Recent Posts
Using Vagrant to create and deploy libvirt virtual machines
These commands will build and deploy a vagrant RHEL10 box from an existing .qcow2 disk.
Configure the template VM and disk, shut it down and create a Vagrant box, add it to local registry.
Install packages on template VM
On the template VM:
# make sure these are installed
dnf install firewalld flatpak lvm2 vdo stratis-cli stratisd \
nfs-utils autofs vim bash-completion tar \
policycoreutils-python-utils chrony psmisc acl \
man-pages bind-utils nano
Configure user vagrant
Create vagrant user and set password, ssh key
Using Fail2Ban to block unauthorised login attempts
Introduction
Installing Fail2Ban
Configuring Fail2Ban
Introduction
Anyone having virtual machines exposed to the internet has been subject to third parties attempting to log in without authorisation. Opening port 22 to the internet for SSH access means that there will be attempts to log in to your machine with various accounts such as root and passwords.
There are a few ways to reduce this. Fail2Ban is a program that we can use to limit the number of logins via SSH by tracing the IP address and adding it to a temporary blacklist.
Using Caddy web-server to enable HTTP/3 protocol
Introduction
Installing caddy
Installing caddy
Configuring caddy
Accessing logs
Using tcpdump to inspect http/3 protocol
Using jq to make logs readable as csv
Final note
Introduction
In this article we will install Caddy web server, in order to make use of the http/3 protocol on the hosted web-site.
Caddy will serve web-pages using the older http/1.1 protocol for older web browsers.
The server will also automatically renew the SSL web-site certificate and, when using http/3, browsers will use TLS 1.3, a secure protocol, and UDP, instead of TCP; this reduces latency and saves bandwidth.