Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
anthonypants
May 6, 2007

by Nyc_Tattoo
Dinosaur Gum

Ur Getting Fatter posted:

No, it's the only rule for that IP (plus it happens with any IP).

I think it's most likely that like someone else mentioned, iptables is not processing fail2ban chains.

Any ideas on how to trouble shoot that?
Dunno what it is in firewalld but iptables would be iptables -I INPUT -p tcp --dport ssh -j f2b-sshd

Adbot
ADBOT LOVES YOU

Powered Descent
Jul 13, 2008

We haven't had that spirit here since 1969.

Ur Getting Fatter posted:

Any ideas on how to trouble shoot that?

Can you just give us the output of "iptables -L" or "iptables -S"? (Feel free to obscure any IPs you'd rather not disclose, of course.)

Usually fail2ban adds a line like "-p tcp -m multiport --dports 22 -j fail2ban-ssh" to the start of the INPUT chain, but it sounds like that may have somehow not happened.

e: Pasted the wrong line. Fixed.

e2: Yeah, what anthonypants said.

iptables isn't anywhere near as cryptic as most people think. Ten minutes with this page is enough to teach you how to read and write basic rules: https://wiki.centos.org/HowTos/Network/IPTables

Powered Descent fucked around with this message at 03:35 on Nov 22, 2016

evol262
Nov 30, 2010
#!/usr/bin/perl
Can you post iptables -L? Or try adding a jump to f2b on INPUT?

Viktor
Nov 12, 2005

HPL posted:

Kind of a dumb question, but is there a Linux equivalent to Microsoft's RDWeb?

Try out noVNC https://github.com/kanaka/noVNC

apropos man
Sep 5, 2016

You get a hundred and forty one thousand years and you're out in eight!
So, after a 1 week delay due to an OS X multi boot problem, today sees the release of Fedora 25.

Fedora 25 sees the implementation of Wayland as standard. Instead of Wayland being an option at the login screen it's now default. I tested the beta a couple of weeks ago and it ran perfectly on my laptop with integrated graphics.

Wayland has now hit desktop Linux. I wonder how Mir is panning out over at Canonical? :o)

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer

Powered Descent posted:

Can you just give us the output of "iptables -L" or "iptables -S"? (Feel free to obscure any IPs you'd rather not disclose, of course.)

Usually fail2ban adds a line like "-p tcp -m multiport --dports 22 -j fail2ban-ssh" to the start of the INPUT chain, but it sounds like that may have somehow not happened.

e: Pasted the wrong line. Fixed.

e2: Yeah, what anthonypants said.

iptables isn't anywhere near as cryptic as most people think. Ten minutes with this page is enough to teach you how to read and write basic rules: https://wiki.centos.org/HowTos/Network/IPTables


Here's iptables - S:

code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N f2b-apache
-N f2b-apache-badbots
-N f2b-apache-nohome
-N f2b-apache-noscript
-N f2b-apache-overflows
-N f2b-sshd
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-nohome
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-overflows
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-noscript
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-badbots
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth+ -j ACCEPT
-A INPUT -i ippp+ -j ACCEPT
-A INPUT -i isdn+ -j ACCEPT
-A INPUT -i ppp+ -j ACCEPT
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i wlan+ -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 138 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 32400:32414 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 32469 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 24500 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i eth+ -j ACCEPT
-A FORWARD -i ippp+ -j ACCEPT
-A FORWARD -i isdn+ -j ACCEPT
-A FORWARD -i ppp+ -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i wlan+ -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A f2b-apache -j RETURN
-A f2b-apache-badbots -j RETURN
-A f2b-apache-nohome -j RETURN
-A f2b-apache-noscript -j RETURN
-A f2b-apache-overflows -j RETURN
-A f2b-sshd -s 186.143.200.184/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -j RETURN
Reading over the link that you pointed, the following things stand out:

Fail2ban has added a "-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd" rule, which from what I understand looks for incoming connections going to port 22 and inspects them using the "f2b-sshd" rule.

