Creative Productions, Arrangements and Operations • Art, Technology and Amusements. Software Engineer and certified FileMaker Pro developer and full-stack web developer by day, https//www.kupietz.com
If the web server is slow, detect a SYN flood by netstat -ant | grep :443 | grep SYN_RECV to show the IP addresses leaving it hanging. Hint: If you're behind a reverse proxy, and that shows IP addresses that aren't the proxy's, then your IP is being hit directly. To find out how many IPs are hanging, do netstat -ant | grep :443 | grep SYN_RECV | wc -l. If you do it a few times and the number is increasing, you may be under attack. If it's over 100, that's suspicious, but manageable and the server can usually handle it, especially if you have SYN cookies activated. If it's over 1000, you're under attack.
SSHing into a local MacOS machine at address "macbook.local", I suddenly got this:
[code]@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ED25519 key sent by the remote host is SHA256:oKCEu3pDdq7xBhSPZwOzR2q0eWTvfphtvn3D4Bjz8v4. Please contact your system administrator. Add correct host key in /Users/username/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /Users/username/.ssh/known_hosts:147 Host key for macbook.local has changed and you have requested strict checking. Host key verification failed.[/code]
The solution was to run ssh-keygen -R macbook.local then try the ssh again. Then it asked me whether or not to accept the key, instead of rejecting it:
[code]$ ssh username@macbook.local The authenticity of host 'macbook.local (fe80::1890:fd32:c304:69cd%en0)' can't be established. ED25519 key fingerprint is SHA256:oKCEu3pDdq7xBhSPZwOzR2q0eWTvfphtvn3D4Bjz8v4.…
To make a complete local backup of a remote WordPress install over SSH, you need to perform two distinct steps:
Download the files (using rsync).
Export and download the database (using mysqldump piped through ssh).
Here is the step-by-step guide.
Prerequisites
SSH Access: You need the username, host (IP or domain), and password (or SSH key) for the remote server.
WordPress Path: You need to know where WordPress is installed (e.g., /var/www/html or /home/user/public_html).
Database Credentials: You will need the database name, user, and password. (I will show you how to find these below).
Step 1: Find Database Credentials (Optional)
If you don't know your database login details, run this command to read them from your remote wp-config.php file: ssh user@remote-server.com "cat /path/to/wordpress/wp-config.php" | grep 'DB_'
Note the DB_NAME, DB_USER, and DB_PASSWORD for Step 2.
There are intentionally vague broad steps, here just as a reminder to myself; best to look specific instructions for each of these steps up at restore time for the particular system you're restoring to.
A.) Backups should include all user data. Depending on who you ask, that's either: 1.) The entire filesystem except /dev/*, /proc/*, /sys/*, /tmp/*, /run/*, /mnt/*, /media/*, /lost+found (which can be pulled from a complete filesystem backup with rsync -avhP --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} /mnt/olddrive/ /mnt/netdrive/) 2.)/home, /etc (except /etc/passwd and /etc/groups, these have useful information to back up but may conflict if written to a new install), /usr/local, /opt, /root, /var (exluding /var/tmp, /var/run/, /var/lock, or /var/spool except you DO want /var/spool/cron/crontabs/)
B.) After copying all the above to the new or restored disk, you need to update /etc/fstab with the new disk UUIDs.
Per numerous references around the web, to delete /path/to/directory-to-delete/:
cd /path/to/ mkdir empty_dir rsync -a --delete empty_dir/ directory-to-delete/ rm -r empty_dir rm -r directory-to-delete
Disclaimer: this is for my own reference, not recommended for your use. Use it at your own risk. If I am wrong—and I may be—these commands can do tremendous damage to your system.
For confused first-time visitors and other people still acclimating, here is a description of these little tabs to the left, as well as some other features of the site.
Open "Expert Mode" CLI Navigation - this give you the option to switch your browser's display to an old-fashioned terminal mode where you may browse this site, view pages and images by typing text commands. Just like how we used to browse the web back in 1978!
Open Visual Settings - This gives you controls to customize the visual display of this website to your liking: turn up or down the brightness, contrast, color temperature, hue, saturation, dark mode, and earthquake. Settings are saved per browser tab, so they will be remembered for your whole visit.
Open My Eyes - Have you ever been engrossed in your work, when you suddenly realize someone is staring at your screen, watching everything you do over your shoulder? If not, this simulates the experience.
Open Help - This help popup, silly! You just clicked it! Do you not remember?
New - Draggable elements! Several elements on this website, including these tabs, this popup message, and the "Hire Mike" badge in the lower right, can be dragged around with your mouse, to avoid them blocking content. Positions are remembered per tab, so as you navigate around the site, they will stay in the same place for your whole visit.
Enjoy!
CLI Website Navigation
Are you sure you want to switch to viewing this website in the "expert mode" command-line interface?
This will switch to a terminal emulator, load this page, and allow you to browse this website and view its contents by typing text commands.
Plus there might be, y'know, some fun stuff hidden in there. Just for geeks.
