Fail2Ban Behind a Reverse Proxy: The Almost-Correct Way

Fail2Ban is a wonderful tool for managing failed authentication or usage attempts for anything public facing. However, by default, it’s not without it’s drawbacks: Fail2Ban uses iptables to manage it’s bans, inserting a --reject-with icmp-port-unreachable rule for each banned host. The thing with this is that I use a fairly large amount of reverse-proxying on this network to handle things like TLS termination and just general upper-layer routing. Since it’s the proxy that’s accepting the client connections, the actual server host, even if its logging system understands what’s happening (say, with PROXY protocol) and logs the real client’s IP address, even if Fail2Ban puts that IP into the iptables rules, since that’s not the connecting IP, it means nothing. What I really need is some way for Fail2Ban to manage it’s ban list, effectively, remotely. Luckily, it’s not that hard to change it to do something like that, with a little fiddling.

AbuseIPDB Checking With Postfix

2021-12-31 12 min read Programming Security Software Sysadmin stuff Tech Teknikal_Domain Unable to load comment count

Updated Dec 31, 2021

So if you’ve not heard, there’s this website called AbuseIPDB, which, no affiliation, is a website where webmasters can submit reports of abusive IP addresses, and then query those reports, either manually, or using their REST API. And this is how I did exactly that, to help cut down some of the spam on my email server. Let’s get started.

Shortening My URLs With tekdmn.me

2021-02-08 5 min read Behind the scenes Blog improvements Programming Tech Web stuff Teknikal_Domain Unable to load comment count

Has anyone noticed that I’ve been giving out URLs of the form tekdmn.me and not teknikaldomain.me? Well, not only did I buy another domain that’s just a shorter version of this one, but it’s also, at the moment, the singular domain I have that’s 100% serverless. How? Cloudflare, obviously.

Temperatures as You Like

2021-01-27 4 min read Behind the scenes Blog improvements Programming Web stuff Teknikal_Domain Unable to load comment count

So here’s a short one for you: Do you like your temperatures expressed as °F, or °C?¹

Well, there’s one fundamental issue with me writing like the way I have been. I can put, say, “I decreased temperatures by 20°F by cleaning the fans,” but if you’re a °C person, then you need to take a quick detour to convert that to units that you’re more familiar with. A common way to do this would be to notate that as “20°F (11.11 °C)”, which works, but I’m effectively stating myself twice, and hoping that I actually got my numbers right. Plus that opens up the possibility for writing °F (°C) one time, and °C (°F) another. So for basically no benefit except me getting to be proud of myself, let’s improve on that.

Spin the Whee- I Mean, the Subtitle Randomizer!

2020-05-05 7 min read Behind the scenes Blog improvements Programming Tech Web stuff Teknikal_Domain Unable to load comment count

So if you haven’t noticed, every time you view that main title bar, the subtitle has a little extra tagline on the end of it… sometimes, sometimes it doesn’t. Well, that randomizes on every request. And here, we talk about the smallest thing I’ve made, to date: the tagline picker for that.

Adding Google Charts Integration

2020-04-14 8 min read Behind the scenes Blog improvements Programming Tech Web stuff Teknikal_Domain Unable to load comment count

Yesterday I posted about Cloudflare’s cache, and if you didn’t notice (or read far enough down), there’s actual pie charts with data in them for visualization.

Yeah, so now I can add the Google Charts API and draw charts on any page that I like, and the best part is that it was surprisingly simple to do that.

Improving My Site With Cloudflare Workers and Amazon S3

2020-04-05 16 min read Behind the scenes Blog improvements Programming Tech Web stuff Teknikal_Domain Unable to load comment count

So as of now, anything much more over 1 MB I’m not going to take up space on all my devices hosting — I’ll just offload it to someone else. And how do I get it back? JavaScript.

No wait, I’m actually serious. As of now, I essentially have Cloudflare as a CDN that’s backed by the Amazon S3 storage service. Posts such as the one about light balance have everything but the featured image… not here anymore.

Today I Discovered: Graph Databases

2020-03-19 4 min read Programming Today I discovered Teknikal_Domain Unable to load comment count

So if you’re used to databases, you know what SQL is, most likely, and the most common SQL (relational) databases. If you’re a little more advanced, maybe you’ve heard of or even messed around with NoSQL databases. Well today, I just found something cool: graph databases — a cross between a database, and mathematical graph theory. SQL / Relational Databases SQL, or Structured Query Language, is a language that allows you to perform operations on a database, more or less independent of the database itself, the file format on disk, etc. Continue reading

TCP, UDP, and SCTP

2020-03-18 6 min read Networking Programming Tech explained Teknikal_Domain Unable to load comment count

Now I know that if you’ve been on the internet long enough, you’ve at least heard the term TCP thrown around. Maybe UDP too, and to any networking people here, you should be very familiar with what they are and how they compare. Well today, I bring the unheard third layer 4 protocol into the spotlight: SCTP

My Quick Peek Into Redis

2020-03-16 2 min read Programming Software Teknikal_Domain Unable to load comment count

Yeah, it’s definitely been something of a journey, alright. Redis, for those unaware, is, essentially an in-memory key-value store. At the most pasic level, this seems fine. Start looking into the documentation, and.. well it just seems to do everything really.

Older posts