At some point I added a "-A INPUT -p tcp -m state --state NEW -m tcp --dport 24500 -j ACCEPT" rule which accepts any new tcp connections incoming on port 24500. 24500 is my ssh port, not 22.

Finally, fail2ban adds a "-A f2b-sshd -s 186.143.200.184/32 -j REJECT --reject-with icmp-port-unreachable" rule rejecting connections originating from 186.143.200.184/32 (my ip).

So, best guess, one or more of the following are happening:

1) Fail2Ban correctly looks at my logs and identifies a bruteforce attempt.

2) Fail2Ban adds a rule to the f2b-sshd chain.

3) Fail2ban however only applies the f2b-sshd to incoming connections on port 22, while my ssh connection are on port 24500.

4) Because the f2b-sshd REJECT rule gets added at the end of the iptables, the connection first gets accepted by the 24500 -j ACCEPT rule, so it never hits the REJECT rule.

dpkg chopra fucked around with this message at 14:29 on Nov 22, 2016

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer
So, I managed to fix that by adding "port=24500" to my sshd jail, restarting fail2ban, and then immediately locking myself out of ssh because of course I had banned my ip :downsrim:

(fixed it by vpning in and deleting the rule)

Thank you everyone for your help!

dpkg chopra fucked around with this message at 14:51 on Nov 22, 2016

Combat Pretzel
Jun 23, 2004

No, seriously... what kurds?!

apropos man posted:

Fedora 25 sees the implementation of Wayland as standard. Instead of Wayland being an option at the login screen it's now default. I tested the beta a couple of weeks ago and it ran perfectly on my laptop with integrated graphics.
Wanted to give Fedora 25 a spin. Live image boots up fine and everything, and the nouveau driver seems to work with my Geforce 1070, but for some reason the visual mouse cursor gets stuck in the top left corner of the focused screen. Controls do actually highlight and react when I blindly move and click around. Weird. Filed a bug about this a while ago, went apparently ignored. This is kind of a showstopper for newcomers.

apropos man
Sep 5, 2016

You get a hundred and forty one thousand years and you're out in eight!

Combat Pretzel posted:

Wanted to give Fedora 25 a spin. Live image boots up fine and everything, and the nouveau driver seems to work with my Geforce 1070, but for some reason the visual mouse cursor gets stuck in the top left corner of the focused screen. Controls do actually highlight and react when I blindly move and click around. Weird. Filed a bug about this a while ago, went apparently ignored. This is kind of a showstopper for newcomers.

Wow. That's quite a lovely and annoying bug. I assume that you're not using obscure hardware, either, if you're running a 1070.

I haven't upgraded this laptop yet, as I sometimes to give it a week or so for any catastrophic problems to be ironed out. I'd class not being able to see the mouse position as being a first class problem.

apropos man fucked around with this message at 08:21 on Nov 23, 2016

Boris Galerkin
Dec 17, 2011

I don't understand why I can't harass people online. Seriously, somebody please explain why I shouldn't be allowed to stalk others on social media!
In Vim I have the habit of accidentally hitting shift when I want to use a command like 'tabedit' (ie I'll accidentally type Tabedit about half the time). Is there a way I can just force vim to recognize Tabedit = tabedit and vice versa?

kujeger
Feb 19, 2004

OH YES HA HA

Combat Pretzel posted:

Wanted to give Fedora 25 a spin. Live image boots up fine and everything, and the nouveau driver seems to work with my Geforce 1070, but for some reason the visual mouse cursor gets stuck in the top left corner of the focused screen. Controls do actually highlight and react when I blindly move and click around. Weird. Filed a bug about this a while ago, went apparently ignored. This is kind of a showstopper for newcomers.

do you have a high DPI screen? I've had several issues with hidpi on gnome-wayland, it's still pretty rough (too rought to be default imo but I can see the point of wanting greater exposure).

