Home
Newer & updated contents
Non-daily weblog

Exchange | Board

Files for download
Workshop tutorials
W3 Directory resources

AI revolution drives up power consumption

Setup & config options

Raspberry Pi first usage
Suitable power supply
RasPi & sFTP file transfer
Home network print server
Home network scan server
Mesh : home Lan USB drive
Explore hard & software
UFW firewall explained
Secured by fail2ban server
Software packaging & PPA

Apache 2.4+ LAMP server

http web server : port 80
https web server : port 443
Varnish caching proxy
Module : cgi & perl
Module : geoip
Modules : php & mysql
http*s error handling
Server : conditional logging
TL-domain & dynamic DNS
Webalizer log analyser
Defeat referrer spam
robots.txt & xml sitemaps
Server : .htaccess handling

The game & not the islands
 Setup & config options

About Windward

Improve your Firefox

Weather widget

Lat. 52.27, Long. 8.01

Meteorological service

North Atlantic : Macaronésia

Nine Azorean islands
Madeiran archipelago
POI on Madeira island
Streaming media

Off-topic media

Contact details
Privacy policy & terms
Host traffic elicitation

🚫  No ads & tracking

apache  azores  cinematique  fail2ban  firefox web browser  foss  dosboot  linux  madeira  media  portugal  raspberry pi  spam  xml sitemap  ubuntu budgie  ufw  varnish cache  weather widget  webalizer analyser  windward 

📅  The non-daily weblog published

📄 ➌      1 2 3 4 5 6 7

Caution Proprietary and untested third-party software sources (Linuxes) can threaten the system.

»root« | Mostly valid for all Debian and Ubuntu versions

The term "root" has several meanings in Debian, Ubuntu, as well as in Linux and the Unix world in general; it can mean a user, but also a file, which must be inferred from the context.

1. Every Unix installation knows the user name root; this is possibly (but in practice rarely) also the only user. This user also always has the numerical user ID 0. When accessing files, this user has special rights; effectively, access restrictions defined for this user are not observed.
2. The administrator of a computer likes to use the user name root for his work because special rights are often required for this. This is why such a natural person is occasionally called "root".
3. The Linux kernel has an internal data structure root, the "file system root", for the integration of a file system.
4. The file system actually mounted on the aforementioned data structure in the kernel is called "root file system" and can be referenced from the running system with "/". The names "root folder" and "root directory", which are also occasionally used, should be avoided because of the risk of confusion with meaning 5.
5. Every file system that is to be suitable for integration into the internal data structure root of the Linux kernel must contain, among other things, a file with the name /root and the file type directory (also: folder, directory, folder). This folder serves as the personal directory (also: home) of the root user.

The user name root (meaning 1), which of course also actually exists in Ubuntu, cannot be used by default for the user logon, because in Ubuntu this user is blocked for security reasons. It is intended that persons in the role root (meaning 2) first log in with their own user name and then gain the special rights of root with the help of the programmes sudo, su or pkexec. However, it is possible to activate this user with passwd, set a password and log in with it, as is usual with other Linux distributions.

The meanings 3 and 4 are often confused with each other because only in the short initialisation phase after the start of the kernels is no root file system actually mounted. However, it is also possible, albeit uncommon, to change the root file system during operation.

13-Sep 2022

Deal with the »\x16\x03\x01« request | Error 400 (Bad Request)

What is this in /var/log/apache2/access.log and /var/log/apache2/error.log ? Invalid method in request »\x16\x03\x01«. In most cases this comes from the incorrect placement of the SSLEngine On entry. The answer to this is quite simple. This web server only serves to one internet domain, and from there it has only a few configuration files. Verify all files in the directory /etc/apache2/sites-available/.

Depending on how many files you have, cut and paste the entry SSLEngine On like here described.

(1)     000-default-le-ssl.conf      (2)     000-default.conf
        <IfModule mod_ssl.c>                    <VirtualHost *:443>
            <VirtualHost *:443>                  SSLEngine On
             SSLEngine On                        Protocols h2 h2c http/1.1
             Protocols h2 h2c http/1.1           ...
             ...

(3)     default-ssl.conf
        <IfModule mod_ssl.c>
           <VirtualHost _default_:443>
            SSLEngine On
            Protocols h2 h2c http/1.1
            ...
	

