SA Bagus

Purpose : We want to protect the origin server from being hit directly over the internet so we make sure only CDN/WAF connect to the backend also known as Origin Protection. Scenario:   https://www.indusface.com/blog/fundamentals-of-origin-server-protection/ CDN+WAF---->GCP Load Balancer --->VM Nginx Solution: Modify Nginx Configuration ... location / {      allow 100.100.100.0/24 ; //Change with your CDN/WAF source IP that connects to the backend.     deny all; } ... set_real_ip_from 1.1.1.1/32; // Change with your LB Public IP address set_real_ip_from 130.211.0.0/22; // Private IP range for GCP Load Balancers set_real_ip_from 35.191.0.0/16; //Private IP range for GCP Load Balancers real_ip_header X-Forwarded-For;  real_ip_recursive on; ... Save and restart the services. Check the Log tail -f /var/log/nginx/access.log tail -f /var/log/nginx/error.log If there is client over the internet hit directly IP the load balancer, it will be blocked by Nginx (403 Forbidden) you should see

https://www.techtarget.com/whatis/definition/troubleshooting   1. Contact the team, because the point of view from another peer is helpful. 2. Contact the vendor, if we have support, use it very well. 3. Contact the service owner, they know their features well. 4. Use Statistics from the monitoring tool very well, it is helpful as data for troubleshooting. 5. Back to basic knowledge sometimes is a good practice. 

Here are step by step to reset wordpress password if forgot the password. Make sure you have access to the databases.  mysql> use wordpress; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +-----------------------+ | Tables_in_wordpress   | +-----------------------+ | wp_commentmeta        | | wp_comments           | | wp_links              | | wp_options            | | wp_postmeta           | | wp_posts              | | wp_term_relationships | | wp_term_taxonomy      | | wp_termmeta           | | wp_terms              | | wp_usermeta           | | wp_users              | +-----------------------+ 12 rows in set (0.00 sec) mysql>  Generate a New Password Hash: WordPress uses a salted MD5 hash for passwords. You can generate a new password hash. Here is example python script import bcrypt def generate_wordpress_hash(password):     # Generate a random salt and h

Qemu is one of the virtualizations technology, with qemu we can make a virtualization OS. It can be installed on the MacOS as well. Install Qemu brew install qemu Check installed version qemu-system-x86_64 --version Create a virtual disk for a VM. e.g: mkdir -p ~/MY/VM/DEBIAN qemu-img create -f qcow2  ~/MY/VM/DEBIAN/debian-vm1 .qcow2 40G Output: Formatting 'debian-vm1.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=42949672960 lazy_refcounts=off refcount_bits=16 Boot from ISO for installation. Download the installer ISO file and place it to the same directory. Once ISO file is downloaded we can start to installing the VM: qemu-system-x86_64 -m 2G -vga virtio -display default,show-cursor=on -usb -device usb-tablet -smp 2 -cdrom debian-12.2.0-amd64-netinst.iso -drive file= debian-vm1.qcow2 ,if=virtio Run VM in the bridge network qemu-system-x86_64 debian-vm1.qcow2 \ -smp cpus= 2 -m 2G \ -nic vmnet-bridged,ifname= en0 Command options qemu-syst

  Here's how to send a payload to an HTTP server using Linux commands: 1. Choose your tool: curl: More versatile, supports various HTTP methods and payload formats. wget: Simpler for basic GET requests and file downloads. 2. Construct the command: a. Using curl: Specify the HTTP method: GET: curl http://example.com POST: curl -X POST http://example.com PUT: curl -X PUT http://example.com Attach the payload: Form data: --data "param1=value1&param2=value2" Raw data: --data-binary @file.txt (Reads data from a file) JSON data: --header "Content-Type: application/json" --data '{"key": "value"}' Example (POST request with form data): Bash curl -X POST http://example.com/form \ --data "name=John&email=johndoe@example.com" b. Using wget (for simple GET requests): Bash wget http://example.com/data?param1=value1 3. Replace placeholders: http://example.com : The actual server URL