apropos man
Sep 5, 2016

You get a hundred and forty one thousand years and you're out in eight!
Maybe that's one of the reasons it worked out of the box on my old Haswell laptop: 1366 X 768 FTW! :-p

Combat Pretzel
Jun 23, 2004

No, seriously... what kurds?!

apropos man posted:

Wow. That's quite a lovely and annoying bug. I assume that you're not using obscure hardware, either, if you're running a 1070.
Annoying in that I have this old spare SSD waiting for a Linux installation and I can't proceed. The Wayland support out of the box works have been nice, but I can't continue with installation, if I can't see what I am clicking. Keyboard navigation isn't impossible, but turned out to be more of a pain in the rear end than expected and worthwhile.

The F24 live image doesn't even work due to the old version of nouveau putting the adapter in an unknown state.

And I don't want to mess around with Arch again, because some packages I needed last time required manual patching of functionality that other distros do themselves.

kujeger posted:

do you have a high DPI screen? I've had several issues with hidpi on gnome-wayland, it's still pretty rough (too rought to be default imo but I can see the point of wanting greater exposure).
Nope, 1440p at 27". But two of them. The visible cursor jumps displays according to where the invisible pointer is, but it keeps being stuck in a corner.

Boris Galerkin
Dec 17, 2011

I don't understand why I can't harass people online. Seriously, somebody please explain why I shouldn't be allowed to stalk others on social media!
This might sound silly but have you tried using a different mouse?

I vaguely remember having the same issue with Fedora. I was using a wired by fancy ~gaming~ mouse and it did what you're describing. Then I plugged in a lovely $1 wired mouse with 2 buttons and a wheel and viola everything was peachy.

I don't remember if I was able to install some drivers or something to fix the issue afterwards.

Keito
Jul 21, 2005

WHAT DO I CHOOSE ?

Combat Pretzel posted:

Nope, 1440p at 27". But two of them.

Why not pull out one of the display during setup if the lovely fedora installer can't handle them both?

Combat Pretzel
Jun 23, 2004

No, seriously... what kurds?!
The displays are handled fine, they automatically switch to spanning mode, too. The mouse fucks up. I guess I'll try one display and/or a cheap mouse, crossing my fingers that if it'll work, the issues will be gone with the NVIDIA blob driver after I get a chance to install it. However, it's the whole Wayland session, not just the installer.

That said, I had dual display on my old GTX 780 working just fine with nouveau and Gnome Wayland, beginning of this year. Including functional mouse.

Boris Galerkin
Dec 17, 2011

I don't understand why I can't harass people online. Seriously, somebody please explain why I shouldn't be allowed to stalk others on social media!
Is Wayland the way to go now?

apropos man
Sep 5, 2016

You get a hundred and forty one thousand years and you're out in eight!

Combat Pretzel posted:

Annoying in that I have this old spare SSD waiting for a Linux installation and I can't proceed. The Wayland support out of the box works have been nice, but I can't continue with installation, if I can't see what I am clicking. Keyboard navigation isn't impossible, but turned out to be more of a pain in the rear end than expected and worthwhile.

And I don't want to mess around with Arch again, because some packages I needed last time required manual patching of functionality that other distros do themselves.

Nope, 1440p at 27". But two of them. The visible cursor jumps displays according to where the invisible pointer is, but it keeps being stuck in a corner.

I remember having issues with a Linux installer before, where I couldn't see the mouse during install but after installation normal service was resumed. I can't remember which distro, but seem to remember it being a KDE plasma based OS. I'm thinking Kubuntu. If you persevere with the keyboard it could possibly pay off..

Combat Pretzel posted:


The F24 live image doesn't even work due to the old version of nouveau putting the adapter in an unknown state.


If I run Ubuntu Live or try to install it on my desktop PC it makes my 750 Ti periodically spin the fans full-blast about every 30 seconds for 10 seconds. The solution for me is:

1. to get the OS installed hastily while the fans are going crackers
2. download the proprietary driver from Nvidia
3. remove nouveau and boot into command line environment (sudo systemctrl set-default multi-user.target)
4. Install the Nvidia driver after running 'chmod +x' on it
5. Reboot into graphical environment (sudo systemctrl set-default graphical.target)

I agree that you should try disconnecting one monitor and install onto only one screen. It'll be easier for the installer to work out what's going on.


