Rickrolled by Google Search Console

So I noticed this new “Recrawl now” link that had suddenly appeared in Google Search Console (beta edition) and was immediately enticed. The result however was not what I had in mind. I can deal with being fooled on April Fool’s day, but getting Rickrolled in 2018… now that’s just pure evil. Anyhow, enjoy an animated gif of Google’s trolling below.

Search Console Rickroll

macOS Sierra review - Behind enemy lines

I’ve never owned a single Apple product but lately I’ve been wondering how good a real UNIX certified operating system might actually be. To get my feet wet, I decided to try out macOS Sierra in a VirtualBox session on a Linux host. I’m aware that much of the Apple experience is closely connected to the hardware, but personally I was more interested in the isolated OS experience.

Arch Linux boot halts on Reached target Multi-User System

Arch pushed out Gnome 3.28 today but unfortunately for me, my system failed to boot properly after the upgrade. The system simply locked up after the “Reached target Graphical Interface” stage. GDM (The GNOME Display Manager) was a prime suspect in my book, so the first order of business was booting into a lower runlevel to figure out what was going on.

Reached target Multi-User System

I’m using systemd-boot (because you can never have enough systemd…) so to enter the kernel command line, I simply hit the “e” key from the boot menu. Adding the kernel parameters systemd.unit=multi-user.target will boot the system into runlevel 3 (no display manager).

BlueOnyx 5209R – Issues with importing signed certificates

Importing signed certificates on BlueOnyx has always been somewhat of a challenge and it’s not well documented. The gist of it is that the certificate you want to import needs to consist of both the certificate and the corresponding private key, and it must have an extension that BlueOnyx understands (*.crt or *.cert works). Even so, my attempt to import a signed certificate from RapidSSL failed with a message stating that the imported certificate did not contain the correct private key.

Unexpected VPN bypass attempts on Arch Linux

So I was minding my own business while connected to my VPN service when I noticed several blocked outbound network connections appearing in my firewall log. For some reason my wifi adapter (wlp3s0) was trying to connect directly to the internet without having traffic routed through my VPN interface (tun0). Was this my reward for not reviewing AUR PKGBUILD files, or was there another explanation as to why wlp3s0 wanted to disclose my real IP address?

Slackware 15.0 will ship Plasma 5

There has been a long and tedious debate among slackers over whether the distribution should stick with KDE4 or move to Plasma 5. According to Slackware’s KDE maintainer Eric Hameleers, a decision has been made and Slackware 15.0 will ship Plasma 5.

Another significant WordPress brute-force attack in the works

So today I’ve experienced a more significant than usual attack against WordPress installations hosted on one of our company servers. So far I’ve blocked more than 17000 21000 unique IP addresses, but the attackers seem to have an endless supply and they’re not slowing down. Note: This article was updated on January 27, 2018.

How to enable HTTP/2 in Apache 2.4 on Gentoo Linux

I recently added support for the HTTP/2 protocol on this server and I am really pleased with the additional performance gains. This VPS was already running a functional LAMP stack, so the following steps describe the necessary configuration changes for my setup which relies on Apache with PHP-FPM.

Gentoo 17.0 profile upgrade is complete

This Scaleway hosted Gentoo x86_64 server (VC1S with 2 cores and 2GB of RAM) has finally completed the move to the new Gentoo 17.0 profile. Rebuilding my entire system consisting of 277 packages lasted 26 hours and went by without any issues. All packages were re-emerged with --jobs=1 to keep the system responsive during compilation, and to avoid exhausting available memory.

Gentoo 17.0 profile warning

Gentoo throwing a warning about the use of a deprecated profile.

Season's greetings from the Chaos Computer Club

So the 34. Chaos Communication Congress is currently in progress and the boys (and girls) attending were kind enough to send some thoughtful wishes to working sysadmins around the globe. The following entry appeared in my server log earlier today:

Gentoo - Protect your running PHP version from emerge depclean

Now that I’ve been running this blog on Gentoo Linux for a while, I’ve discovered a few new potential gotchas when failing to pay attention while interacting with Portage. The latest addition to my list was nearly removing my running PHP installation with emerge --depclean.

Wordfence warns against a massive brute-force attack campaign

On the 18th of December Wordfence posted the following entry describing an ongoing distributed brute force-attack campaign targeting WordPress installations. It was accompanied by a dramatic chart highlighting the number of attacks per hour. According to Wordfence, it was the most aggressive campaign they’ve seen so far. However, as a WordPress hosting provider I’ve found no data to support these claims.

I’ve not experienced any increase in dictionary attacks or other malicious traffic against WordPress installations on our web hosting platform. Curiously enough, this would mark the first time that we have completely dodged such a large scale attack.

Malicious bots sending siteru as the HTTP referer

I’ve received a few hundred requests originating from bots setting site.ru as their referrer. These attacks are scanning for compromised WordPress installations and PHP based shells and backdoors. The attacking IP’s belong to compromised hosts and websites from service providers around the world.

I bought a new domain name through Njalla

I wanted to register a new domain name and decided to go with the privacy-aware domain registration service from Njalla. Unlike other domain registration services, Njalla actually purchases the domain for themselves and acquires full legal ownership and responsibility for the domain name. Njalla however grants you full control over the domain as long as you abide by their terms and conditions.