After all restart the Apache web server.

root@raspberry:/home/user# service apache2 restart

05-Jul 2022

Thunderbird 102 will arrive soon

Lately, the email client Thunderbird has been the talk of the town, for example when it came to the plans for 2022 or the merger with K-9 Mail. Now Thunderbird 102 has been released and is starting to implement the planned modernisation. The changes affect both the layout and the functionality. Parts of the plans for the overhaul of the interface have been implemented, but the new design will only be complete with Thunderbird 114 next year. Already now, v102 brings fresh icons and coloured folder symbols whose colours can be assigned individually by right-clicking.

More important, however, are improved and new functions. The first thing that catches the eye is the new Spaces toolbar, which appears vertically on the left edge and makes it easier to quickly select the desired component with the mouse. The bar can be hidden, but components such as mail, address book, calendar, tasks and chat remain accessible via the key combinations ALT - F1 to ALT - F5.

The address book has been completely revised. It is compatible with vCard, so there is nothing to stop you importing address lists from other apps. With functions such as time zone tracking and relationship management, the new address book offers a better overview of contacts. The design has also been upgraded here. In this context, the import and export function has also been revised. Importing from other Thunderbird installations or other applications has been made easier. In addition, the import of SQLite address books and CSV address books with semicolon-separated lines is supported.

01-Jul 2022

After 27 years, the era of Internet Explorer ends

15th June is a day for the internet history books: Microsoft is retiring its Internet Explorer. The browser will only continue to run in special cases.

The Internet Explorer's time has run out - Microsoft has long seen it that way, too. This Wednesday, the company largely phased out its support for the browser, which was introduced in 1995 and was once widely used. Affected are Windows 10 versions that are to be assigned to the "semi-annual channel", i.e. they receive a function update twice a year. When trying to start the browser, users will from now on be directed to the successor programme Edge. Later, Internet Explorer will be permanently deactivated on the affected systems via a Windows update.

According to data from the website Statcounter, Internet Explorer still had a worldwide market share of 0.64 per cent in the desktop browser segment.

Microsoft had already announced a year ago that Internet Explorer 11, which last received an update on 7 May 2022, would go down in Internet history as the last major version of the programme. For Windows 11, Microsoft's most recent operating system, the company no longer provided a version of the software that had been widely used for decades.

Internet Explorer is not finally dead with the current change. Among others, so-called LTSC versions of Windows 10 are exempt from Microsoft's advance. However, these "Long-Term Service Channel" variants are only available to companies that are willing to pay for long-term support.

Also not affected by the end of support are versions of Internet Explorer for Windows 8.1 and so-called ESU versions of Windows 7, which are only offered to companies and which offer so-called "extended security updates" for a certain surcharge. Microsoft has discontinued general support for Windows 7 on 14 January 2020.

15-Jun 2022

USB-C becomes standard for charging cables in the EU

Just a quick note, because unfortunately it somehow got lost in the shuffle. After much wrangling, it has now been decided that mobile phones and many other devices in the EU will have standardised charging sockets from mid-2024.

Negotiators from EU states and the European Parliament agreed on USB-C as the standard charging socket. The regulation reportedly applies to smartphones, tablets, cameras, headphones and portable speakers, for example. After the earlier proliferation when every mobile phone had a special charging cable, there were actually only 3 types left in recent years.

Legal requirements for charging cables have long been the subject of debate. The Commission first raised the issue of charging cables more than ten years ago. Until now, the industry has had enough time to adapt. Since nothing came of it, the legislature has now intervened. From the date of adoption of the new legislation, a transitional period of 24 months applies, 40 months for laptops. This is to give industry enough time to adapt. This will save over 1000 tonnes of e-waste annually across the EU.

09-Jun 2022

Eject the DVD-ROM or CD-ROM tray by the command line in Linuxes terminals

In order to eject the tray or a disk from the drive, whether it's a DVD-ROM or CD-ROM, start your terminal and simply execute the eject command.

eject enables the software-controlled ejection of removable media (typically CD-ROM, floppy disk, tapes, JAZ, ZIP or USB media). The command can also control some CD-ROM changers and the automatic eject function of some devices, as well as close the tray of some CD-ROM drives.

