AWS time zone adjust Amazon Linux 2 and RDS MySQL

In the logs and the database use the correct time stamp of the own time zone, must be

1. Configure the system time of the EC2 instance

sudo ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime

and in the file /etc/sysconfig/clock Enter the time zone:

sudo vi /etc/sysconfig/clock
ZONE="Europe/Berlin"

After a reboot of the instance must be:

sudo reboot

The adjustment can be checked with

date

Those more…

letsencrypt AWS http challenge

I had the problem, that when renewing the Letsencrypt certificate via cronjob Amazon Linux 2

certbot renew --post-hook "systemctl reload httpd"  >> /var/log/certbot.log 2>&1

the SSL certificate was not renewed, but following error occurred:

Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',)
Attempting to renew cert (foo.de) from /etc/letsencrypt/renewal/foo.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.

I then looked in configuration: /etc/letsencrypt/renewal/foo.conf and the Authentificator modified on Apache and the challenge of Authentificator on HTTP (through the Web server).

# Options used in the renewal process
[renewalparams]
account = xxx
server = https://acme-v02.api.letsencrypt.org/directory
authenticator = apache
installer = apache
pref_challs = http-01,

After that was the important Port 80 unlock the security group for authentication and another command

certbot renew

was the certificate was successfully renewed.

Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for foo.de
Waiting for verification...
Cleaning up challenges

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/foo.de/fullchain.pem

Execute PHP script as a Windows service

Under Windows, scripts can be, that's endless run with PHP using a service implemented.

This has the advantage of, that is the memory consumption with the time to infinity, with endless script versions and a recovery and restart functionality can be implemented, to keep the service over long periods of time running.

Furthermore, the service receives from the operating system events, if e.g.. a shutdown is, to be able to stop in time itself and not corrupt data to produce cancellation in a non-atomic operation.

To create a Windows service, you need the win32service PHP library.

You can here them Download and in the php.ini embed:

extension=php_win32service.dll

Create service more…

proftp user log traffic with mod_sql

To the user traffic in proftp log to a MySQL database, you only need the user table a column “traffic” Add type BIGINT, Default 0:

ALTER TABLE `ftpuser` ADD COLUMN `traffic` BIGINT NOT NULL DEFAULT '0';

Then you can use a SQLNamedQuery kan in the sql.conf, to cut with the amount of traffic:

SQLLog RETR,STOR,APPE extendedlog
SQLNamedQuery extendedlog UPDATE "traffic= (traffic + %b) WHERE userid='%u'" ftpuser

Attention, Use leads to increased traffic to the database.

AWS: need to verify an email address in SES without access to the mailbox

To send Amazon SES email, need to verify only the email address. This is a problem, If one has access to the domain, but has set up a mail server.

To work around the problem, one only verifies the domain in SES and is then under Configure email receiving a to verifierende E-Mail address and connects them with a SNS topic. After that you can Subscription set up on the SNS topic via email and so the verification email can be forward on an existing mailbox.

Microsoft IIS REST API allow by PUT, DELETE

To the IIS 7.5 all HTTP verbs like PUT, POST, DELETE and PATCH to enable, need to disable the following modules and handlers in the web.config:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
      <modules>
         <remove name="WebDAVModule" />
      </modules>
        <handlers>
            <remove name="WebDAV" />
            <remove name="OPTIONSVerbHandler" />
            <remove name="TRACEVerbHandler" />
        </handlers>
    </system.webServer>
</configuration>