Stefan Helander

apache2 randomly uses old self signed certificate

/0 Comments/in /by

On a site with a valid SSL certificate, sometimes a page load would result in a warning about being insecure. When inspecting the certificate, it turned out to be an old self signed certificate that shouldn’t be in use any more since the site now has a valid “real” SSL certificate.

Reloading the page a couple of times after the problem occured, and the site loaded again with a green SSL “lock” symbol. But randomly the problem kept occuring.

Even after deleting the old self signed certificate files from the server and restarting apache2, the problem remaind.

It turned out that neither systemctl restart apache2, service apache2 restart or apachectl stop / start killed all running processes.

To verify this I did apachectl stop and then ps ax | grep apache2 revealing there where still running processes. After killing each of them manually I started apache2 again and the problem was resolved.

Stefan Helander

Ispconfig not processing job queue – spamfilter_policy error

/0 Comments/in /by

Suddenly some of my slave servers stopped processing the job queue. Ispconfig version 3.2.9. Investigating the log files.

/var/log/ispconfig/cron.log shows:

PHP Fatal error:  Uncaught mysqli_sql_exception: Data truncated for column 'warnvirusrecip' at row 1 in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php:302

See this discussion: https://forum.howtoforge.com/threads/uncaught-mysqli_sql_exception-data-truncated-for-column-warnvirusrecip-at-row-1.90116/

This is how I solved it. On the master server:

mysqldump -uroot -p --add-drop-table dbispconfig spamfilter_policy > spamfilter_policy.sql

Then copy the spamfilter_policy.sql to each slave server having problems processing the queue and do:

mysql -uroot -p dbispconfig < spamfilter_policy.sql

Stefan Helander

Teltonika RUT-240 / RUT-950 poor wifi client performance (fix!)

/0 Comments/in , /by

I use a couple of Teltonika RUT-240 and RUT-950 routers. One of them I bring with me when I travel. To save 4G data I usually hook it up as a wifi client against the hotel wifi.

After a while I realized the performance was really poor with a lot of packet loss and loosing connection completely from time to time. I moved the router so the signal was good (about 90%) but still had problems.

When configuring the wifi client failover, I set interval to 60, track ip to three different adresses (8.8.8.8, 8.8.4.4 and 1.1.1.1), reliabilty 1, count 10, up 3, down 3. This is to make sure that there is time enough to click through the hotel’s wifi portal page (before that you don’t have internet connectivity and ping will fail).

When I scan for a new network, I look for the access point with the strongest signal and copy the BSSID (8 hex numbers separated with colon). In hotels there are often several access points for the same network name and sometimes my router seems to be switch between them. In the wireless configuration screen I paste the BSSID in the BSSID field for the network I am connecting to, making sure I always connect to the strongest one.

While I’ve been travelling, I have been a bit lazy and just left different hotel’s wifi in the configured network list (I might return some day I thought). However, this seems to be bogging down the router. After I clearead the list of old wifi client configurations, my router became much faster and the connection was now really stable.

Stefan Helander

CloudLog gives ‘Access denied’

/0 Comments/in /by

Checking to web server logs reveals:

Got error 'Access to the script '/var/www/XXX/web/logbook' has been denied (see security.limit_extensions)'

The URL of the logbook showed https://DOMAIN/index.php/logbook

Solution

Add the following to php.ini for the site:

cgi.fix_pathinfo=1

Joomla! breadcrumbs module caching problem
Stefan Helander

Joomla! breadcrumbs module caching problem

/0 Comments/in /by

I’ve hade problems with the Joomla! breadcrumbs module being cached, so the wrong breadcrumb is being displayed. The problem is that the module is being cached. This has been reported as a bug and it has the status as being fixed. However, in an old Joomla! install, which is updated to the latest version, I still had this problem.

This is how I solved it.

  • In the breadcrumbs module, under the Advanced tab, set Caching to No caching and Cache Time to 0
  • In the Global settings, use Conservative caching (if Progressiv caching is used, I still had problems)
Stefan Helander

Zoneminder 1.37 no image – capturing but not analyzing

/0 Comments/in /by

Zoneminder version 1.37.28. The installation had been running for years without problem but somehwere in the 1.37 version problems started to occur. Some cameras did not give visible streams in Zoneminder from time to time. Checking the cameras video directly, they where ok, so the problem was in Zoneminder. Some cameras was “capturing” but analyzing 0 fps.

In the log there was lines like:

Restarting capture daemon for 6 CAMERA NAME, no image since startup. Startup time was 1671521356 – now 1671521366 > 5

And mostly interesting:

You have set the max video packets in the queue to 100. The queue is full. Either Analysis is not keeping up or your camera’s keyframe interval 50 is larger than this setting.

The reason for this is that the buffer setting for Maximum Image Buffer size (frames) is too low compared to the key frame interval setting in the camera. The higher key frame interval (which means lower bandwidth) means Image Buffer Size must be higher, consuming more RAM. So what you save in bandwidth, you will pay in RAM. Key frame interval is how often the camera sends a full image and between them just the difference. More seldom (higher key frame interval) means lower bandwidth but you need a bigger buffer in the server.

I set my cameras to deliver 5 fps with a key frame interval of 5 as they are on a remote location (not where the server is) and all video is streamed over the Internet to the server.

