Category Archives: Linux

Lets Encrypt certificate failed to renew

On a VPS I noticed that Lets Encrypt certificate failed to automatically renew correctly. After some research, I noticed that this issue was caused due to the certbot/letsencrypt script that didn’t execute the “post-hook” code (to reload the web server) after the certificate was renewed. Infact the certificate was renewed according to letsencrypt logs: Saving […]

Renew an expired Lets Encrypt / Certbot certificate

Yes it is possible to renew expired Lets Encrypt / Certbot certificate. First try to run the “-renew” command like this: certbot renew or letsencrypt renewcertbot renew or letsencrypt renew Then make sure to restart/reload your web server: /etc/init.d/nginx reload or /etc/init.d/nginx restart/etc/init.d/nginx reload or /etc/init.d/nginx restart That’s all.

Run MySQL command in background on Linux

Run a MySQL command in background from SSH command-line on Linux: nohup mysql -h localhost -u username -p’password’ databasename -e "ALTER TABLE users DROP COLUMN email;" >/dev/null 2>&1 &nohup mysql -h localhost -u username -p’password’ databasename -e "ALTER TABLE users DROP COLUMN email;" >/dev/null 2>&1 & In the above command-line we run this MySQL command: […]

Run PHP script every 10 minutes with Crontab

Do you need to run a PHP script every 10 minutes with crontab? Here is an example line you can add to /etc/crontab: # Run this PHP script every 10 minutes */10 * * * * user cd /var/sites/website.com/htdocs; php -f script.php >/dev/null 2>&1 &# Run this PHP script every 10 minutes */10 * * […]

CVE-2017-5754 Patch Meltdown Vulnerability on Debian Linux

How can I patch Meltdown vulnerability CVE-2017-5754 on Debian Linux server? First, follow the status of the Debian vulnerablities on this link: Information on Debian source package linux The Meltdown bugs are CVE-2017-5753, CVE-2017-5754, CVE-2017-5715: The fixes for all the Meltdown CVEs vulnerabilities are not yet available (9 Jan 2018). But soon they will be […]

Check Linux for Spectre and Meltdown vulnerability

Check if your Linux server is vulnerable to Spectre and Meltdown CPU bugs. You can use Spectre & Meltdown vulnerability/mitigation checker for Linux: https://github.com/speed47/spectre-meltdown-checker The shell script checks for CVE-2017-5753, CVE-2017-5754, CVE-2017-5715. Read also: How to patch Meltdown vulnerability on Debian Linux Download the shell script using wget: cd /tmp/ wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.shcd /tmp/ wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh […]

Reduce disk I/O with noatime and nodiratime

Add noatime and nodiratime to the mount options in /etc/fstab: UUID=[…] /webserver ext4 defaults,noexec,nodev,nosuid,noatime,nodiratime 0 2UUID=[…] /webserver ext4 defaults,noexec,nodev,nosuid,noatime,nodiratime 0 2 Remount the modified partitions as follows (use the correct mount point): mount -o remount /webservermount -o remount /webserver You may also apply this to / partition.