admin Training

How to be a Linux sys-admin in one easy lesson, just memorise these phrases and use at random No chance. You’ll not get that today Kill All Developers Do you have a ticket for that? Simple!

mysqldump error – view lack rights to use them (1356)

If you get an error messages like “mysqldump: Couldn’t execute ‘SHOW FIELDS FROM `some_database`’: View ‘some_database.viewname’ references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them (1356)” you can work around this by trying the dump as “root” or telling mysqldump to ignore the broken view by adding this … [Read more…]