The device designated by the will be a mount point and will be specified either as a full path or without the leading /dev, /media or /mnt. If no name is specified, the default name CD-ROM will be used.

There are four different eject methods depending on whether the device is a CD-ROM drive, a SCSI device, a floppy drive or a tape drive. By default, eject tries all four methods in sequence until it succeeds. If the device or device partition is mounted, it will be unmounted before ejecting.

13-May 2022

mcedit | Terminal editor within the Midnight Commander

»Midnight Commander« also includes an internal editor called »mcedit«, which can be executed as a standalone program or from Midnight Commander.

All the explanations and information provided here deploy the standard editor »nano« in general use. »mcedit« offers an easier-to-understand user interface and handling with files. Control by computer mouse is supported.

Convenient two-window mode facilitates the exchange of files between directories.

root@raspberry:/home/user# apt install mc

»mcedit« starts the terminal editor as standalone.

»mc« launches the Midnight Commander itself.

After you mark a file the function key [F4] opens »mcedit« within »mc«.

https://midnight-commander.org/

The Midnight Commander is a clone of the Norton Commander from the 90s by the Symantec Corp.

⛔  Update | Page accesses by antique or bogus User-agents are not tolerated anymore
Conditional logging option (within the spoiler specified)

With the time being I found out that mostly content harvesters, spambots and unwished webcrawlers deploy out-of-date or bogus User-agents to access the web contents. Mostly with Chrome and Firefox from 1.x to 7x.x or even by Mozilla/4.0. What ? 403 Forbidden. Of course, keeping in minds that the major popular search engines are excluded from that.

        "GET / HTTP/1.1" 403 400 "-" 
            "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
        
        "GET / HTTP/1.1" 403 363 "-" 
            "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) 
                Gecko/20100115 Firefox/3.6)"
	

Or something curiously.

        Mozilla/3.0 (compatible;)
        Mozilla/6.0 (compatible;)
	

Overview »Spoiler«

    # some Googlebots use Chrome/11.x
    # some Googlebots use Chrome/41.x, 49.x
    # Googlebots use mostly Android 6 and now 7 as well
    # Bing's BingPreview bot runs with NT 6.1 (Windows 7)

        # .htaccess
...
RewriteCond "%{HTTP_USER_AGENT}" "(MSIE [5-9]|MSIE 10)" [NC,OR]
RewriteCond "%{HTTP_USER_AGENT}" "(NT [5-6].[0-2])" [NC,OR]
RewriteCond "%{HTTP_USER_AGENT}" "(Chrome/[2-8]" [NC,OR]
RewriteCond "%{HTTP_USER_AGENT}" "(Firefox/[2-8]|Firefox/10.0)" [NC,OR]
RewriteCond "%{HTTP_USER_AGENT}" "(Opera/[2-7])" [NC,OR]
RewriteCond "%{HTTP_USER_AGENT}" "(Android [2-5|Android [8-9])" [NC,OR]
RewriteCond "%{HTTP_USER_AGENT}" "^(Mozilla)$" [NC,OR]
RewriteCond "%{HTTP_USER_AGENT}" "(Mozilla/[0-4]|Mozilla/6-9)" [NC]
RewriteRule "(.*)" "-" [F]
...
        # apache2.conf
...
SetEnvIfNoCase User-agent "(MSIE [5-9]|MSIE 10)" dontlog
SetEnvIfNoCase User-agent "(NT [5-6].[0-2])" dontlog
SetEnvIfNoCase User-agent "(Chrome/[2-8])" dontlog
SetEnvIfNoCase User-agent "(Firefox/[2-8]|Firefox/10.0)" dontlog
SetEnvIfNoCase User-agent "(Opera/[2-7])" dontlog
SetEnvIfNoCase User-agent "(Android [2-5|Android [8-9])" dontlog
SetEnvIfNoCase User-agent "^(Mozilla/5.0)$" dontlog
SetEnvIfNoCase User-agent "(Mozilla/[0-4]|Mozilla/[6-9])" dontlog
...
# Place at the end of file apache2.conf for the conditional logging option
CustomLog ${APACHE_LOG_DIR}/access.log combined env=!dontlog
	

Either web browser has updated or no pass through will be given.

