wkhtmltopdf on your appserver
Stefan Xenopol
1 month
Setup readonly rails console
Kim Klotz
10 months
HowTo Generate Nagios Config with puppet fast
Moritz Kraus
1 year
Security considerations in MIME-Type configuration
Kim Klotz
1 year
Nginx Proxy buffer tuning
Moritz Kraus
2 years
Desktop notification for failed systemd user services
Andreas Vöst
2 years
HowTo: Rebalance OpenSearch Shards
Andreas Vöst
4 years
Elasticsearch unassigned replica shards on single node instances
Claus-Theodor Riegg
7 years

Security considerations in MIME-Type configuration

Posted . Visible to the public.

When you are using the default MIME-Type configuration and your application allows uploading files, it can be a security issue.

Example:

A user uploads a file with HTML/JavaScript content using no file extension.

In the Apache default configuration if you access the file it will have no Content-Type. Some browsers will guess/autodetect it as HTML and now you are vulnerable to XSS.

To prevent this, you can set a default Content-Type (e.g. plain/text or application/octet-stream).

Related cards:

HowTo Generate Nagios Config with puppet fast

Creating Nagios Config with puppet

Let's have a look at the classic way of managing Nagios configuration with exported Puppet resources.
Here is [a good article about the topic](https://www.ericholzbach.net/blog/automating-nagios-with-puppet-a...

HowTo: Fix nginx not reloading with long gzip_types lines

When using many or very long entries of MIME-types that shoudl be gziped in gzip_types directives in nginx you might not be able to successfully reload the service and get this error message instead:

nginx: [emerg] could not build the tes...

Elasticsearch unassigned replica shards on single node instances

If you have a single node elasticsearch instance and indices with replicas enabled your cluster state will be yellow. If you have replica shards they should be moved to a different node for high availability purposes. With a single node this can't...

Build and install exim4-daemon-custom on Ubuntu 16.04

Unfortunately I couldn't find a complete and working documentation on how to do this. But this steps succeeded (at least once).

  1. Install build dependencies

    $ sudo apt-get install pbuilder devscripts dpatch grep-dctrl debhelper
```...

SSH: Fix host key verification error after makandra servers were upgraded to a new Ubuntu version

Important

If your railscomplete-deployment uses the net-ssh-gem please ensure you use version 5.2.0 or newer to ensure you can deploy via Capistrano.
It's best to use the latest version, as there were multiple issues between 5.2.0 and 7.3....

How to Protect container images with production tag from ECR lifecycle rules

If you want to automatically delete old container images from your Elastic Container Registry, the solution is a quite simple ECR Lifecycle Rule that deletes images e.g. 7 days after they have been pushed to the registry.

If you however want to _...

Resize an Areca Raid by swapping disks

If you want to expand your Areca Raid by swapping out the disks for larger ones you will need to do the following:

  1. Swap out all disks one by one and wait until the syncronisation is finished in between.

  2. Reboot your server and enter the Rai...

Useful PostgreSQL commands

on the bash (issued as postgres user)

Start/Stop/Restart PostgreSQL

pg_ctl -D $configdir start|stop|restart

Start/Stop/Restart the corresponding PostgreSQL using the given configuration directory. The configuration directory sh...

Fix Imagemagick CVE-2022-44268 in Ubuntu packages

A severe bug was found in ImageMagick by Bryan Gonzalez from Ocelot Team.
It allows to embed the content of an arbitrary remote file when ImageMagick parses PNG files.
We found lots of older vers...

Run multiple Redis servers on Ubuntu

This is a way to run multiple redis server on one ubuntu server.

These steps you have to do only once:

  • Adjust init script

Change some Variables.
From this:

DAEMON_ARGS=/etc/redis/redis.conf
NAM...
Kim Klotz
makandra.com
Say thanks1
Last edit
Kim Klotz
License
Source code in this card is licensed under the MIT License.
Privacy policy Terms of service Imprint
This website uses short-lived cookies to improve usability.
or learn more