BL🅾G News


« décembre 2021
12345
6789101112
13141516171819
20212223242526
2728293031

Actu G33k & admin stuff.

Aucun commentaire

#
# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
# Debian packages.
#
#<Directory />
#   AllowOverride None
#   Require all denied
#</Directory>


# Changing the following options will not really affect the security of the
# server, but might make attacks slightly more difficult in some cases.

#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of:  Full | OS | Minimal | Minor | Major | Prod
# where Full conveys the most information, and Prod the least.
#ServerTokens Minimal
ServerTokens Prod
#ServerTokens Full

#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of:  On | Off | EMail
#ServerSignature Off
ServerSignature Off

#
# Allow TRACE method
#
# Set to "extended" to also reflect the request body (only for testing and
# diagnostic purposes).
#
# Set to one of:  On | Off | extended
TraceEnable Off
#TraceEnable On

#
# Forbid access to version control directories
#
# If you use version control systems in your document root, you should
# probably deny access to their directories. For example, for subversion:
#
<DirectoryMatch "/\.svn">
   Require all denied
</DirectoryMatch>


#############################################
 
<DirectoryMatch "/\.git">
   Require all denied
</DirectoryMatch>

<Files ".ht*">
    Require all denied
</Files>

<Files "xmlrpc.php">
    Require all denied
</Files>

<Files "robots.txt">
    Require all granted
</Files>

#################################################
#
# Setting this header will prevent MSIE from interpreting files as something
# else than declared by the content type in the HTTP headers.
# Requires mod_headers to be enabled.
#
Header set X-Content-Type-Options: "nosniff"

#
# Setting this header will prevent other sites from embedding pages from this
# site as frames. This defends against clickjacking attacks.
# Requires mod_headers to be enabled.
#
#Header set X-Frame-Options: "sameorigin"


# vim: syntax=apache ts=4 sw=4 sts=4 sr noet


Aucun commentaire

Nano list rename function changelog

Changes between v4.9 and v5.0:
------------------------------
options: rename --tempfile to --saveonexit, to be far clearer

#set tempfile 
set saveonexit

Changes between v4.8 and v4.9:
------------------------------
options: rename --suspend to --suspendable, to make more sense

#set suspend 
set suspendable

Changes between v3.2 and v4.0:
------------------------------
options: actually rename --rebindkeypad to --rawsequences (-K)

#set rebindkeypad
set rawsequences

Changes between v2.8.5 and v2.8.6:
----------------------------------
options: rename --cut to --cutfromcursor, to be clearer

#set cut
set cutfromcursor

Source
https://www.nano-editor.org/dist/latest/ChangeLog




1 commentaire

Fix - ERROR: unable to download video data: HTTP Error 403: Forbidden

logo

When you want to download a youtube video and you have this:

 $ youtube-dl  https://youtu.be/JkeE2O15RFs
   [youtube] JkeE2O15RFs: Downloading webpage
   ERROR: unable to download video data: HTTP Error 403: Forbidden
 

You can try to fix with 2 steps:

First update youtube-dl with -U

 $ sudo youtube-dl -U

And finally try to remove the cache , yes the cache ... with --rm-cache-dir

 $ youtube-dl --rm-cache-dir
    Removing cache dir /root/.cache/youtube-dl ...

Try now :

 $ youtube-dl  https://youtu.be/JkeE2O15RFs  --no-cache-dir  -f "bestvideo[ext=mp4]+bestaudio[ext=m4a]/best[ext=mp4]/best" 
    [youtube] JkeE2O15RFs: Downloading webpage
    [youtube] JkeE2O15RFs: Downloading js player vflset
    [youtube] JkeE2O15RFs: Downloading js player vflset
    [download] Destination: Beastie Boys - Alive (Official Music Video)-JkeE2O15RFs.f137.mp4
    [download] 100% of 68.01MiB in 00:06
    [download] Destination: Beastie Boys - Alive (Official Music Video)-JkeE2O15RFs.f140.m4a
    [download] 100% of 3.71MiB in 00:00
    [ffmpeg] Merging formats into "Beastie Boys - Alive (Official Music Video)-JkeE2O15RFs.mp4"
    Deleting original file Beastie Boys - Alive (Official Music Video)-JkeE2O15RFs.f137.mp4 (pass -k to keep)
    Deleting original file Beastie Boys - Alive (Official Music Video)-JkeE2O15RFs.f140.m4a (pass -k to keep)

You can put --no-cache-dir to your command to avoid this, or delete the cache.

