宝塔升级到8.0.5后,网站列表一直卡在“正在获取名称,请稍候...” 解决办法
宝塔升级到8.0.5后,网站列表一直卡在“正在获取名称,请稍候...” 解决办法
wget https://download.bt.cn/bt-patch/8.0.4/bt-patch1.sh && bash bt-patch1.sh
宝塔升级到8.0.5后,网站列表一直卡在“正在获取名称,请稍候...” 解决办法
wget https://download.bt.cn/bt-patch/8.0.4/bt-patch1.sh && bash bt-patch1.sh
一:简单介绍
fail2ban是一款实用软件,可以监视你的系统日志,然后匹配日志的错误信息(正则式匹配)执行相应的屏蔽动作
在企业中,有些很多人会开放root登录,这样就有机会给黑客造成暴力破解的机会,root用户是众所周知的超级管理员,
即使是黑客来暴力破解没有成功,但是也可以造成你的Linux主机一直回应,这样一来你的主机负载就会很高,我们有什么
办法来控制呢,下面实验简单说明使用fail2ban工具的使用,如果深究的同学请登录fail2ban的官方文档熟悉详细操作。
二:实验环境
系统:CentOS6.4_x64
版本:fail2ban-0.8.14.tar.gz
IP:192.168.182.128
三:开始安装
首先安装依赖包
yum install vim gcc gcc-c++ wget -y
yum install shorewall gamin-python shorewall-shell shorewall-perl shorewall-common python-inotify python-ctypes -y
下载fail2ban包,官网为http://www.fail2ban.org/wiki/index.php/Main_Page
tar zxvf fail2ban-0.8.14.tar.gz
cd fail2ban-0.8.14
python setup.py install
默认安装路径在/etc/fail2ban,jail.conf为主配置文件。
vim /etc/fail2ban/jail.conf
####修改######
32 ignoreip = 127.0.0.1
94 [ssh-iptables]
95
96 enabled = ture
97 filter = sshd
98 action = iptables[name=SSH, port=ssh, protocol=tcp]
99 sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
100 logpath = /var/log/sshd.log
101 maxretry = 3
40 # "bantime" is the number of seconds that a host is banned.
41 bantime = 300
42
43 # A host is banned if it has generated "maxretry" during the last "findtime"
44 # seconds.
45 findtime = 600
46
47 # "maxretry" is the number of failures before a host get banned.
48 maxretry = 3
49
vim /etc/fail2ban/jail.conf
####修改######
32 ignoreip = 127.0.0.1
94 [ssh-iptables]
95
96 enabled = ture ###开启ssh-iptables
97 filter = sshd
98 action = iptables[name=SSH, port=ssh, protocol=tcp]
99 sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"]
100 logpath = /var/log/secure ##ssh默认登录的日志存放信息
101 maxretry = 3
40 # "bantime" is the number of seconds that a host is banned.
41 bantime = 300 #####锁定300秒/5分钟
42
43 # A host is banned if it has generated "maxretry" during the last "findtime"
44 # seconds.
45 findtime = 600 ####发现时间10分钟
46
47 # "maxretry" is the number of failures before a host get banned.
48 maxretry = 3 ###三次错误
49
配置好了我们要怎么启动源码安装的程序呢,首先先把这个程序加到程序启动里面。
[root@129-Slave fail2ban-0.8.14]# grep chkconfig ./* -R --color
./files/redhat-initd:# chkconfig: - 92 08
[root@129-Slave fail2ban-0.8.14]# cp ./files/redhat-initd /etc/init.d/fail2ban
[root@129-Slave fail2ban-0.8.14]# /etc/init.d/fail2ban start
Starting fail2ban: WARNING Wrong value for 'enabled' in 'ssh-iptables'. Using default one: ''false''
[ OK ]
[root@129-Slave fail2ban-0.8.14]# ps -aux | grep fail2ban
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.8/FAQ
root 1533 0.4 1.6 342148 8404 ? Sl 06:37 0:00 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x
root 1558 0.0 0.1 103248 868 pts/0 S+ 06:37 0:00 grep fail2ban
接下来可以看到是有fail2ban的进程,我们进行测试。
[root@129-Slave fail2ban-0.8.14]# ssh 192.168.182.129
The authenticity of host '192.168.182.129 (192.168.182.129)' can't be established.
RSA key fingerprint is 29:90:34:7b:a0:05:99:af:79:91:0e:ed:86:ad:cf:75.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.182.129' (RSA) to the list of known hosts.
root@192.168.182.129's password:
Permission denied, please try again.
root@192.168.182.129's password:
Permission denied, please try again.
root@192.168.182.129's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[root@129-Slave fail2ban-0.8.14]# ssh 192.168.182.129
ssh: connect to host 192.168.182.129 port 22: Connection refused
########这里我故意输错3次密码,可以见到我第二次链接的时候直接被锁定了。#########
echo "127.0.0.1 $(hostname)" |sudo tee -a /etc/hosts
deepin默认sshd服务是没有开启22端口的,我们需要手动开启,开启的方法如下:
输入命令查看22端口是否开放
sudo lsof -i:22
查看22端口是否开放,无返回信息,则表示没有开放;
使用vim命令编辑配置文件
sudo vim /etc/ssh/sshd_config
将内容中的如下两行的注释去掉
#Port 22
#ListenAddress 0.0.0.0
保存退出
重启ssh
sudo /etc/init.d/ssh restart
再次使用命令查看端口是否开发
sudo lsof -i:22,
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 34720 root 3u IPv4 182647 0t0 TCP *:ssh (LISTEN)
显示上面的信息说明以开放,试试是否可以远程登录
Matplotlib 是 Python 中类似 MATLAB 的绘图工具,但在python3中引入Matplotlib ,我遇到几次报错,在此记录一下。
源码如下:
import pandas as pd
import matplotlib.pyplot as plt
air_quality = pd.read_csv("air_quality_no2.csv", index_col=0, parse_dates=True)
print(f'打印空气质量表:\n {air_quality}')
plt.plot(air_quality)
plt.show()
报错一:Matplotlib is currently using agg, which is a non-GUI backend, so cannot show the figure.
解决方案:在引入Matplotlib后加入语句matplotlib.use('TkAgg'),注意要在末尾加,代码如下。
import pandas as pd
import matplotlib
import matplotlib.pyplot as plt
matplotlib.use('TkAgg') # 加在末尾
air_quality = pd.read_csv("air_quality_no2.csv", index_col=0, parse_dates=True)
print(f'打印空气质量表:\n {air_quality}')
plt.plot(air_quality)
plt.show()
报错二:如上加上matplotlib.use('TkAgg'),不在报之前的错误了
而是报了另一个错误ModuleNotFoundError: No module named 'tkinter''
解决方案:通常这种报错,只要安装并引入相应的包就能解决问题,但是在PyCharm添加软件包中并没有搜索到tkinter包,在终端使用命令pip3 install tkinter来安装,也提示没有这个软件包。
网络搜索了下发现,可以使用如下方法安装:sudo apt install python3-tk,安装之前可以通过命令sudo apt search python3-tk 进行查询是否已经安装过。
安装完成后,重新执行代码,就能正常生成图形了。