modsec rule to stop xmlrpc attack

Lots of attacks are made towards WordPress XML-RPC (xmlrpc.php), which can cause a slowdown in the server. Below is the modsec rule to stop xmlrpc attack:

#Block requests to xmlrpc.php with no referring URL
SecRule REQUEST_METHOD "POST" "deny,status:401,id:5000900,chain,msg:'xmlrpc request blocked, no referer'"
SecRule &HTTP_REFERER "@eq 0" "chain"
SecRule REQUEST_URI "xmlrpc.php"

Perubahan IP DNS Cluster USA 19-Jan-2019

Kami sampaikan bahwa ada perubahan IP address untuk DNS Cluster USA (ns3) dari semula menjadi

Untuk reseller yang menggunakan private NS silakan update IP NS dari sisi domain registry anda dari semula menjadi Kami telah update untuk sisi server DNS kami. Selengkapnya adalah sbb:

Nameserver 1:
Nameserver 1 IP:

Nameserver 2:
Nameserver 2 IP:

Nameserver 3:
Nameserver 2 IP: [updated]

Demikian disampaikan. Mohon maaf atas ketidaknyamanan ini.

Posted in News. Comments Off on Perubahan IP DNS Cluster USA 19-Jan-2019

Tuning sysctl.conf on CentOS 7

Sysctl lets the user fine tune the kernel without having to rebuild the kernel. It also will apply the changes immediately, thus the server won’t have to be rebooted for changes to take effect. To make the changes permanent, you will have to add these values to a configuration file. Use the configuration file CentOS provides by default, /etc/sysctl.conf.

Open the file with your favorite editor.

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
# For more information, see sysctl.conf(5) and sysctl.d(5).

# Minimizing the amount of swapping
vm.swappiness = 20
vm.dirty_ratio = 80
vm.dirty_background_ratio = 5

# Increases the size of file handles and inode cache & restricts core dumps
fs.file-max = 2097152
fs.suid_dumpable = 0

# Change the amount of incoming connections and incoming connections backlog
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 262144

# Increase the maximum amount of memory buffers
net.core.optmem_max = 25165824

# Increase the default and maximum send/receive buffers
net.core.rmem_default = 31457280
net.core.rmem_max = 67108864
net.core.wmem_default = 31457280
net.core.wmen_max = 67108864

# Enable TCP SYN cookie protection
net.ipv4.tcp_syncookies = 1

# Enable IP spoofing protection
net.ipv4.conf.all.rp_filter = 1

# Enable ignoring to ICMP requests and broadcasts request
net.ipv4.icmp_echo_ignore_all = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Enable logging of spoofed packets, source routed packets and redirect packets
net.ipv4.conf.all.log_martians = 1

# Disable IP source routing
net.ipv4.conf.all.accept_source_route = 0

# Disable ICMP redirect acceptance
net.ipv4.conf.all.accept_redirects = 0