Cloudflare – Security Best Practices

Citadelo have published this excellent post on how to optimize security when using Cloudflare to “protect” a domain.

Some very good points re: OSINT mitigation are outlined. A good read!


Fail2Ban 0.8.x and OpenVPN 2.4.x – correctly detecting OpenVPN brute force attempts in FreePBX 14

Issue:
On an install of FreePBX 14 with responsive firewall and OpenVPN server enabled there is no mitigation against brute force attacks against the OpenVPN server. /var/log/messages is getting spammed with failed handshakes:

Feb 3 16:17:19 voipserver234 openvpn: Sun Feb 3 16:17:19 2019 103.37.x.x:49060 TLS: Initial packet from [AF_INET]103.37.x.x:49060, sid=6a22eb44 5adb63fe
Feb 3 16:17:19 voipserver234 openvpn: Sun……


Installing yourls on Ubuntu 18.04 with MariaDB 10.1.x Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1071 Specified key was too long; max key length is 767 bytes

Issue:
When installing yourls and clicking the INSTALL button under /admin/install.php you get a server Error 500 and the following error shows up in the log:

2018/12/08 21:22:10 [error] 21768#21768: *2 FastCGI sent in stderr: “PHP message: PHP Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1071 Specified……


Cursor issues in ssh sessions to Linux hosts from Windows Subsystem for Linux (WSL) on on Windows 10

Issue:
Using Windows Subsystem for Linux (WSL) on on Windows 10
to establish an ssh session to a Linux host the cursor is acting strangely. You may be in vi or nano editing some file and your backspace suddenly makes the cursor jump or space bar acts like it is in edit……


CentOS 7 fix for “perl: warning: Please check that your locale settings are supported and installed on your system.”

Issue:
Logging in via SSH you are greeted with:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_CTYPE = “en_US.UTF-8”,
LANG = “C.UTF-8”
are supported and installed on your system.
perl: warning: Falling back to the standard locale (“C”).

Solution:

Edit /etc/environment and add the following. Replace……


Public NTP Servers

time1.google.com 216.239.35.0 time.apple.com 17.253.82.253 time.nist.gov 129.6.15.29