Group based HTTP basic authentication using Nginx and MySQL with help of Lua

Recently I moved from Apache to Nginx on one of my servers due to increase in traffic. But I was using HTTP Basic authentication with group based authorization on Apache in this manner:

However, there’s no AuthGroupFile  in nginx. But LUA, a programming language is supported in nginx. So here’s how I used

March 8th, 2016|FreeBSD, Linux|0 Comments

FreeBSD IPFW NAT and Jails

IPFW in FreeBSD has built-in support for NATing and the configuration syntax is same as that of natd. It took me quite some time to figure out how to NAT for jails while ensuring that certain jails can have public IPs.

Configure the nat on one of the IP addresses:

When using stateful firewall, the NAT rule

December 7th, 2014|FreeBSD|2 Comments

FreeBSD ipfw: add_dyn_rule: Cannot allocate rule

One of the servers I run has FreeBSD 10. It hosts a high traffic Magento site. Magento being a very heavy application, requires a dedicated server. The site’s performance is very bad when it is hosted on VPS — or perhaps that depends on provider / needs tuning. Not my site. My task was to move it to dedicated server so I don’t have to consider all that stuff.

As someone new to FreeBSD, I try to stick to tools and utilities that are provided by FreeBSD itself and do not rely on those provided by other BSDs. This rule is quite flexible, but I can’t cite examples of relying on tools by other BSDs that I’m using right now. So, naturally, for firewall I chose IPFW which is FreeBSD’s own firewall. The other firewalls supported by FreeBSD are PF (which comes from OpenBSD) and IPFilter (which comes from NetBSD).

September 7th, 2014|FreeBSD|1 Comment

The move from Linux to FreeBSD

About 2 months ago, I had a spare VPS at my host, Hetzner. So I decided to play with FreeBSD which was being offered for Hetzner servers and VPSes.
That’s how the whole thing started. I didn’t have much problems getting the concepts because it belongs to *nix family of OSes and I have been a pure Linux user since 2008.

First of all the basic difference between FreeBSD and GNU/Linux is that Linux is just the kernel and GNU is the userland. In layman’s terms, the hardware interface is called Linux, while the rest of the part: the shell, core tools, etc are GNU.It’s a piece from there, another from somewhere else and merging the whole thing into one collectively known as GNU/Linux. Linux itself cannot boot without GNU and GNU will not work without Linux (Yes, there is a GNU kernel project called GNU Hurd, but I don’t how far that went).
In FreeBSD, the whole thing is a complete unit. FreeBSD was derived from the original AT&T Unix and open sourced. You can read more about the differences at over-yonder.

June 7th, 2013|FreeBSD, Linux|72 Comments

Securing FreeBSD server with Fail2Ban and IPFW

I’ve been playing with a FreeBSD machine for a while now and my primary server now runs FreeBSD 😀
So I came across this problem: installing Fail2Ban with IPFW.

FreeBSD has three different firewalls, so it’s difficult for any upstream application to decide on what kind of setup it should advocate. There is no one-size-fits-for-all. I read about various firewalls, and since I wanted to stick with FreeBSD only, I decided to use IPFW.

April 18th, 2013|FreeBSD|0 Comments