eksiscloud’s gists

eksiscloud / example.tld.conf

Created December 22, 2019 23:17

Apache2 virtual conf: behind Varnish, PHP-FPM, redirects needed by Wordpress (category in url), WP Rocket and EWWW

	<VirtualHost 127.0.0.1:81>

	ServerAdmin <email>
	ServerName example.tld
	ServerAlias www.example.tld
	DocumentRoot /var/www/html

	LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{User-agent}i\"" varnishcombined
	CustomLog ${APACHE_LOG_DIR}/access.log varnishcombined

eksiscloud / S3GlacierVault

Created January 14, 2020 17:25

How to delete AWS S3 Glacier vault

	1. aws glacier initiate-job --job-parameters '{"Type": "inventory-retrieval"}' --vault-name YOUR_VAULT_NAME --account-id YOUR_ACCOUNT_ID --region YOUR_REGION

	2. aws glacier list-jobs --vault-name YOUR_VAULT_NAME --region YOUR_REGION --account-id YOUR_ACCOUNT_ID
	try again and again until you get "Completed": true, and "StatusCode": "Succeeded"
	it can take several hours or days

	3. aws glacier get-job-output --job-id YOUR_JOB_ID --vault-name YOUR_VAULT_NAME --region YOUR_REGION --account-id YOUR_ACCOUNT_ID ./output.json
	copy job_id from the output of the second step

	4. nano glacier.php

eksiscloud / matomo.conf

Created January 27, 2020 16:18

Basic virtual host for Matomo in Apache2

	<VirtualHost *:80>
	ServerAdmin webmaster@localhost
	ServerName analytics.example.com
	DocumentRoot /var/www/matomo/

	<Directory /var/www/matomo>
	DirectoryIndex index.php
	Options FollowSymLinks
	AllowOverride All
	Require all granted

eksiscloud / matomo.ssl.conf

Created January 27, 2020 16:31

A Live example of Matomo nginx virtua host in stack Nginx/Varnish/Apache2

	server {
	listen 46.101.98.116:443 ssl http2;
	server_name stats.eksis.eu;

	access_log /var/log/nginx/access.matomo.log;
	error_log /var/log/nginx/error.matomo.log;

	location / {
	proxy_pass http://127.0.0.1:8080;
	proxy_set_header X-Real-IP $remote_addr;

eksiscloud / matomo.conf

Created January 27, 2020 17:22

Basic virtual host for Matomo in Nginx

	server {
	listen [::]:80; # remove this if you don't want Matomo to be reachable from IPv6
	listen 80;
	server_name analytics.example.com;

	access_log /var/log/nginx/matomo.access.log;
	error_log /var/log/nginx/matomo.error.log;

	root /var/www/matomo/;

eksiscloud / example.com.conf

Created February 6, 2020 12:34

Tighter Wordpress at Nginx and with Fail2ban

	## in the server block
	#
	# note: if you have posts with title matching these, turn them off or fine-tune
	# them to exclude those

	## Block SQL injections
	location ~* union.select.\( {
	access_log /var/log/nginx/blocked.log blocked;
	deny all;
	}

eksiscloud / blockbots.conf

Last active November 9, 2020 20:36

Nginx: another bad bot banning list

eksiscloud / robots.txt

Last active April 7, 2020 17:01

Another robots.txt for good bots, spiders and crawlers

eksiscloud / nginx

Created April 22, 2020 16:41

Monit: Nginx

	check process nginx with pidfile /var/run/nginx.pid
	group www
	group nginx
	start program = "/etc/init.d/nginx start"
	stop program = "/etc/init.d/nginx stop"
	# if failed port 80 protocol http request "/" then restart ; I'm redirecting to 443 in Nginx, so no need to monitor
	if 5 restarts with 5 cycles then timeout
	depend nginx_bin
	depend nginx_rc

eksiscloud / varnish

Created April 22, 2020 16:46

Monit: Varnish

	# Varnish
	check program varnishpanic with path "/bin/varnishadm panic.show"
	if status != 1 then alert

	check process varnish with pidfile /var/run/varnish.pid
	#start program = "/etc/init.d/varnish start" with timeout 30 seconds
	#stop program = "/etc/init.d/varnish stop"
	start program = "/usr/bin/systemctl start varnish" with timeout 30 seconds
	stop program = "/usr/bin/systemctl stop varnish"
	if failed host 127.0.0.1 port 81 protocol http

Jakke Lehtonen eksiscloud