pfSense - How to add a MX record to a local zone

My plan was to have a Zimbra e-mail server running in VirtualBox using the internal networking model with a local domain. To make this work, I have a virtual pfSense box running on the same internal network to provide “outside” access. Additionally, pfSense is also running a DNS resolver so I figured it would be a trivial matter to add the local records I needed.

The WordPress Attachment Page redirect loop

Looking through my server logs I noticed how Baidu’s web spider was causing an unexpected redirect loop while trying to index an image attachment page. Since I deliberately redirect all attachment page requests to the actual post owning the attachment, I decided to take a closer look. The following request triggered the loop:

WordPress errors on Apache 2.4.26 with PHP-FPM

I was recently surprised to discover that I could no longer manage my posts (invalid post type) or modify any of my installed plugins (sorry, you are not allowed to access this page). I’ve been exposed to these kind of problems before, both through database corruption and by my own hand so to speak. However, this time around everything checked out so I enabled debugging to track down the error.

How to purge all banned IP's from fail2ban 0.9.x

Microsoft bingbot is a repeat offender on my RPi and as a consequence it’s subjected to extended periods of jail time. However, being a good netizen I like to provide an even playing field for all web crawlers. With that in mind, what would be the easiest way of purging all IP addresses from fail2ban?

Let's Encrypt goes TITSUP

Let’s Encrypt suffered from a major service disruption today leaving users unable to access various services. The cause of the problem seems to have been an update to Boulder (ACME CA) which has since been reversed.

Important security research from the RWTH Aachen University

I regularly spend time investigating my server logs and occasionally come across a few special snowflakes. My onion (Tor) server hosted with a popular cloud provider was recently visited by a research scanner. The scanner initially greeted the server with a few standard GET requests:

DocumentRoot and Private Keys

In the last few days I’ve noticed a few unusual GET requests for supposedly exposed SSH private keys. All requests are following the same pattern:

HPKP has been deployed

It’s live, prepare to self-destruct in 3..2..1..

HTTP Public Key Pinning (HPKP)

A new HTTP header that allows web host operators to instruct user agents to remember (“pin”) the hosts’ cryptographic identities over a period of time. During that time, user agents (UAs) will require that the host presents a certificate chain including at least one Subject Public Key Info structure whose fingerprint matches one of the pinned fingerprints for that host. Source: RFC 7469

Two years of self-hosting WordPress on the Raspberry Pi

This website recently celebrated its second year of Raspberry Pi based hosting. It’s currently running on a RPi3 with Slackware ARM 14.2 (32-bit soft float). Somewhat to my surprise, the second year went by without a single glitch.

Gentoo makes Perl upgrades easy

Perl upgrades on Gentoo Linux have been laborious for me in the past, but with Perl 5.24 that was no longer the case. I’ve previously managed Perl upgrades by using the oneshot option and manually resolving any remaining conflicts afterwards. With this upgrade though, it looked to be close enough so I decided to try with the backtrack option as suggested from the following output.

Perl slot conflict on Gentoo Linux

Portage reporting a slot conflict with the Perl upgrade (no hard blocks).

Windows 10 Creators Update - Error 0xc1900200

My plan to install the latest Windows 10 Creators Update fell short during the weekend due to an error identified as 0xc1900200. I was using the “Windows 10 Update Assistant” to perform the upgrade, and the assistant did initially confirm that my system was ready for the upgrade.

The anonymizeme.pro scam

Referrers from a domain called anonymizeme.pro have been filling up my logs lately. I initially believed it was visitors using an anonymizing service, but alas, it’s yet another referrer scam.

Jorgee goes on a rampage

In a time-frame of just 10 seconds I got 1200 requests from the Jorgee vulnerability scanner, originating from 15 unique IP addresses. As usual it was just a blind attack probing a /24 subnet.

Gentoo Linux review - Romancing the penguin

When you’ve been running GNU/Linux distributions for an adequate number of years, I do believe you’ll eventually find yourself walking the path to Mount Gentoo in hope of joining the ancient Greybeards. Many have met their demise on the road ahead, but armed with the Gentoo handbook we’re confident that it’s within our reach.

Performing a Slackware release upgrade with slackpkg

My office workstation recently went trough a Slackware release upgrade by following the excellent systemupgrade article from the Slackware Documentation Project. Personally I experienced a few snags along the way so I’ll add a few notes for future reference.