Monthly Archives: January 2016

Postfix allow only localhost outgoing emails.

Leave a reply

A lot of servers don’t need to receive mail, as people nowadays use services like Gmail.

It is simple as changing the inet_interfaces directive in main.cnf from all to 127.0.0.1

vim /etc/postfix/main.cf
inet_interfaces = 127.0.0.1

You can verify it by testing with nmap, it should say it is a closed port

nmap -p 25 domain.com

Starting Nmap 6.40 ( http://nmap.org ) at 2016-01-28 22:55 EET
Nmap scan report for embodyactive.net.au (128.199.108.77)
Host is up (0.37s latency).
PORT   STATE  SERVICE
25/tcp closed smtp

Nmap done: 1 IP address (1 host up) scanned in 0.79 seconds

Nginx simple load balancing.

Leave a reply

Nginx is amazing and load balancing with it is so easy, since it is a proxy too we can have everything working perfectly on the same domain.
First you will need few application servers that are listening to some ports, and the might be different like 81, 82, 83 etc. But that is not necessarily.

Then you need something like this on the load balancer, and voila – 

server {

  listen 80;
  server_name balancer;

  location / {
     proxy_pass  http://balancer;
     include /etc/nginx/proxy_params;
  }

}
    
upstream balancer {
   ip_hash;
   server ha1.com;
   server ha2.com:82;
   server ha3.com:83;
}

ip_hash is important for sessions and logins, if you don’t want to have users logged out from your site, as the default behavior is round-robin which mean the users will cycle on the next node after every request.

There is other configuration options, but this is just quick syntax reference, you can check the documentation here – http://nginx.org/en/docs/http/load_balancing.html