How to password protect Apache site or folder but still allow some IP ranges

There are cases where you’d want a particular site or subfolder to be easily accessible from specific locations (like the intranet) but apply a minimum protection from public eye for the wide internet.

Apache does support this mixed configuration for its sites through its htaccess functionality.

How to upgrade Virtualmin scripts when PHP version checks fail

When things have been running for long enough various updates and configuration changes start adding up with leftovers bound to cause an issue sooner or later.
With Virtualmin, one such issue is the system’s inability to automatically update its scripts to newer versions based on the incorrect detection that an older PHP version is running on the server instead of the actual one.

How to update OpenWRT while retaining existing configuration and all custom packages

OpenWRT upgrades itself by saving configuration files from known locations (plus manually defined files), overwriting the partition with the latest firmware and then restoring the saved configuration.

This usually works for the configuration itself, however the process doesn’t take care of any custom packages that were previously installed manually (either through LuCI or with opkg). These packages need to be noted down beforehand and then reinstalled.

How to serve custom DHCP configuration with OpenWRT’s dnsmasq

There are times when you need to filter out what some hosts in the network can or cannot do. When you have a router running OpenWRT this can be done at the firewall level.

But if you’re not much into advanced configuration and just want to completely block out some network hosts from reaching the internet (and hence phoning home) then it’s a lot simpler to do this directly from the DHCP and simply leave them without a DNS and gateway configuration.

How to optimize used space in flash storage images

Due to their write-sensitive nature, flash storage (both USB sticks and SD cards) normally don’t get zeroed out when data is deleted, making any images created for backup purposes contain random data in the empty sectors. This makes images take up the full size of the disk/card even if very little is actually used from it and also makes image poorly compressible.

The solution is to zero out the unused space in the image file before compressing it. Linux has all the tools necessary for this task readily built-in. If one is not available, a bootable self-contained system such as SystemRescue can be used instead.

How to filter SSH connections with hosts.allow on Rocky Linux / CentOS 8

The TCP Wrappers suite of programs is no longer included in RHEL 8, meaning the hosts.allow/deny files no longer exist nor work. This makes quick filtering SSH connections per IP address a bit more difficult as it requires configuring the firewall.

Luckily, the tcp_wrappers package is still available in the EPEL repository even for versions 8 so the previous functionality can be restored, albeit with some additional steps.

How to add (experimental) sensors support for IT8665E in CentOS

Due to lacking driver support for newer hardware I have been missing hardware monitoring on my home server for more than 4 years now, having access to only hard disks temperatures.

Now the time has come to upgrade the good ol’ machine to a new hardware configuration – and of course the new hardware is also unsupported in even the latest CentOS kernels.

Google has nightmares and sees evil things

No, the site wasn’t hacked (I checked and double-checked), I haven’t started hosting viruses or other nefarious things, the warning you may be seeing appears to stem from the fact that Google’s algorithms decided (after over a year) that they don’t like a particular program I link to and flagged an entire category of articles as dangerous.

Thanks also to the fact that Google’s SafeBrowsing lists are used by all major browsers this warning is present in all browser while accessing any of my tech-related articles. So until Google gets its fact straight and has less nightmares about invisible enemies, you’re free to browse those articles at your own risk. Or not, your choice.