The Official Blog of Richard Ricketts

my personal knowledge base

Blog

Change Default Permissions for Uploaded Files via SFTP to 775

Posted by on 9:00 am in Tutorials | 0 comments

My basic solution to this, is to create a script that sits between SSH and SFTP and changes the umask as the user logs in: > vim /opt/sftp-server.sh #!/bin/bash umask 022 /usr/libexec/openssh/sftp-server Then edit the ssh_d config file (/etc/ssh/sshd_config) and edit the sftp SubSystem line to point to your script: Subsystem sftp /opt/sftp-server.sh Make sure you’ve set the permissions correctly on your new script: > chmod 755 /opt/sftp-server.sh Now files uploaded via SFTP should have the permissions...

read more

DigitalOcean NYC2 SLA Credit and Outage Explanation on July 21, 2014

Posted by on 8:39 am in Domaining | 0 comments

Hi, I would like to take a moment to apologize for the problems you may have experienced accessing your droplets in the NYC2 region July 21st, starting around 6PM Eastern time. Providing a stable infrastructure for all customers is our number one priority, and whenever we fall short we work to understand the problem and take steps to reduce the chance of it happening again. In this case, we’ve determined what were a few related events which contributed to the outage: First, we had a problematic optical module in one of our switches that was...

read more

IPTABLES, how to block ALL traffic to a server EXCEPT from one IP address

Posted by on 9:00 am in Tutorials | 0 comments

Just like the title says, these three rules will block all traffic to the given server EXCEPT from the specified IP address: # Allow traffic locally on the server iptables -I INPUT -s 127.0.0.1 -j ACCEPT # Allow traffic from given IP address iptables -I INPUT -s 192.168.0.1 -j ACCEPT # Block all OTHER traffic that does not meet the two conditions above iptables -P INPUT DROP

read more