Centos8 + Apache + Tomcat + LetsEncrypt Setup

A popular setup for Tomcat is to run it as a backend behind Apache. This lets you use Apache for some websites and URLs and Tomcat for others (while keeping the same IP address and port).

Another common requirement is to have a valid SSL certificate.

This HOWTO describes that setup. The HOWTO is for Centos8, but it would not be too different for other distros.

Run a clean install choosing Centos8 at https://rimuhosting.com/cp/vps/disk/install.jsp

In /etc/httpd/conf.modules.d/00-proxy.conf enable:

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

Run the following:

Continue reading
Posted in Rimuhosting | Leave a comment

Ubuntu 20.04 LTS released

Ubuntu Logo

The latest long term support (LTS) release of Ubuntu is now available for new installs. Ubuntu 20.04, also known as "Focal Fossa" can be ordered at https://rimuhosting.com/order/v2orderstart.jsp. It's also an option to consider if you reinstall an existing VPS.

The official release notes for this release are available at https://wiki.ubuntu.com/FocalFossa/ReleaseNotes and will be be upstream supported until at least April 2025

Features in the 20.04 long term support release include:

  • python3 is now the default python interpreter
  • php updated to v7.4, with support for strongly typed properties and enforces stricter usage of arrays and ternary operators
  • updates to ha/clustering tools, notably now using kronosnet (or knet for short) as an essential feature, supporting dynamic configuration of new network resources
  • HAProxy 2.0
  • TLS 1.3 support is now baked in to services through the updated openssl library, so all your sites can take full advantage of the latest web encryption technology

As usual there is a supported upgrade path from previous Ubuntu releases, though customers with 18.04 LTS installs may be better to wait for the next (20.04.1) point release before updating. For anyone looking to do this, please see our recommendations at https://rimuhosting.com/knowledgebase/linux/distros/ubuntu

You can install new servers now at https://rimuhosting.com/order/v2orderstart.jsp, or contact us if you have any questions about Ubuntu 20.04.

Posted in Distributions | Tagged , , | Comments Off on Ubuntu 20.04 LTS released

Unknown Password Change – diagnostics

Often numerous people have access to an account, developers, owners, system administrators.

Occasionally they do things, they maybe shouldn't - like changing the password - leaving all other people in the loop out.

When this happens its always good to make sure that you know who changed that password - because if it was not you, it was potentially an exploit of some sort

Its fairly hard to track down exactly WHO did this, however its easy to work out WHEN it happens, which allows you to look up other things to determine who

To determine when the password was changed you can check the /etc/shadow file . It looks like this

Continue reading
Posted in Rimuhosting | Tagged , , , , | Comments Off on Unknown Password Change – diagnostics

Woop! WordPress hosting launch

Today we launch our Woop! WordPress hosting service. We are pretty excited about this.

woop logoMany of our RimuHosting customers run WordPress on the VMs they host with us. That makes sense since 30% of the world's sites run on WordPress. For over a decade we have been working with these customers to keep their WordPress installs up to date and secure. As well as working with them to make their sites load quickly, and have up to date SSL certs.

With so many customers wanting to run WordPress, and after seeing so many different setups, we wondered:

If we had our way, what would the ideal WordPress setup look like?

-Some guys (and Liz) at RimuHosting
Continue reading
Posted in Rimuhosting | Tagged | Comments Off on Woop! WordPress hosting launch

Business as usual in the Covid-19 pandemic

For customers using RimuHosting services, we don't expect the covid-19 pandemic will have any impact on our provision of services for you to use.

Existing servers are continuing to operate as normal and for now, provision of new services is also operating as normal. We have spare capacity available to cater for extra demand. It is conceivable that if demand increases significantly, shipping delays or shortages of parts may delay provisioning of new services. However, as of now we don't expect any problems.

We are continuing to work as normal. A number of our staff always work from home and the rest do so occasionally. From earlier this week, all our staff started working from home as a precaution, to reduce the risk in case community transmission starts in New Zealand.

The datacenters we operate from are all set up to continue operating with minimal staffing if necessary.

If your VPS has a firewall associated which has your office IP whitelisted, consider the impact on staff working remotely. We are happy to help with sorting out any problems such as this that you might experience when staff start to work from home.

We are also in a good position to provision new services aimed at supporting your organization working from home. e.g. We can help install software such as WordPress blogging and website platform, Nextcloud document sharing, Jitsi secure video conferencing for up to 8 participants, Mattermost enterprise messaging, Moodle online training and education platform, and Sandstorm easy-install self-hosted online services, and many other internet based products. Just mention what your needs are and our staff will be happy to assist.

We wish you well in these times of uncertainty.

Posted in Announce, Rimuhosting | Tagged , , , , , | Comments Off on Business as usual in the Covid-19 pandemic

CentOS 8 available

The long awaited release of CentOS 8 64bit is now available with new installs from our order pages at https://rimuhosting.com/order/v2orderstart.jsp. It's also an option to consider if you reinstall an existing VPS. CentOS8 was formally released on 24 Sep 2019.

The official release notes are available at https://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.1905.

CentOS8 will be supported until 30 Sep 2029. It is based on sources used by well known enterprise platforms, and will provide a reliable long term install target for new projects.

Continue reading
Posted in Announce, Distributions, Rimuhosting | Tagged , , , , , | Comments Off on CentOS 8 available

Finding and auto updating wordpress / themes / plugins with wp-cli

For many years I have maintained a shell script that checks and can update wordpress. Its great, it needs nearly nothing and is handy for basic diagnosis, however its not good as something that can update things on a cron so well which multiple people have asked about.

Continue reading
Posted in Featured, Rimuhosting | 1 Comment

Exploits on Webmin 1.8xx and earlier

Developers have just announced the release of Webmin 1.930. This includes some important security fixes. If you have an older Webmin version please update urgently to insure your server remains secure.

In particular they described an exploit that is fairly major.

Should your install be too old to update, you can fix the bug by editing the file in /etc/webmin/miniserv.conf and remove the passwd_mode= line, followed by restarting the webmin service. A quick easy shell script for this would be like this ...

sed -i s/passwd_mode.*// /etc/webmin/miniserv.conf 
service webmin restart

If you need a hand with any of this, pop in a ticket and we can help out.

Posted in Security | Tagged , , , | Comments Off on Exploits on Webmin 1.8xx and earlier

“Sad SACK” network protection

Netflix has identified several vulnerabilities in the TCP networking stack that affects all Linux users with un-patched kernels. The vulnerabilities have been assigned CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479.

All three issues have already been mitigated for all our VPS customers.

The original advisory says...

The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed “SACK Panic,” allows a remotely-triggered kernel panic on recent Linux kernels

We are not aware of anyone abusing this exploit yet, however that is likely to change rapidly over the next few days. More information is available below.

Continue reading
Posted in Security | Tagged , , , , , , , | Comments Off on “Sad SACK” network protection

Running WordPress as a Docker Stack

In the advent of containerized applications it can be quite daunting to get started with docker and multiple containers in a cluster. In this post we will go through some of the terminology and how to get started in a simplified case for a single host, multiple containers application stack, with containers for wordpress, mysql and a reverse proxy using ngnix.

(Photo by Allagash Brewing)

Continue reading
Posted in Announce, Rimuhosting | Tagged , , | Comments Off on Running WordPress as a Docker Stack