dunderrrrrr

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

Installing

$ sudo apt install fail2ban
$ sudo systemctl start fail2ban
$ sudo systemctl enable fail2ban

dunderrrrrr

SSMTP is a program which delivers email from a local computer to a configured mailhost (mailhub). It is not a mail server (like feature-rich mail server sendmail) and does not receive mail, expand aliases or manage a queue. One of its primary uses is for forwarding automated email (like system alerts) off your machine and to an external email address.

Install sSMTP

$ sudo apt install ssmtp

Configure sSMTP

Configuration can be found in nano /etc/ssmtp/ssmtp.conf. Add the following lines for Gmail.

dunderrrrrr

Receive a notification every time a SSH-authentication is successful.

First, install ssmtp.

Create the notify-script.

ssh-notify.sh

#!/bin/sh

dunderrrrrr

SSH, the secure shell, is often used to access remote Linux systems. Because we often use it to connect with computers containing important data, it's recommended to add another security layer. Here comes the two factor authentication (2FA).

Multi-factor authentication is a method of confirming your identity using at least two different ways of authentication. The most common and easiest to implement example of two-factor authentication uses a combination of passphrase (a complex password, often made of several words) and one-time-passcode generated by a special mobile app.

Install Google Authenticator PAM module

$ sudo apt install libpam-google-authenticator

Configuring SSH

dunderrrrrr

The Z shell (Zsh) is a Unix shell that can be used as an interactive login shell and as a command interpreter for shell scripting. Zsh is an extended Bourne shell with many improvements, including some features of Bash, ksh, and tcsh.

ohmyzsh is a delightful community-driven (with nearly 1,500 contributors) framework for managing your zsh configuration.

Installing

Install zsh

$ sudo apt-get install zsh curl git

dunderrrrrr

Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels. All containers are run by a single operating-system kernel and are thus more lightweight than virtual machines.

Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration. To learn more about all the features of Compose, see the list of features.

Install docker-compose

APT

$ sudo apt install docker-compose

dunderrrrrr

A reverse proxy is an intermediary proxy service which takes a client request, passes it on to one or more servers, and subsequently delivers the server’s response to the client.

Install Nginx

$ sudo apt install nginx

Set up reverse proxy

Let's say you have a service (like a docker container) on port 5000. You want to forward this to domain.com, http.
Then, we need to create a file within the /etc/nginx/sites-available directory that contains the reverse proxy information.

dunderrrrrr

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin. A web application executes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, or port) from its own.

Example

Let's say you need to add the following CORS headers.

Access-Control-Allow-Origin: https://example.com
Access-Control-Allow-Methods: GET, POST, PATCH, OPTIONS
Access-Control-Allow-Headers: Content-Type

dunderrrrrr

Installing

Download and install Citrix Receiver from citrix.com.

$ sudo dpkg -i icaclient_13.10.0.20_amd64.deb

SSL error

dunderrrrrr

In Python, a nested dictionary is a dictionary inside a dictionary. It's a collection of dictionaries into one single dictionary. More reading here.

Sometimes you need to build nested dicts. This can be frustrating to get right. Here's an example.

...
if r.status_code == 200:
    result = r.json()
    c = 0
    data = {'repos': {}}