I changed the options for each camera, Console -> click on source -> Buffers and change Image Buffer Size (frames) (in my case set it to 3) and Maximum Image Buffer Size (frames) (in my case I could actually decrease it from 100 to just 55 because I reduced the fps and decreased the key frame interval in the camera).

Observe how memory is used after this. You need to balance the buffer sizes the cameras fps and key frame interval

Still it did not completely solve the problem. Only after changing Options -> System -> WATCH_MAX_DELAY from 5 to 45 and restart Zoneminder, the system started to show images for all feeds. It seems like 5 seconds for the capture to start was to little so it keept restarting the capture processes.

/tmp

As a part of the investigation I had also changed /tmp into tmpfs according to some post I found online, so I did that also but it did not solve the problem. However, it improved performance so I let it be. Add the following line to /etc/fstab and reboot:

tmpfs /tmp tmpfs rw,nosuid,nodev

Disable unused cameras

Another important thing when it comes to Zoneminder performance is to disable unused cameras. You can leave the camera in the Zoneminder configuration for later use but if it is going to be offline for a longer period, it is a good idea to disable it because a camera that is offline will put unecessary load on the Zoneminder server.

Go to Console -> click on source -> Source and set Capturing to None

Remember to put it back when the camera is online again 😉

Stefan Helander

Nagios check_vnc without authentication

/0 Comments/in /by

If you need to monitor a VNC service without logging in, the following check_command can be used.

Edit your nagios configuration file and add:

# VNC
define command{
command_name check_vnc
command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -w 5 -c 8 -
e "RFB"
}

Then on the service you want to monitor use:

define service{
use generic-service ; Name of service template to use host_name
host_name MYHOSTNAME
service_description VNC
is_volatile 0
check_period 24x7
max_check_attempts 3
normal_check_interval 5
retry_check_interval 1
contact_groups MYCONTACTGROUPS
notification_interval 240
notification_period 24x7
notification_options c,r
check_command check_vnc!5910
}

If you need another port than the standard one, just replace “5900”

Stefan Helander

WP Booking Calendar – style width and height of calendar

/0 Comments/in /by

In WP Booking Calendar, the calendar when displayed in a widget has a fixed size of 284px using inline css which makes it impossible to override in an external or internal css style.

However it is possible to override this by additional options in the shortcode. This is from the comments in the source code:

[booking type=56 form_type='standard' nummonths=4 options='{calendar months_num_in_row=2 width=568px cell_height=30px}']

In the options the width of the table can be given, also in % like 100% for example if you want the calendar to fill the surroinding container.

Stefan Helander

WordPress error 500 – Uncaught Error: Call to undefined function trailingslashit() in wp-includes/class-wp-textdomain-registry.php:103

/0 Comments/in /by

When updating the plugins in a WordPress site prior to updating it from WordPress 6.0 to 6.1.1 the site halted with error 500. Investigating the logs I found “Uncaught Error: Call to undefined function trailingslashit() in wp-includes/class-wp-textdomain-registry.php:103

Solution

HP EliteDesk 800 G1 running on 12 volts DC
Stefan Helander

Running HP EliteDesk 800 G1 USDT on 13.8 volts DC

/0 Comments/in , , /by

I got a HP EliteDesk 800 G1 USDT Ultra Slim Desktop computer for my ham schack. This is a small computer running on an external power supply just lika a laptop. It turned out to be the major source of RFI in my ham schack.

HP EliteDesk 800 G1 USDT

I suspected the power supply was the culrpit as those are switched ones and thought it might be possible to run the computer directly on my 13.8 VDC power supply that I use for my radios. The only voltages used in a computer is 12 and 5 volts, so there is probably a voltage regulator on the power input that regulates the voltage down from the 19 volts DC that the power supply outputs. Will it also run on 13.8 VDC?

Read more

The power cable to the HP EliteDesk 800 G1 USDT has a 3 pole connector, just the same as on laptops. One is negative, one is positive and the pin in the middle is a “power good” signal from the power supply. I read about people running 3rd party power supplies by connecting the power good over a resistor to the positive side, see this page.

Will it run if I just connect the power good to positive without a resistor? When I measured the voltages from the original power supply positive was +19 VDC and power good read about +12 VDC so it might be sufficient. Discussing it with a tech savvy friend, he suggested it might work and be worth a try.

I didn’t want to cut the cable on the original power supply but luckily I have a friend who hoardes old technical stuff and he happened to have an old broken HP laptop power supply, with the correct cable (who saves broken power supplies?, well it turned out to be useful in this case)

It works!

It turned out it works fine, no resistor needed. This might vary from model to model, but the HP EliteDesk 800 G1 USDT it works by directly connecting power good to the positive. This (image below) is the cable I now use to run my computer directly on 13.8 VDC. Black lead is negative, white is positive and blue is power good.

On 20 meters (14 MHz) my noise floor dropped from S5 to S0-A1!

HP EliteDesk 800 G1 running on 12 volts DC
Power cable to run a HP EliteDesk 800 G1 directly on 13.8 volts DC
IC-706 noise level on 20 m when running computer directly on 12 VDC
IC-706 noise level on 20 m (14 MHz) when running computer directly on 13.8 VDC