I recently had an issue with frequent login attempts against one of my services. These were almost all from countries that should not be accessing my service. To resolve the issue I implemented geo-blocking with TCP Wrappers. This is how I went about geo-blocking connections.
Author: Bill Thorsteinson
Shell Scriptlets
This post will be continually developed. I recently designed some solutions to solve some issues with init.d and setup scripts. These may be of use to others, and I will likely reuse them.
DNS for Email Servers
This article provides a quick overview of the DNS records required for an email server and presents a minimal sample configuration. The example assumes that you are running servers for both email and the web. Comments indicating the changes if you are using a third-party provider are provided.
Tuning Java Garbage Collection
I recently completed a garbage collection exercise on a variety of applications. In all, twenty WebLogic application clusters were tuned. A dozen of these are large busy application clusters. These provide a mix of Web Applications and Web Services. Tuning garbage collection is a matter of trade-offs. Large heaps take longer to garbage collect. Small… Continue reading Tuning Java Garbage Collection
Securing TLS
A StackExchange question on using HAProxy’s capture feature to pass data from TCP mode to HTTP mode prompted me to update my SSL configuration. This was intended to get an A+ rating from SSL Labs by sending non-SNI capable clients to a server with weaker ciphers. This was to enable clients on WinXP/IE8, Java 6,… Continue reading Securing TLS
WordPress Tuning
I’ve done a little tuning to my WordPress setup. To keep up to date, I’ve switched from the Ubuntu installation to a downloaded installation under /opt/wordpress. This is owned by my user and served by Apache running as www-data. Updates are done using the SFTP method.
Command Line Arguments in Python
When I need a new tool, I often code it in Python. Often, command-line options are useful. Sometimes it is possible to have a fixed set of parameters, but this is not very flexible. Fortunately, Python has standard libraries to handle parsing command lines. Three libraries provide varying capabilities. Some of the systems I run on have… Continue reading Command Line Arguments in Python
MX on a Dynamic IP Address
I often see posts asking about running a mail server on a Dynamic IP address. Twenty years ago I started running my server on a dynamic IP address. However, times have changed, and it is more difficult to do so. Stil, there are mail server roles that work reasonably well on a dynamic IP address.
Choosing Log Levels
There are many tools available that will allow a programmer to create log entries. I originally worked with log4j, but have recently been working with logback. I am also working with Jython and am looking at Python’s logging framework. Used well they can make log analysis simple and provide a rich tool for resolving issues.… Continue reading Choosing Log Levels
Tuning Linux CPU Performance
A recent kernel change broke my CPU performance tuning. I have an AMD processor that presents 4 cores to the kernel. The process in this article should work for Intel processors although the governors and CPU settings tree may be different. Different kernels may also have different settings. The current kernel allows setting the governor per… Continue reading Tuning Linux CPU Performance