All that at all with some code in .htaccess beneath /var/www/html implemented you can deny dozens, hundreds and thousands of unwished and useless web-robots, web-crawlers and dully content harvesters.

Find more information under the page Conditional logging.

02-Jan 2021
Updated 16-Aug 2022

  SSD Health Check with SmartMonTools
How do you check the health of the Solid State Drive ?

If you want to check the health of your solid state disks (SSD), you can do this quickly in the terminal. To do this, use the SmartMonTools tool, which is installed with the command apt install smartmontools for Debian-based distros. Before checking the SSD, one wants to know the name of the storage medium. To do this, use the command lsblk -a.

To find the right drive, you can orientate yourself by the size. In the example, it is sda. The next thing is to check whether the storage supports the S.M.A.R.T. standard. This is an industry standard for analysing hard disks and SSDs. You can check this with the command smartctl -i /dev/sda.

        SMART support is: Available - device has SMART capability
        SMART support is: Enabled
	

After this point is clarified, you can run a quick test with smartctl -t short -a /dev/sda. Hopefully you will find this PASSED in the long output. With the command smartctl -t long -a /dev/sda, a detailed test of the SSD can also be carried out. However, this can take up to an hour.

Source : https://www.smartmontools.org/

26-Apr 2022

Ubuntu 22.04 LTS released

Ubuntu no longer shows other installed operating systems in the boot menu when upgrading, unless you are doing a fresh install and already have another operating system installed. Yet you are not lost completely. It have some workarounds to find within the W3.

---

Canonical has today released Ubuntu 22.04 LTS with the name 'Jammy Jellyfish' for download. This long-term support version will receive updates for the next five years. Ubuntu 22.04 LTS includes the latest GNOME 42 desktop environment with the triple-buffering patch, but still uses applications from the GNOME 41 stack, such as the file manager Nautilus (Files), due to compatibility issues between GTK4 applications in the upstream version and Ubuntu's Yaru theme.

In this release, there are new settings to control the look and behaviour of the Dock, a system-wide dark style for all apps and dialogues, improved integration of Dock devices and file managers, and ten accent colours for the dark and light styles of the default Yaru theme, which now mimics the look and feel of GTK4 apps.

Another important feature of Ubuntu 22.04 LTS is the long-supported Linux kernel series 5.15 LTS, which brings a new implementation of the NTFS file system that allows you to read and write data without relying on a third-party driver or software. The Linux kernel 5.15 LTS will be supported with security and bug fix updates until at least October 2023.

In addition, Jammy Jellyfish brings RDP support for sharing the desktop remotely with better security, privacy and performance, Wayland as the default session for most systems that don't have an NVIDIA graphics card, there is support for hardware with privacy screen support, UDP is now disabled by default for NFS mounts and there is a new logo that you can see on the home screen and on the About page of the Settings app.

Other changes in this release include support for the linux-restricted-modules package on the ARM64 platform (AArch64) for NVIDIA drivers to enable the use of the ubuntu-drivers tool to install and configure NVIDIA's own drivers from the Ubuntu repositories, as well as support for the latest Linux 5.17 kernel series for OEMs. In addition, ssh-rsa is now disabled by default in OpenSSH to increase security.

Nftables is now the default backend for the firewall

The Mozilla Firefox web browser is only offered as a snap package in Ubuntu.

If you don't want that perform the following steps by adding the official PPA for the Firefox web browser and as well as for the Thunderbird mail client.

user@user:~ $ sudo su
login as: user
user@user's password: ******
root@user:/home/user# snap remove --purge firefox

Now delete all remaining to the Firefox browser related directories manuallay by using the file manager preferred.

root@user:/home/user# add-apt-repository ppa:ubuntu-mozilla-security/ppa
root@user:/home/user# apt update
root@user:/home/user# apt install firefox

At the same time as Ubuntu 22.04 LTS, editions for servers, cloud and the Internet of Things also appeared, as well as the variants Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu MATE, Ubuntu Studio, Ubuntu Kylin and Xubuntu, which receive three years of support. Desktop and server images are available from Canonical's download portal. Information and images of the variants are available on a separate website. https://ubuntu.com/download/flavours

21-Apr 2022

📄 ➌      1 2 3 4 5 6 7