• Letsencrypt with Zonomi and Rimuhosting name servers using hooks

    SSL is good, you should use it everywhere! Letsencrypt it is a project that allows you to obtain signed certificates for free (you should consider donating though) to secure your website. Big efforts have been done to make this accessible to anyone. In order to issue SSL certificates Certificate Authorities will check that you can control…


  • Virtualmin Changes binding from ip:80 to *:80 and breaks older configs … FIX

    We have found some virtualmin installs will change the format of new virtualhosts from ip:80 to *:80 sometimes which breaks virtualhosts as the *:80 overrides the ip:80. This can result in websites showing another website content, and usually shows up right after you add a new domain in virtualmin.


  • Reboot-less Xen patching

    Recently there have been two sets of Xen vulnerabilities.  One being disclosed in September, the other earlier today.  Historically we have had to organize host updates which required downtime to reboot VMs. For these last sets of vulnerabilities we have been able to use a recently introduced live patching feature in Xen to mitigate the…


  • DKIM and subaddressing added to 25mail.st

    We have added a couple of features to the 25mail.st service. First, we now support DKIM email signing. This lets our email servers sign outgoing messages so that recipients can verify that the email was sent from an authorized server. You will need to add a DNS entry for each email domain wishing to have…


  • Whitelist your own computer in fail2ban

    Fail2ban is a great “dynamic” firewall for servers that is installed by default on many of our VPSs, and we can install it on your VPSs at your request. It protects against brute-force attacks, where an attacker is trying to guess a password or exploit certain classes of vulnerabilities on servers. One potential problem with…


  • Lets Encrypt with Virtualmin

    Virtualmin now supports Let Encrypt, this means you can easily get multiple SSL certificates easily and free if needed. Here is how you can set that up. Step 1: Login to your virtualmin, select the domain from the drop down in the top left. Step 2: Click ‘Edit Virtual Server’ , under the ‘Enabled Features’…


  • ClamAV: mpool_malloc and disk space

    ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. The most common use we see is to check emails for bad content. Some of our users have recently been seeing errors from “freshclam” processes that look like the below entry. These will occur quickly and will often cause…


  • Using Fail2ban on wordpress wp-login.php and xmlrpc.php

    A fair few customer of ours use wordpress and occasionally notice that there are people hammering on a few URLs This can cause high load, slow websites and a number of issues, espoecuially when you have more than a single IP hammering away at that. The solution is simple, and it involves using fail2ban. Here…


  • Using Ansible to manage your VPSs – Part Two

    In this post I’m going to introduce playbooks, and show you how to customise the /etc/resolv.conf file on each server.  I assume you have followed Part One of this series and have created a hosts file and files in ~/myansible/host_vars/. Tasks, playbooks, groups and roles A note on terminology.  A task is something done on…


  • Using Ansible to manage your VPSs – Part One

    Ansible is a system to automate the updating of server configurations and other administration tasks.  In this post I’ll explain what’s necessary to get started with Ansible, creating a configuration structure, telling Ansble about your hosts and running ad-hock commands on multiple hosts. Ansible is useful when you have 3 or more VPSs and need…