Skip to content

Instantly share code, notes, and snippets.

View malikshi's full-sized avatar
🏠
Working from home

Malik Al malikshi

🏠
Working from home
View GitHub Profile
@jappy
jappy / dos2unix.sh
Created March 10, 2012 18:03
Shell script to convert files with CRLF to LF (Mac/Linux)
#! /bin/sh
for x
do
echo "Converting $x"
tr -d '\015' < "$x" > "tmp.$x"
mv "tmp.$x" "$x"
done
@earthgecko
earthgecko / bash.generate.random.alphanumeric.string.sh
Last active November 9, 2024 08:57
shell/bash generate random alphanumeric string
#!/bin/bash
# bash generate random alphanumeric string
#
# bash generate random 32 character alphanumeric string (upper and lowercase) and
NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
# bash generate random 32 character alphanumeric string (lowercase only)
cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 32 | head -n 1
@Mins
Mins / mysql_secure.sh
Last active May 31, 2024 14:19
Automating mysql_secure_installation
#!/bin/bash
aptitude -y install expect
// Not required in actual script
MYSQL_ROOT_PASSWORD=abcd1234
SECURE_MYSQL=$(expect -c "
set timeout 10
@thoward
thoward / iptables-udp-flood.txt
Created August 8, 2013 00:04
Prevent UDP flood
# Outbound UDP Flood protection in a user defined chain.
iptables -N udp-flood
iptables -A OUTPUT -p udp -j udp-flood
iptables -A udp-flood -p udp -m limit --limit 50/s -j RETURN
iptables -A udp-flood -j LOG --log-level 4 --log-prefix 'UDP-flood attempt: '
iptables -A udp-flood -j DROP
@denji
denji / nginx-tuning.md
Last active November 5, 2024 10:10
NGINX tuning for best performance

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

@alonisser
alonisser / iptables-persistent no input
Last active October 10, 2024 07:21
Installing iptables-persistent on ubuntu without manual input
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
sudo apt-get -y install iptables-persistent
@Manouchehri
Manouchehri / cloudflare.sh
Last active November 17, 2024 15:09
Allow CloudFlare only
# Source:
# https://www.cloudflare.com/ips
# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-
for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
# Avoid racking up billing/attacks
# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable.
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP
@bmaupin
bmaupin / build-openssl.sh
Last active December 11, 2023 20:24
Build openssl (with SSLv2/3 support for security testing)
#!/bin/bash
# Cache sudo password
sudo -v
# Get latest OpenSSL 1.0.2 version from https://openssl.org/source/
# v1.1.0 seems to have removed SSLv2/3 support
openssl_version=1.0.2k
# Install build dependencies
stream {
log_format basic '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time';
access_log /var/log/nginx/access.log basic;
error_log /var/log/nginx/error.log debug;
include /etc/nginx/stream.conf.d/*.conf;
@lukecav
lukecav / DNS Prefetch domains
Last active October 9, 2024 00:30
WP Rocket - Advanced Options Prefetch DNS requests examples
//maps.googleapis.com
//maps.gstatic.com
//fonts.googleapis.com
//fonts.gstatic.com
//ajax.googleapis.com
//apis.google.com
//google-analytics.com
//www.google-analytics.com
//ssl.google-analytics.com
//youtube.com