Author: Liz Quilty

  • Zero-effort WordPress host migrations

    Need to get your WordPress from one host to another? It can be a lot easier than you think. This blog post walks you through the steps to migrate your WordPress website from one host to another. You’ve been with your current host for a while. But perhaps their price is starting to feel a…

  • Worried about privacy on public meeting apps? Try Big Blue Button

    Recently its come to light that Zoom were keeping video footage of meetings in their T&C. The Software Freedom Conservency calls on its members to eschew Zoom and instead use Open Source (and self-hosted) alternatives. If you are a company and want something a little more secure, that works easily with a nice web interface,…

  • Unknown Password Change – diagnostics

    Often numerous people have access to an account, developers, owners, system administrators. Occasionally they do things, they maybe shouldn’t – like changing the password – leaving all other people in the loop out. When this happens its always good to make sure that you know who changed that password – because if it was not…

  • Finding and auto updating wordpress / themes / plugins with wp-cli

    For many years I have maintained a shell script that checks and can update wordpress. Its great, it needs nearly nothing and is handy for basic diagnosis, however its not good as something that can update things on a cron so well which multiple people have asked about.

  • Exploits on Webmin 1.8xx and earlier

    Developers have just announced the release of Webmin 1.930. This includes some important security fixes. If you have an older Webmin version please update urgently to insure your server remains secure. In particular they described an exploit that is fairly major. Should your install be too old to update, you can fix the bug by…

  • LCA2019 round up

    Every year the staff at Rimu look forward to the latest Linux.conf.au conference. Some of us go in person, some watch online, but we all love it, and love to catch up with whats going on. This year it was in Christchurch and Juan and I (Liz) went down to attend in person. CULTURE Christchurch…

  • Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue

    Are you seeing this message about your server ? Action may be required to prevent your Let’s Encrypt certificate renewalsfrom breaking.If you already received a similar e-mail, this one contains updatedinformation.Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issuea certificate in the past 60 days This is an issue caused by the certbot binary being out…

  • Certbot/Letsencrypt with Apache and Tomcat using proxypass

    LetsEncrypt/Certbot is a wonderful cheap way to have an SSL cert to secure things. It works out of the box and no issues for the most part until you have things like proxy pass or other things. The fix is fairly easy however, and this works well in particular with those running tomcat behind apache…

  • Drupal Exploits – script to detect versions

    We are currently seeing a high volume of Drupal exploits running a lot of arbitrary code, including crypto mining, attacking other servers and similar due to this exploit  https://www.drupal.org/sa-core-2018-002   If you want to find out if you have any vulnerable Drupal installs quickly and easily i wrote a shell script for that . Just run…

  • Virtualmin Changes binding from ip:80 to *:80 and breaks older configs … FIX

    We have found some virtualmin installs will change the format of new virtualhosts from ip:80 to *:80 sometimes which breaks virtualhosts as the *:80 overrides the ip:80. This can result in websites showing another website content, and usually shows up right after you add a new domain in virtualmin.