I have a chat application using ejabberd2. Now, I need to transfer file over chat message. I just configure mod_proxy65 in the ejabberd.cfg file and open the port 7777. But send file failed.
myejabberd.cfg settings
{mod_proxy65, [
{ip, {118,132,178,95}},
{name, "SOCKS5 Bytestreams"},
{host, "proxy.amadoa.org"}
]},
Anybody know how I enable mod_proxy65 in ejabberd2? Do I need to install any additional modules here?
Help is highly appreciated. Thanks
Most people confuse host with hostname ejabberd configuration, hostname is where you should provide your public IP or www.domain.com, where host is the logical name that you give to your ejabberd server; it defaults to proxy.domain.com,
Moreover the IP address is the IP of the interface that Ejabberd listens, so, it should be local address. Llike: 192.168.1.10 to listen on one interface, or 0.0.0.0 to listen on all the interaces, or 127.0.0.1 to allow local file transfers only.
Example of configuration that worked for me:
{mod_proxy65, [
{host, "proxy.domain.com"}, %% defines the Jabber ID of service. If not specified, Jabber ID will be hostname of the virtual host with the prefix 'proxy'.
%%{ip, {192,168,1,90}}, %% this line works, or use the below line
{ip, {0,0,0,0}}, %% 127.0.0.1 by default, make it 0.0.0.0 to listen on all interfaces, or the ip of specific interface
{hostname, "www.domain.com"}, % useful service run behind a NAT. default is value of ip option. Ex: "proxy.mydomain.org", "200.150.100.50"
{port, 7777}, %% Default, we don't need to add
{access, all}, %% Default, we don't need to add
{shaper, c2s_shaper}
]},
Related
I have created a virtualmin account to manage multiple servers instead of cPanel and after reading all of the documentation I have yet to see why my subdomain does not load under port 10000.
I'd like to have some form of control if I do plan on giving other users accounts, without having to have them use an IP which does not allow port 443.
After finishing installation they gave me my IP with port 10000
and my domain with port 10000 and the only one that loads is the IP address.
Problem solved. To anyone on Debian facing this issue, run a virtualhost and use a reverse proxy to load the url containing port, and disable SSL only.
You should have panel.example.com running your virtualmin control panel.
So I have an EC2 instance on AWS and it runs Mongodb. I have been having issues with hackers for a few months now and I can't seem to figure out how to keep them out. Luckily, I don't have anything important on there.
I did notice that my security group on AWS is basically open to all. For example, my inbound rules:
Port 80, tcp, 0.0.0.0/0
Port 8080, tcp, 0.0.0.0/0
Port all, tcp, 0.0.0.0/0
Port 22, tcp, 0.0.0.0/0
Port 27017, tcp, 0.0.0.0/0
Port 443, tcp, 0.0.0.0/0
If i change the source is there a convention I should follow? How should I set the source? I am new to this as I did not set up my security groups. Just trying to figure out how I can keep out the hackers. They have been going at it for a while now.
The0.0.0.0/0 means that the port allows connection from anywhere on the internet.
If you set the source, only the source (whether it's an IP or a range of ups) will be able to access the port.
How are you going to set the source really depends on your needs.
your data source should ideally allow access only from trusted internal IPs. remove full access of all tcp ports. only keep 27017 and map it to the IP address which is accessing your system. For web access, it's best to configure a reverse proxy and access it via that proxy.
If you are the only one accessing the EC2 instance, you can edit your security group and choose "My IP" as the Source, and then only you would be able to access it and the hackers will not.
It is best practice to limit command and control ports (22, 3389, etc) to only be accessible from known networks, such as your home, VPN IP pool, or corporate network.
Is there a way to set HAProxy to listen on a specific port only if the hostname from the IP used matches a certain criteria?
The distinctin is important: My server has multiple IPs, which match a domain (www1.xxxx.com, www2.xxxx.com, etc).
I want to open port YYYY only if the domain used to connect to HAProxy is www.xxxx.com. If testing via www1.xxxx.com, that port would be refused.
Note that HAProxy is used in TCP mode, not HTTP.
Is this possible?
Thank you.
May be something like this?
listen port_3306
bind :3306
mode tcp
acl my-ip src 216.58.204.78
tcp-request content accept if my-ip
server my-test-comms localhost:3306 check
Attaching the documentation link, may be you can play around with those settings.
Hope this helps.
what is the default address IP of Nagios server?
allowed_hosts=127.0.0.1,<Nagios ip server>
Thank you in advance.
There is no default address as such,
allowed_hosts=10.0.0.1,10.0.0.2,10.0.0.3,127.0.0.1
above is the configuration which is given in the nrpe.cfg file under your nagios directory which allows you to perform remote executions by allowing the connection from the host's define above, provided the port 5666 is open.
I need to get the original endpoint configurations from the .csdef file, how can I do it?
I cannot use RoleEnvironment.CurrentRoleInstance.InstanceEndpoints, because it gives me the internal/local port in the virtual IP. But I need to know which is the port is being shown to the public.
For example I have a FTP server with a tcp 21 end point, but when I check at runrime to that collection it can has something like tcp 5100. When I bind the FTP server to tcp 5100 and access the server through, for example, 127.0.0.1:21 it works perfectly.
But for example, when I need to establish the PASV mode, I have to send back the IP and port where the client should connect. I'll work out the IP, but how could I know the port that has been configured for PASV? the port in the previous collection is not ensured to be the same that is exposed in the public interface.
So basically, how may I get the original .csdef configuration?
Cheers.
I'm not sure if this works with FTP but when using HTTP, it will returned the inner address and port if using HttpContext.Requst.Url. I was using Header["Host"] instead. Hope this helps.