When Spam Isn’t Just Annoying

The past couple of weeks I noticed that the MySQL service on my server would routinely stop out of the blue. At first I suspected that it was because my 512MB RAM wasn’t enough but when I looked at the usage history, I never peaked more than 9%. I even tried reinstalling the MySQL server which worked at first but then it stopped running again.

However, I think the problem was due to bots trying to log into my WordPress dashboard. One thread I was reading suggested xmlrpc attacks were bringing WordPress down. When I looked at my logs, there was a dozen of attempted logins.

There are multiple solutions for this, mainly blocling xmlrpc but since I use third party apps that rely on xmlrpc, I didn’t want to block it entirely. Jetpack was another solution which is what I eventually opted for.

I’ve been wary of installing Jetpack, mostly due to the fact my server is not that great and I was worried about space and memory consumption. However, it does have a feature to block malicious xmlrpc login attempts that I desparately needed.

It’s only been two days now (as of writing this) and I already see that Jetpack has blocked over 25 login attempts. Now this doesn’t protect me from other attacks and on other sites on this server but at leaat I have that out of the way.


TIL: How to Set Up Virtual Hosts on Apache

Create a virtual host configuration file site-name.conf for the site:

sudo vim /etc/apache2/sites-available/site-name.conf

Inside the file:

<VirtualHost *:80>
    ServerAdmin email
    ServerName domain name
    ServerAlias domain name
    DocumentRoot path to folder no slash at the end
    ErrorLog path to error log
    CustomLog path to access log

    <Directory />
        Options FollowSymLinks
        AllowOverride All

Add the site to the host file:

sudo vim /etc/hosts

Inside the file: localhost.localdomain localhost stashofyarn

Enable the site:

sudo a2ensite site-name.conf

Reload the Apache service in sudo mode:

sudo service apache2 reload

Phew… I Moved My Fanlistings

Fanlistings are basically the early 2000’s version of Facebook pages. I own a bunch of them, mostly of songs or video game characters. Honestly, the whole fanlisting thing has been going down in popularity as the years go by. It’s a bit sad. Fanlistings come and go a lot. There’s a high turnover rate. I try my best to maintain and keep mine up and running.

However, my old domain name expired and I had trouble getting in touch with my registrar to renew it. I really loved that domain name because it featured my frequently used user handle but I determined it to be a lost cause and ultimately let it go. Since GitHub introduced the student pack which included a .me domain for free for one year, I claimed it. Hence, was born.

Right now I’m using $50 credit from Digital Ocean (yes, that is a referral link) for an Ubuntu droplet. However, it only runs on 512MB RAM so I opted to buy a cheap 1GB RAM server from RamNode (no, that is actually not a referral link). 512MB RAM would probably be enough for me since I don’t receive many visits to my websites but you never know what the future might bring.

So on the event of my domain expiring, I moved all of my fanlistings over to the RamNode server. I exported a SQL file through phpMyAdmin from my website to recreate the database and ran it on the server. Since I wanted better naming conventions, I had to change all the config files in order to connect to the database. There were some issues that I had to plow through in Enthusiast, one being that the absolute path to the fanlisting script needed to be changed. Since I’m no longer of thinking of sticking to hosting but rather maintaining my own servers, I don’t think I should have to worry about changing the path ever again.

Afterwards, I had to contact The Fanlisting Network (TFL) in order to change my URLs. The network is to ensure that duplicate fanlistings don’t exist. In theory, duplicate fanlistings can exist but the ones listed on TFL are more trusted.

In summary, that was my evening last night. It took up more time than I wanted but that’s okay. I still managed to get some studying for CCNA done so all went well.