-
Jailkit chroots with SFTP and interactive SSH logins
Linux has privileged users and non-privileged users. Privileged users (like root) have a user id less than 1000 and typically have super abilities like being able to listen on low number ports (like the port 80 and 443 for web servers). Privilege separation is a good thing. It is recommended when running websites that the…
-
Wireguard VPN setup
Wireguard is a modern, easy to setup, VPN. It has clients for Windows, Mac, Linux, iPhone, Android, and other OSes. In this post we are following the guide at https://serversideup.net/how-to-set-up-wireguard-vpn-server-on-ubuntu-20-04/ First, Order a VM. This will be the ‘server’ for the VPN. You don’t need a lot of memory or disk to run a VPN…
-
32 to 64 bit distro crossgrades for Debian and Ubuntu
The demise of 32 bit distros is nigh! Some distros are dropping or reducing support for 32 bit versions. e.g. only providing 64 bit ISO downloads. Some software makers are no longer putting out 32 bit versions of their software. e.g. Since version 9 Oracle have only released a 64 bit version of Java. In…
-
Modernizing your ancient server distro
RimuHosting has now been providing VM servers for over 15 years. Back in the day the state of the art distros we setup for customers included 32-bit Debian 3- and Ubuntu 6-based servers. Things have moved on. By default all new orders are setup with 64-bit distros. And Debian is up to version 9, while…
-
Letsencrypt with Zonomi and Rimuhosting name servers using hooks
SSL is good, you should use it everywhere! Letsencrypt it is a project that allows you to obtain signed certificates for free (you should consider donating though) to secure your website. Big efforts have been done to make this accessible to anyone. In order to issue SSL certificates Certificate Authorities will check that you can control…
-
Whitelist your own computer in fail2ban
Fail2ban is a great “dynamic” firewall for servers that is installed by default on many of our VPSs, and we can install it on your VPSs at your request. It protects against brute-force attacks, where an attacker is trying to guess a password or exploit certain classes of vulnerabilities on servers. One potential problem with…
-
Lets Encrypt with Virtualmin
Virtualmin now supports Let Encrypt, this means you can easily get multiple SSL certificates easily and free if needed. Here is how you can set that up. Step 1: Login to your virtualmin, select the domain from the drop down in the top left. Step 2: Click ‘Edit Virtual Server’ , under the ‘Enabled Features’…
-
Using Ansible to manage your VPSs – Part One
Ansible is a system to automate the updating of server configurations and other administration tasks. In this post I’ll explain what’s necessary to get started with Ansible, creating a configuration structure, telling Ansble about your hosts and running ad-hock commands on multiple hosts. Ansible is useful when you have 3 or more VPSs and need…
-
LXD containers now available for Ubuntu
The latest Ubuntu LTS release, Xenial 16.04 , comes with support for a container system called LXD. LXD builds on the existing LXC container system, allowing for more convenient management of those containers. In this post I show how you can test out LXD containers on a Rimu VPS running Ubuntu 16.04. I assume you…
-
Monitor sites for exploits
We dislike dealing with exploited websites. A common cause is “the long forgotten outdated install from a web developer who left years ago. hoping works forever”. Public facing services need to be kept updated in order to remain secure, so script-kiddies can’t use your server for abuse, like selling dodgy medicinal products. One would always…