1. Virtual Machine Ubuntu 20.04LTS (Azure, GCP, AWS, Aliyun, etc)
2. 16GB RAM
3. 512 GB Storage
4. One disk add for PV
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### 1: Drop invalid packets ### | |
/sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP | |
### 2: Drop TCP packets that are new and are not SYN ### | |
/sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP | |
### 3: Drop SYN packets with suspicious MSS value ### | |
/sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP | |
### 4: Block packets with bogus TCP flags ### |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Graphite Setup for CentOS | |
#### 参考 | |
* [Install graphite on a CentOS/RHEL server](http://www.linuxsysadmintutorials.com/install-graphite-on-a-centosrhel-server/) | |
* [CentOSにRPMでGraphite+Diamondをインストールする](http://qiita.com/takakiku/items/4dbee4739801cb8f60a2) | |
*** | |
#### epel リポジトリの追加 |
- create a new redis .conf file
$ cp /etc/redis.conf /etc/redis-xxx.conf
- edit /etc/redis-xxx.conf, illustrated as below
...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# Script to compile nginx on ubuntu with lua support. | |
NGX_VERSION='1.6.2' | |
LUAJIT_VERSION='2.0.3' | |
LUAJIT_MAJOR_VERSION='2.0' | |
NGX_DEVEL_KIT_VERSION='0.2.19' | |
LUA_NGINX_MODULE_VERSION='0.9.15' | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
header("Cache-Control: no-cache, must-revalidate"); //HTTP 1.1 | |
$domains = array('devguppie.com', 'wwww.devguppie.com', 'www.example.com', 'example.com'); | |
foreach ($domains as $domain) { | |
$curl = curl_init("http://$domain/.*"); | |
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PURGE"); | |
curl_exec($curl); | |
curl_close($curl); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from __future__ import print_function | |
import os | |
import sys | |
from collections import namedtuple | |
CacheFile = namedtuple('CacheFile', ['path', 'key']) | |
def read_cache_file(path): | |
with open(path, 'r') as f: | |
f.seek(0x28) # skip header | |
key_magic = f.read(6) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Stop Hotlinking: don’t let other websites steal your content (images, media files, etc), | |
that will cause additional load to your webserver and also more bandwidth consumption. | |
''' | |
location ~ .(gif|png|jpe?g)$ { | |
valid_referers none blocked mywebsite.com *.mywebsite.com; | |
if ($invalid_referer) { | |
return 403; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- Tit Petric, Monotek d.o.o., Thu 27 Oct 2016 10:43:38 AM CEST | |
-- | |
-- Delete nginx cached assets with a PURGE request against an endpoint | |
-- | |
local md5 = require 'md5' | |
function file_exists(name) | |
local f = io.open(name, "r") | |
if f~=nil then io.close(f) return true else return false end |
NewerOlder