EDIT:

Combat Pretzel posted:

However, it's the whole Wayland session, not just the installer.

Ah, disregard the top half of my post then.

Odette
Mar 19, 2011

apropos man posted:

Maybe that's one of the reasons it worked out of the box on my old Haswell laptop: 1366 X 768 FTW! :-p

I don't understand why laptop manufacturers *still* sell laptops with that screen resolution. Surely 1080p panels are cheaper than 1366x768 panels by now?

Twerk from Home
Jan 17, 2009

This avatar brought to you by the 'save our dead gay forums' foundation.

Odette posted:

I don't understand why laptop manufacturers *still* sell laptops with that screen resolution. Surely 1080p panels are cheaper than 1366x768 panels by now?

God no, and a growing segment of the laptop market is 11"-13" Chromebooks for $200 or less. When push comes to shove, I'd put having 4GB of RAM over having a 1080p display, or even having an x86 CPU. The $150 chromebooks with an ARM chip, 1366x768 display, and 4GB of RAM are pretty usable machines!

xzzy
Mar 5, 2009

Plus there's the issue of driving those pixels. The UHD yoga I use at work has integrated graphics and it chugs hard on video. Even 1080p is hard on it because it has to upscale so much.

apropos man
Sep 5, 2016

You get a hundred and forty one thousand years and you're out in eight!

Odette posted:

I don't understand why laptop manufacturers *still* sell laptops with that screen resolution. Surely 1080p panels are cheaper than 1366x768 panels by now?

In my case, I found a Haswell i5 on eBay that someone was selling with a missing F8 key-cap. It's a Toshiba Satellite: quite a heavy old thing that blows pretty hard under full load. Build quality is a bit plasticky but it's had some heavy use over the last year and still going strong and a bit of a beast with an extra 4 GB RAM and a Samsung 850 EVO thrown in.

Not bad for £180 (laptop only). The F8 key-cap is still missing.

Marinmo
Jan 23, 2005

Prisoner #95H522 Augustus Hill

Boris Galerkin posted:

Is Wayland the way to go now?
Heavens no. I do read your question as way to go equaling being the default without fallbacks, and then the answer is that it won't be for a long time as long as the nvidia-issues remain (someone's gotta budge or X.org will stick around forever, can't see it being nvidia either). Wayland is fine for AMD-based machines and people with nvidia cards who really hate 3D-acceleration though.


As a PSA for anyone upgrading from F24 -> F25, if you get an error with rpm-python3 apparently a fix is in the works and you should be able to upgrade within' the next few days. Got the error on my machine, no biggie though as the only noticeable improvements for workstations are Gnome 3.22 and some other smallish things.

apropos man
Sep 5, 2016

You get a hundred and forty one thousand years and you're out in eight!
I wonder how we'll be with the next range of AMD processors, presuming that they are going to stick to the well-established APU model of having CPU and GPU on the same socket.

Is it feasible that AMD will stick with traditional architectural structure for the new line of CPU's so that I could buy a new AMD APU laptop and it will be easy for the Linux community to port drivers for it? Is it a case of 'wait and see' because we just don't know how the new chips will be implemented yet?

Combat Pretzel
Jun 23, 2004

No, seriously... what kurds?!

Marinmo posted:

Heavens no. I do read your question as way to go equaling being the default without fallbacks, and then the answer is that it won't be for a long time as long as the nvidia-issues remain (someone's gotta budge or X.org will stick around forever, can't see it being nvidia either). Wayland is fine for AMD-based machines and people with nvidia cards who really hate 3D-acceleration though.
They all seemed to have agreed on XDC that GBM needs to be overhauled. They're working on a new buffer management API, but god knows how long it'll take til there's results.

