All posts tagged apache

Why a non-web server has Apache and OpenSSL on port 2381

I was doing some scanning with a new vulnerability scanner at work and I found something listening on a lot of servers, described only as Apache and OpenSSL listening on port 2381. The versions varied. Luckily I had another scanner at my disposal that solved the mystery quickly: It’s the HP System Management Homepage, a […]

Stand up for net neutrality

Neocities has decided to do something about Net Neutrality–shunt the FCC into the slow lane, and post the code for doing it so the rest of us who run web sites can do it too. The original was written for Nginx; I need to give serious thought to implementing the Apache version. Net neutrality has […]

Some security short-takes I never got around to posting

Here’s some stuff I’ve found in recent weeks that I never got around to posting, so I’ll just round it all up briefly.

How long does a hard drive last?

And speaking of hard drives, I found this study on hard drive longevity last week. I take issue with the opening paragraph but the rest of the article is very good. The opening paragraph is a bit deceptive—hard drives were anything but common 30 years ago. Even 25 years ago, they were a serious status […]

Libre Office and Open Office both grow up a bit–together

Both Libre Office and Open Office released new versions this week, and the changelog indicates a good amount of shared code between the two, at least in this go-round. The animosity between the two—Libre Office is a fork of Open Office, dating to before the time Oracle spun the project off to Apache—may thus be […]

Burn-in explained

I’ve worked several different shops now that seem to have a misconception about burn-in. So I’m going to explain it. I think there’s a misconception that if you let a computer run with a light load for a while, it somehow gets stronger, and ready to handle a big workday load. I’m 5’9″ and weigh […]

Linux admins beware, there’s a web server exploit in the wild

No OS is 100% secure if there’s enough desire to get in. There’s a web server exploit targeting Apache, Nginx, and Lighttpd running on Linux–a first of its kind, in at least one regard. Ars Technica has the details, including where to get a script to check to see if your server is infected. According […]

Here’s a nice Linux tool: checkrestart

Tom Gatermann told me about a nice tool for Debian (and presumably Ubuntu) called checkrestart. Sometimes, even though you did an apt-get update and apt-get upgrade to bring your system up to date, you can still be running the out-of-date version of something. That’s the problem checkrestart helps you solve.

Another easy Apache tweak

I ran my site through Google Page Speed on Tuesday, and scored a surprising 88 out of 100–higher than I expected. Getting above 90 is going to take some optimizations on files that WordPress updates may change, so I’m hesitant to do that, but one thing it told me to do was to cache more […]

Use Apachebench to test your webserver optimizations

If your web server is slow and you want to fix it, it’s nice to be able to quantify what you got. Enter Apachebench, which is part of Apache and probably already on your server.