Someone has been attacking our web server all day using a botnet, trying to find user credentials by bashing guesses using xmlrpc authentication attempts.
If you are running a WordPress site and do not need pingback or other xmlrpc capabilities, I strongly recommend installing a plugin that disables xmlrpc. You can find one by typing that into the new plugin search box in WordPress.
I also strongly suggest installing wp-fail2ban if you have a WordPress site. This will cause your site to log these attempts. We have software on our server that will then use this to disable connections from the IP addresses probing for passwords.
In addition to the host machines, I updated a number of guests also to the 4.8 kernel. The main incentive for doing this was improvements in NFS handling. In the case of the older shellx and scientific servers, they were running on a super ancient 2.6 kernel because none of the 3.x kernels would boot on those machines but the 4.8.12 kernel seems to boot and run fine.
PHP has been upgraded on shellx.eskimo.com from php5.3 to php7.0 so that it is the same major point release as used on our web server.
I encourage people to use ubuntu.eskimo.com for web development as it has the same exact version of everything as our web server has however many people continue to use shellx so I am endeavoring where possible to upgrade the tools on this server to match.
I am planning on doing some maintenance at the co-lo facility tonight that will involve rebooting three of the host servers. These are the machines that have your /home directories and /var/spool/mail mail spools, as well as various virtual machines.
The last time I did this we were down for several hours. I have come to a good understanding of what caused the issues last time so they can be avoided this time. I expect a downtime of about 1/2 hour for the server that hosts /home directories and about 10-15 minutes for the others.
The reason for these reboots is to load a 4.8 Linux kernel. There was substantial work done to NFS in version 4.8 that improves performance by correcting a few sections of slow critical code and by using more aggressive caching. Since our whole service is heavily dependent upon NFS to mount file systems remotely from one machine to another, this should improve the overall performance of our network, Mail, Web, shell serves, all should run faster after this reboot.
The upgrade of opensuse.eskimo.com resulted in a non-bootable machine. So since I really didn’t have much in the way of apps other than what comes with the distribution on this box, I am going to install Leap from scratch. OpenSuse may be down for a few days. It was getting very little use anyway so doubt it will be badly missed in the interim. I am anxious to see what has changed in Leap. One thing that has changed for sure is that it’s systemd based like most other modern Linux’s and problems with the systemd scripts appear to be what is preventing it from booting properly after the upgrade. Hopefully a clean install will work better.
Komodo Edit 7 on shellx.eskimo.com has been upgraded to Komodo Edit 10. On shellx, this is invoked from the command line by typing “komodo” or “komodo file“.
The shell server opensuse.eskimo.com is being upgraded from OpenSuse 13.2 to OpenSuse Leap 42.2. Although it is usable during the upgrade, programs may be randomly killed so it is not advised that you use it for anything serious until the upgrade completes which will probably be another two hours or so.
The shell server “fedora.eskimo.com” is now Fedora 25 and available for use.
The shell server fedora.eskimo.com is presently unavailable. It is in the process of being upgraded from Fedora 24 to Fedora 25. Once the update completes it will again be available.
For some time WordPress image upload was failing here. I do not know when this started today yesterday was the first time I received a complaint about this problem.
The graphicsmagick image manipulation library which is a fork of the imagemagick image manipulation library is just completely broken under Ubuntu 16.04.1 LTS and core dumps. This broke PHP code that was manipulating images such as generating the resized image and thumbnails after you uploaded an image.
I removed the graphicsmagick libraries and replaced them with the older and functional imagemagick libraries and now I am able to upload images properly.