Double Punctuation
Dec 30, 2009

Ships were made for sinking;
Whiskey made for drinking;
If we were made of cellophane
We'd all get stinking drunk much faster!
As I mentioned earlier, Mutter is getting EGLStream and EGLDevice support next release. 3.23.2 already has it. This means that GNOME at least will support NVIDIA on Wayland. In fact, Fedora already supports it via backported patches.

fuf
Sep 12, 2004

haha
(K)ubuntu DNS question:

I changed the DNS for a website I host, and whatsmydns.net is showing the new, correct IP across the board.

When I run nslookup with Google DNS it shows the new IP, but my local ISP DNS still has the old IP:

code:
$ nslookup [url]www.website.com[/url] 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   [url]www.website.com[/url]
Address: 138.68.xxx.xxx [correct]
code:
$ nslookup [url]www.landflight.co.uk[/url] 81.139.56.100 [got from my router settings]
Server:         81.139.56.100
Address:        81.139.56.100#53

Non-authoritative answer:
Name:   [url]www.website.com[/url]
Address: 212.135.xxx.xxx [wrong / old]
I changed the network settings to use Google DNS instead:

code:
$ nmcli device show 
GENERAL.DEVICE:                         enp3s0
GENERAL.TYPE:                           ethernet
...
IP4.DNS[1]:                             8.8.8.8
IP4.DNS[2]:                             8.8.4.4
IP6.DNS[1]:                             2001:4860:4860::8888                         
but when I run nslookup on its own I still get the old IP:
code:
$ nslookup [url]www.website.com[/url]
Server:         127.0.1.1
Address:        127.0.1.1#53

Non-authoritative answer:
Name:   [url]www.website.com[/url]
Address: 212.135.xxx.xxx [wrong / old]
Is there a local DNS cache somewhere that I need to flush maybe? Google gives lots of references to "sudo /etc/init.d/dns-clean restart" but that doesn't seem to exist anymore.

(I can't put https://www.website.com in [code] tags without it adding the [url]s, annoying)

edit: Ok I just tried again right after posting and it worked. ISP DNS still has the old IP so I must be using google DNS properly now. A cache somewhere must have finally been updated?

fuf fucked around with this message at 13:18 on Nov 25, 2016

RFC2324
Jun 7, 2012

http 418

fuf posted:

(K)ubuntu DNS question:

I changed the DNS for a website I host, and whatsmydns.net is showing the new, correct IP across the board.

When I run nslookup with Google DNS it shows the new IP, but my local ISP DNS still has the old IP:

code:
$ nslookup [url]www.website.com[/url] 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   [url]www.website.com[/url]
Address: 138.68.xxx.xxx [correct]
code:
$ nslookup [url]www.landflight.co.uk[/url] 81.139.56.100 [got from my router settings]
Server:         81.139.56.100
Address:        81.139.56.100#53

Non-authoritative answer:
Name:   [url]www.website.com[/url]
Address: 212.135.xxx.xxx [wrong / old]
I changed the network settings to use Google DNS instead:

code:
$ nmcli device show 
GENERAL.DEVICE:                         enp3s0
GENERAL.TYPE:                           ethernet
...
IP4.DNS[1]:                             8.8.8.8
IP4.DNS[2]:                             8.8.4.4
IP6.DNS[1]:                             2001:4860:4860::8888                         
but when I run nslookup on its own I still get the old IP:
code:
$ nslookup [url]www.website.com[/url]
Server:         127.0.1.1
Address:        127.0.1.1#53

Non-authoritative answer:
Name:   [url]www.website.com[/url]
Address: 212.135.xxx.xxx [wrong / old]
Is there a local DNS cache somewhere that I need to flush maybe? Google gives lots of references to "sudo /etc/init.d/dns-clean restart" but that doesn't seem to exist anymore.

(I can't put https://www.website.com in [code] tags without it adding the [url]s, annoying)

edit: Ok I just tried again right after posting and it worked. ISP DNS still has the old IP so I must be using google DNS properly now. A cache somewhere must have finally been updated?