 $ youtube-dl  https://youtu.be/JkeE2O15RFs  --no-cache-dir  
 alias ytdl='youtube-dl  -o "%(title)s.%(ext)s" --extract-audio --audio-format mp3 -k --force-ipv4  --rm-cache-dir $1'
 alias ytdlV='youtube-dl  -o "%(title)s.%(ext)s" --force-ipv4 $1'

First line download and keep both video and mp3.
Second line download and keep only vdieo.
Bonus: --rm-cache-dir Delete cache from video file.

Enjoy! :)

by 🅴🆁🆁🅴🆄🆁32
🅴🅲🅷🔵🆂🆈🆂🆃🅴🅼



Aucun commentaire

Ne pas copier coller n'importe quel texte de source inconnue

pirate

!! Ne pas copier/coller des sources inconnues dans votre terminal SSH

On a tous un jour copier ne serait-ce qu'un git clone ou un bout de script (_ou même une toute petite ligne de commande_) sur une page/article d'un site , malheureux qu'a tu fais ...

Ne sais tu pas que le texte que tu vois ne correspond pas fatalement au code qu'il renvoie

Regardez l'exemple suivant

--> copier le code ci-dessous ( ctrl + c ):


git clone /dev/null; clear; echo -n "Bonjour ";whoami|tr -d '\n';echo -e '!\nMauvaise idee. Ne copiez pas de code a partir de sites que vous ne connaissez pas! Voici la premiere ligne de votre fichier /etc/passwd: ';head -n1 /etc/passwd
git clone
git://git.github.com/dont/copy/paste/from/unknow/source.git


Et maintenant collé le dans votre terminal ! (c'est sans risque ... seulement pour l'exemple.)

Pour TESTER , Coller ici pour voir le résultat


L'idée étant de cacher via la classe CSS dans la balise "< span" le texte en dehors de l'écran , ce qui fait que l'on copie aussi ce texte produit par le bloc HTML "< span".

Voici le code utilisé ici:

git clone <span style="position: absolute; left: -2000px; top: -100px">/dev/null; 
clear; echo -n "Bonjour ";
whoami|tr -d '\n';
echo -e '!\nMauvaise idee. Ne copiez pas de code a partir de sites que vous ne connaissez pas!
 Voici la premiere ligne de votre fichier /etc/passwd: ';
head -n1 /etc/passwd
<br>git clone </span> git://git.github.com/dont/copy/paste/from/unknow/source.git 

Securisation:

Pour ce protéger toujours coller dans un fichier texte (dans un bloc note ou autre) avant de le coller dans votre terminal ;)
Ou alors Clic droit sur la sélection est faire: afficher le code

Article created on 03.24.2020 by 🅴🆁🆁🅴🆄🆁32



Aucun commentaire

Apache 2.4 Rewrite 404 errors log

debian logoapache Logo

- Create 1 conf file in apache :

$ nano /etc/apache2/conf-available/rewrite-log-404.conf

- Paste this code inside /etc/apache2/conf-available/rewrite-log-404.conf


RewriteEngine On
# exclude directory index
RewriteCond %{REQUEST_URI} !/index\.(php|html?)$
# exlcude auto-index of directories
RewriteCond %{REQUEST_URI} !/$
# if the request is not a file, directory, or symlink
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l

# set the "notfound" environment variable
RewriteRule ^ - [E=notfound:true,L]

# LogFormat  Vhost log
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %X" vhost_combined
 
 
CustomLog /var/log/apache2/error.log vhost_combined env=notfound
CustomLog /var/log/apache2/requests.log vhost_combined env=!notfound

- Activate conf with:

$  a2enconf rewrite-log-404

-------------------------------
by 🅴🆁🆁🅴🆄🆁32

Hosted on
🅴🅲🅷🔵🆂🆈🆂🆃🅴🅼