Latest posts

On:
In: Amateur Radio
With: 1 Comment

So the clock battery in my IC-7300 failed. Yes, the rig has been switched off for longer periods of time. Well bad luck. I compared the RT clock circuits of the IC-7300, IC-9700, IC-7610 and IC-705 using the service manuals that can be found on-line. Interestingly, the circuits in all rigs except the IC-705 are identical. Actually the clock circuit in the IC-705 is just a little different. “I have a clock in my shack, don’t need one in my rig..” Well true, I also don’t need a logbook program, I like to write. I don’t need the dx cluster, I like to listen toRead More →

On:
In: Computer, Security
With: 0 Comments

So your site has a login page? Ever wondered how many “people” are knocking on your door? When I looked at the login attempts on my SSH front door, just shortly after new server deployment, I decided to change doors (ports..). SSH login attempts are in the logs and are fun to look at. But how about failed WordPress logins? First of all, they are not in the logs. But this can be fixed easily like this: —> create directory mu-plugins mkdir /var/www/<your site root>/wp-content/mu-plugins —> create file wp-fail2ban.php in this directory <?php function admin_login_failed_403() {     status_header( 403 ); } add_action( ‘wp_login_failed’, ‘admin_login_failed_403’Read More →

On:
In: Computer, Security
With: 0 Comments

I described the installation of multi-site WordPress here with nginx webserver and php-fpm processes both running as user www-data. According to WordPress, the webserver should have read access to all data and only the WordPress user should have write access. The concept of a WordPress user relates to hosted environments. So how to implement these requirements on your own VPS? First of all, php-fpm supports the concept of pools. Each pool can run with an unique user, separate from the webserver user. So each site should run in a separate pool. This results in the following accounts: webserver: www-data user (default for nginx on debian) site 1:Read More →

On:
In: Computer
With: 0 Comments

If you want to run single WordPress site, best to use a WordPress hosting offer. If you want to run 5 WordPress sites, it is often more economical to get a VPS and configure multi-site. But you will face much more install and admin work, especially if you avoid using tools like Plesk etc. On a fresh Debian 10 server install, I started with: apt update; apt upgrade —> set timezone timedatectl set-timezone Europe/Berlin —> verify status of timers systemctl list-timers —> install zip & unzip for Duplicator (WordPress plugin) apt install zip unzip Make sure to run: apt update apt list –upgradable regularly andRead More →