Fail2ban apache-noscript jail violation rules?

Which actions specifically are considered as violating apache noscript fail2ban module? I see that it correctly banned the ip that was looking for strange urls like “/admin” “/login” etc, but also blocked my ip and I checked the log for my ip and I didn’t see any suspicious actions. So in one case it worked good in another it didn’t.

Btw one of this line was considered as apache noscript violation. Why?

myip - - [05/Sep/2020:12:55:52 +0000] "GET /css/theme/jquery-ui.custom.css HTTP/1.1" 
myip - - [05/Sep/2020:12:55:52 +0000] "GET /img/icons/manifest.json HTTP/1.1" 
myip - - [05/Sep/2020:12:55:52 +0000] "GET /css/some.css HTTP/1.1" 
myip - - [05/Sep/2020:12:55:52 +0000] "GET /css/bootstrap.min.css HTTP/1.1" 
myip - - [05/Sep/2020:12:55:52 +0000] "GET /ww.js.map HTTP/1.1" 
myip - - [05/Sep/2020:12:55:52 +0000] "GET /ww.js.map HTTP/1.1" 

Btw, why are not attached the log files in the mail report? I edited in the fail2ban configuration the log to /access.log from /*access.log so hopefully it will help with this.

Go to Source
Author: luky

js files occasionally failing to load

We have a newly configured php7 16cpu 32gb RAM Linux server.
Plenty of power for what we need.

We have a basic form on a page that requires a login.

However, sometimes when a user lands on the page, the js files fail to load which in turn prevents them from logging in.

This doesn’t happen every time, but often enough to where we cannot use the newly configured server.

KeepAlive is enabled, as seen by this curl command:

Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

I have attached an image of what we’re seeing.

Could this have anything to do with server/Apache configuration, as we notice the js files always fail at the 10 second mark.

Btw,

enter image description here

Go to Source
Author: mcs

Two apache servers on same machine with same port

I have a self hosted apache website with php and mysql on my Raspberry Pi. Now I need to make another one for my new domain but I have no other computer to run the server on. Is there a way for me to run the server on the same machine, with the same port? If not, how may I alter the port so there is no need for me to type example.com:portnumber. I need it to be example.com.

Go to Source
Author: James B. Reese

Old LetsEncrypt SSL certificate still being served by EC2 instance

I’m working on renewing the SSL certificate for my websites. They are all running on the same EC2 instance with the same Apache server. Two of my domains recently expired so I also tried to remove them from the certificate.

I think I renewed the certificate correctly because when I run the following, it appears to suggest the certificate is up-to-date:

$ /usr/local/bin/certbot-auto certonly --webroot -w /var/www/html -d apptic.me -d www.apptic.me -d athenaforyou.com -d www.athenaforyou.com -d cloudlease.me -d www.cloudlease.me -d foleyrounds.com -d www.foleyrounds.com -d ugba198.com -d www.ugba198.com -d wildcattribune.com -d www.wildcattribune.com
Requesting to rerun /usr/local/bin/certbot-auto with root privileges...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/apptic.me.conf)

What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal; no action taken.

Then I restart Apache with sudo systemctl restart httpd, which produces no output.

But when I navigate to my website at www.apptic.me, I see there is still an SSL error saying the certificate is expired. What could be happening?

I’m running Apache 2.4:

$ yum info httpd
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
236 packages excluded due to repository priority protections
Installed Packages
Name        : httpd
Arch        : x86_64
Version     : 2.4.43
Release     : 1.amzn2
Size        : 4.0 M
Repo        : installed
From repo   : amzn2-core
Summary     : Apache HTTP Server
URL         : https://httpd.apache.org/
License     : ASL 2.0
Description : The Apache HTTP Server is a powerful, efficient, and extensible
            : web server.

Go to Source
Author: Neel