Monthly Archives: November 2015

當中國人突然無法連網時⋯⋯

是不是我的 shadowsocks 進程死掉了?
是不是我的 shadowsocks 該更新了?
是不是只是端口被封了?
是不是我的 HTTP 代理進程死掉了?
是不是我的 UDP reply 又報錯了?
是不是 DNS 壞了?
是不是 server 本身的問題?
是不是 server 到國內的線路抽風了?
是不是 ISP 自己抽風了?
是不是只有自己的 server 被 GFW 關照了?
是不是 GFW 整體抽風了?
是不是要訪問的網站本身出問題了?

每當一個中國人發現自己要訪問的網站無法訪問時,都要進行上述思考,都要浪費數十分鐘甚至數小時來解決「網站無法訪問」的問題,隨著年齡增大,時間甚是珍貴,每次想想每年為此付出的時間與金錢,終於明白為什麼有那麼多人放棄大陸安逸的生活而跑去水深火熱的美國了。

Use a load-balancer as a first row of defense against DDOS | HAProxy Technologies – Aloha Load Balancer

We’ve seen recently more and more DOS and DDOS attacks. Some of them were very big, requiring thousands of computers… But in most cases, this kind of attacks are made by a few computers aimin…

Source: Use a load-balancer as a first row of defense against DDOS | HAProxy Technologies – Aloha Load Balancer

Configuring NGINX to accept the PROXY Protocol – NGINX

This article explains how to configure NGINX and NGINX Plus to accept the PROXY protocol. Table of Contents Introduction Using the PROXY protocol with SSL, HTTP/2, SPDY, and WebSocket Using the PROXY protocol with a TCP Stream Complete Example Introduction The PROXY protocol enables NGINX and NGINX Plus to receive client connection information passed through […]

Source: Configuring NGINX to accept the PROXY Protocol – NGINX

RHEL7: How to get started with Firewalld. – CertDepot

To assign the eth0 network interface temporarily to the internal zone, type:

$ firewall-cmd --zone=internal --change-interface=eth0
success

To assign the eth0 network interface permanently to the internal zone (a file called internal.xml is created in the /etc/firewalld/zones directory), type:

$ firewall-cmd --permanent --zone=internal --change-interface=eth0
success

Source: RHEL7: How to get started with Firewalld. – CertDepot

Uninstalling letsencrypt – Let’s Encrypt Community Support

If you have the environment variable XDG_DATA_HOME set, the installation is located at $XDG_DATA_HOME/letsencrypt. Otherwise, it is located at ~/.local/share/letsencrypt. You can simply delete this directory. You can also delete configuration, work, and log directories which by default are stored at /etc/letsencrypt, /var/lib/letsencrypt, and /var/log/letsencrypt respectively. The directory where you cloned our git repo can also be deleted.

Let’s Encrypt also installs some OS dependencies and how you remove these would be very OS specific. To see what dependencies were installed, take a look at the files in the bootstrap folder at the root of our git repo (link). Take a look at the shell script for your OS to see what packages are required. You can uninstall these packages through the normal means of your OS, but make sure they aren’t required by any other programs on your system.

Source: Uninstalling letsencrypt – Let’s Encrypt Community Support