Author Archives: Liz Quilty

Exploits on Webmin 1.8xx and earlier

Developers have just announced the release of Webmin 1.930. This includes some important security fixes. If you have an older Webmin version please update urgently to insure your server remains secure. In particular they described an exploit that is fairly … Continue reading

Posted in Security | Tagged , , , | Leave a comment

LCA2019 round up

Every year the staff at Rimu look forward to the latest Linux.conf.au conference. Some of us go in person, some watch online, but we all love it, and love to catch up with whats going on. This year it was … Continue reading

Posted in Rimuhosting | Tagged , , , | Comments Off on LCA2019 round up

Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue

Are you seeing this message about your server ? Action may be required to prevent your Let's Encrypt certificate renewalsfrom breaking.If you already received a similar e-mail, this one contains updatedinformation.Your Let's Encrypt client used ACME TLS-SNI-01 domain validation to issuea certificate in … Continue reading

Posted in Rimuhosting | Tagged , , | Comments Off on Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue

Certbot/Letsencrypt with Apache and Tomcat using proxypass

LetsEncrypt/Certbot is a wonderful cheap way to have an SSL cert to secure things. It works out of the box and no issues for the most part until you have things like proxy pass or other things. The fix is … Continue reading

Posted in Rimuhosting | Tagged , , | Comments Off on Certbot/Letsencrypt with Apache and Tomcat using proxypass

Drupal Exploits – script to detect versions

We are currently seeing a high volume of Drupal exploits running a lot of arbitrary code, including crypto mining, attacking other servers and similar due to this exploit  https://www.drupal.org/sa-core-2018-002   If you want to find out if you have any vulnerable … Continue reading

Posted in Rimuhosting | Tagged , , , | Comments Off on Drupal Exploits – script to detect versions

Virtualmin Changes binding from ip:80 to *:80 and breaks older configs … FIX

We have found some virtualmin installs will change the format of new virtualhosts from ip:80 to *:80 sometimes which breaks virtualhosts as the *:80 overrides the ip:80. This can result in websites showing another website content, and usually shows up … Continue reading

Posted in Rimuhosting | Tagged , , | Comments Off on Virtualmin Changes binding from ip:80 to *:80 and breaks older configs … FIX

Lets Encrypt with Virtualmin

Virtualmin now supports Let Encrypt, this means you can easily get multiple SSL certificates easily and free if needed. Here is how you can set that up. Step 1: Login to your virtualmin, select the domain from the drop down … Continue reading

Posted in HOWTO | Tagged , , , , | Comments Off on Lets Encrypt with Virtualmin

Using Fail2ban on wordpress wp-login.php and xmlrpc.php

A fair few customer of ours use wordpress and occasionally notice that there are people hammering on a few URLs This can cause high load, slow websites and a number of issues, espoecuially when you have more than a single … Continue reading

Posted in Rimuhosting, Security | Tagged , , | Comments Off on Using Fail2ban on wordpress wp-login.php and xmlrpc.php

How to get an A pass SSL rating for your SSL website

Everyone wants security, and its ideal that your SSL certificates are also secure. With this in mind, websites like SSLLabs have a testing tool that is used to grade the SSL certificate installed on your server. Often people get a … Continue reading

Posted in Security | Tagged , , , | Comments Off on How to get an A pass SSL rating for your SSL website

Restoring an Exploited WordPress files

I previously had a 10 step process to replace all the files in a wordpress, this got rid of most file based exploits. Since then i have written a shell script that pretty much incorperates that wget http://blog.rimuhosting.com/files/restorewordpress.sh chmod +x … Continue reading

Posted in Featured, HOWTO | Tagged , , , , | 1 Comment