Your zone file defines a ttl for the record, and it can take up to that long for the record to update(if your local resolver picked up the record right before you changed it, it would take that long) .

I've never found a way to speed it up, personally.

I've noticed some browsers have their own separate dns cache to make it even more fun.

xzzy
Mar 5, 2009

That's why if you're planning DNS work always have a second box somewhere that would not be accessing the sites you're updating so you can verify function after you do the change. Or just reboot, should clear everything out.

Also always set the TTL to be super short a couple days before.

anthonypants
May 6, 2007

by Nyc_Tattoo
Dinosaur Gum
Also, use dig instead of nslookup.

Docjowles
Apr 9, 2009

See how your nslookup command says Server: 127.0.0.1? That indicates you're running some local DNS caching daemon as well. Likely dnsmasq, but I dunno what Kubuntu ships with off hand. So the old value was probably cached there too on top of your ISP's servers, your home router, etc. Restarting dnsmasq (or whatever is listening locally on port 53) would have cleared the entry immediately.

Rebooting "works" to flush DNS caches but it's the "swatting a fly with a Buick" overkill method vs learning what's really going on.

In terms of speeding up DNS changes, the only thing you can really do is proactively lower the TTL hours or days in advance. Set it to like 5 minutes. Then when it's time to really make the change, it's picked up quickly and you can set it back to a more sane value when you're satisfied. There's no way to actively tell every other DNS resolver in the world "I know I said my TTL is 1 day, but gently caress you, come check me again anyway right now cause I changed!"

Docjowles fucked around with this message at 21:00 on Nov 25, 2016

politicorific
Sep 15, 2007
I want to set up a second debian install on a computer as a wordpress development platform from my home Internet connection. I would use my existing raspberry pi, but it's at its limit.

I have DDNS setup and letsencrypt for security.

I've read that I can just copy the letsencrypt certs from one computer to another: does anyone have a guide for this?

I have other Apache problems:
If I initially configure my ports.conf before logging into my wordpress install to use say port 7000, I can configure using HTTP, but HTTPS doesn't work... is this a mysql database problem?

xzzy
Mar 5, 2009

politicorific posted:

I've read that I can just copy the letsencrypt certs from one computer to another: does anyone have a guide for this?

Copy the /etc/letsencrypt folder over.

quote:

I have other Apache problems:
If I initially configure my ports.conf before logging into my wordpress install to use say port 7000, I can configure using HTTP, but HTTPS doesn't work... is this a mysql database problem?

Probably not a MySQL problem, but without some kind of error message it's impossible to help beyond that.

Suspicious Dish
Sep 24, 2011

2020 is the year of linux on the desktop, bro
Fun Shoe

Combat Pretzel posted:

Wanted to give Fedora 25 a spin. Live image boots up fine and everything, and the nouveau driver seems to work with my Geforce 1070, but for some reason the visual mouse cursor gets stuck in the top left corner of the focused screen. Controls do actually highlight and react when I blindly move and click around. Weird. Filed a bug about this a while ago, went apparently ignored. This is kind of a showstopper for newcomers.

This is probably a kernel bug related to cursor modesetting. Link the bug that you filed?

reading
Jul 27, 2013
Howdy. I've got Xubuntu running on my desktop and dual booting with Win7. I decided to go against my instincts and upgrade from 14.04 to 16.04. Big mistake of course. During the upgrade, I got booted to my lock screen and the lock screen was unable to display many of its own icons (instead showing little red circles with a slash) and I couldn't log in, I would just get stuck in a loop where I enter my password, hit enter, the screen flickers and takes me right back to the login.

After restarting my system just shows black monitors. If I use Grub to boot into recovery mode, I can get a text console and if I type "sudo service lightdm start" then I can get the lock screen to display. But, I still cannot log in due to this looping behavior.

How can I fix the lock screen? What may have broken after upgrading? It shows my username and accepts input in the password field, it just can't...unlock!

