If you run nginx behind a CDN, you will by default see the proxy/CDNIPinstead of the real client. Edit the global http { part of nginx.conf and add this: # 1. Specify the IP address of your trusted proxy/load balancer set_real_ip_from 1.2.3.4; set_real_ip_from 5.2.3.4; # 2. Specify which header contains the real client IP real_ip_header X-Forwarded-For;........

Normally the first thing you would think is that you should use the host network in Docker but this loses the isolation, in that case I'd rather use LXC and a public IP or a full VM with public IP to avoid these issues. Before you Start I assume you have also ruled out any firewall issues on either end, that RTP or SIP signaling is not being blocked by either side. 1.) Key Settings in Docker/Ports Before starting, I assume you have forwarded........

Add this to your Apache config: LoadModule log_forensic_module modules/mod_log_forensic.so Restart Apache Set the location of the forensic log. ForensicLog /var/log/apache2/forensic.log Here is an example of an entry in forensic: +16831:68ca525e:3c5|GET /some/url HTTP/1.1|sec-fetch-dest:document|user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15........

Your frontend CDN (eg. Cloudflare or even your own load balancer/proxy) must be sending the X-Forwarded-For and you must be running Apache on the backend. This solves the problem where your logs and services will only see the proxy/CDN IP and not the real client IP. modremoteip is the most modern and current working solution Step 1.) Enable remoteip a2enmod remoteip Step 2.) Edit/Enable the correct config Edit t........

If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing. The above results in this less than obv........

Why choose OpenVPN instead of a firewall appliance? OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time. When comparing OpenVPN with traditional firewal........

So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside? Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature. Requirements On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........

debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006 debug1: Local forwarding listening on 127.0.0.1 port 18006. debug1: channel 0: new [port listener] debug1: Local forwarding listening on ::1 port 18006. bind: Cannot assign requested address What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........

This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it. 1. Java Security/TLS Settings issue: This article has the solution to change them all in Linux automatically 2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP........

Avocent Unable to load resource avctVideo.jar Avocent requires port 80 and 443 to be forwarded or you will get a message like above if it's on a NAT network and you are accessing it from the outside (internet).........

I don't expect this to be solved soon but some of Yahoo's DNS servers are out of whack. I changed the IPs of some nameservers of some domains and now most Yahoo users can't e-mail to those domains! As you can see below by the "No MX or A records for mychangedomain.com", now Yahoo's DNS/mailserver DNS cache is wrong. You would think they would at least have cached the old incorrect records, but instead for some reason their DNS cache has no entry and doesn't seem........