P.S. Forgot to add this resource:
https://ubuntuforums.org/showthread.php?t=1743535
I couldn't find this specific problem there and I don't know what the lock screen software is called to search for it. It's not the lock screen that shows the flame in front of the monitor in black and red, it's the regular Xubuntu/Ubuntu one.

peepsalot
Apr 24, 2007

        PEEP THIS...
           BITCH!

reading posted:

Howdy. I've got Xubuntu running on my desktop and dual booting with Win7. I decided to go against my instincts and upgrade from 14.04 to 16.04. Big mistake of course. During the upgrade, I got booted to my lock screen and the lock screen was unable to display many of its own icons (instead showing little red circles with a slash) and I couldn't log in, I would just get stuck in a loop where I enter my password, hit enter, the screen flickers and takes me right back to the login.

After restarting my system just shows black monitors. If I use Grub to boot into recovery mode, I can get a text console and if I type "sudo service lightdm start" then I can get the lock screen to display. But, I still cannot log in due to this looping behavior.

How can I fix the lock screen? What may have broken after upgrading? It shows my username and accepts input in the password field, it just can't...unlock!

P.S. Forgot to add this resource:
https://ubuntuforums.org/showthread.php?t=1743535
I couldn't find this specific problem there and I don't know what the lock screen software is called to search for it. It's not the lock screen that shows the flame in front of the monitor in black and red, it's the regular Xubuntu/Ubuntu one.
I'd start by checking /var/log/Xorg.log for errors

Plasmafountain
Jun 17, 2008

SopslnQmIBVeJIekJ3xC
4cj1V5JPsaDZQChgG8yg
0YBucQzo0Uvr9Jr3mLfY
DyCrJvoPgYC4nSxnJJRv
yQHFfuX23OO7eG9D9KCp
xrSeVaWSuBusf9imTXvt
U1Zrm2hZg21rfJm7Vrp9
it5P28AIYQquwIeQyhCh
wVCIFl722FuszKUiLiq6
ieNdTEatTAbgCUP6Bj0u

Plasmafountain fucked around with this message at 23:52 on Feb 27, 2023

effika
Jun 19, 2005
Birds do not want you to know any more than you already do.

Zero Gravitas posted:

I thought I'd try the latest version of Fedora on a machine for engineering simulation running OpenFoam and some other software. I've used it in the past on my laptop and it was a very nice experience, but gently caress me, I need some encouragement that its going to get better.

I cant install chrome (although as far as I can tell I've done everything correctly using the binary downloaded through yum to install all its prereqs). I'm locked out of editing /home/ unless I'm logged in as root. Compiz shits a brick that requires a restart (using the mate-compiz spin). I cant launch programs through the terminal that have not been installed through yum, so I have to try and find the executable in the maze of folders and try and throw that at the terminal.

I might be wishfully remembering things, but Im pretty sure it was a lot more userfriendly then than it is now. Where the gently caress am I going wrong with this?

I have a little help for Chrome, at least. Did you try installing the RPM from Google? It adds a Google repo for Chrome so you don't have to worry about anything and DNF takes care of it all.

ColTim
Oct 29, 2011

I had a similar issue - turned out to be caused by the proprietary NVIDIA drivers not liking the upgraded kernel. Uninstalling the drivers from the text terminal seemed to clear it up.

Adbot
ADBOT LOVES YOU

politicorific
Sep 15, 2007

xzzy posted:

Copy the /etc/letsencrypt folder over.


Probably not a MySQL problem, but without some kind of error message it's impossible to help beyond that.

Thanks
I give up, I tried creating a different DDNS name, but trying to run two servers using HTTPS behind the same dynamic IP is a headache. I unplugged my original server for a bit to see if I could even get SSL/Let's Encrypt working with Apache and Wordpress on the default ports, but had no luck.

Luckily this is just a test setup. Once I'm sure I'm doing something worthwhile with wordpress, I'll pay for a hosting provider with decent security.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply