Hi, I’m Andrew!

I’m a Linux Admin and Software Developer in Kansas.

I write about various projects, things I find interesting, and try to pass along some knowledge.

TryHackMe: Vulnversity

Meta Information: This is a room I recently completed on TryHackMe. I figured I’d do a write up of what I found, how I got in, and things that a potential sysadmin would want to do to fix their server. I’m writing this from the point-of-view of a independent security consultant. Description of Server The machine in question appears to be an Ubuntu Linux machine, with a number of open ports and protocols:...

July 6, 2021

Fix Virtualmin Proxy with Let's Encrypt

This is a minor inconvenience that I’ve dealt with for far too long. When using Virtualmin as a reverse proxy, it doesn’t handle Let’s Encrypt verification records correctly and forwards them to the upstream service. In my case, this would cause certificates to issue correctly initially, but then fail to renew after three months is up. Since every request that hits the server was getting sent to the upstream server (including any requests to ....

June 14, 2021

Backup Google Photos (Part 2)

In Part One we looked at how to download our photos from Google Photos to a local drive. But now we’ll look at how to archive them into human readable folders that can be included in daily snapshot backups. Our Problem Now we have all our photos downloaded, but I really wanted things to live on my NAS with the rest of my important files. This would also let me potentially delete photos from Google Photos but keep things locally....

April 15, 2021

Backup Google Photos (Part 1)

One service that I’ve come to rely on is Google Photos. For the last number of years, I’ve had photos on my phone (which is now my primary camera for trips) automatically backed up and categorized. It’s a slick service, but I feel most comfortable having local copies of photos and keep them in a snapshot backup system. Why I Did This Google Photos is great, and I don’t really have any issues with the service or its availability....

April 1, 2021

My Personal Burnout

I suffered a pretty hard burn out a couple of years ago. I ended up changing jobs, and only then did I realize just how exhausted I was. I wanted to share my experience, what happened, how I think it could have been prevented, and remind everybody that their mental well being important. Quick Disclaimer: I’m not writing this to place any blame on what happened. This was mostly the result of circumstances beyond anyone’s control, so no one really is at fault....

March 17, 2021

A New Site

I’m not a huge fan of meta posts, but this seemed like a fairly major change so I’m making one. I’ve updated my site to use Hugo rather than Wordpress. Wordpress is nice and all, but it’s fairly complex for this site and with horror stories of rouge plugins, I didn’t feel it was the best choice. Also, the new static site is a lot faster and a lot easier to work with, so those are also added bonuses....

March 13, 2021

Condensed PHPMyAdmin Configuration

This is something that bothered me when adding more than one server to PHPMyAdmin. The default configuration is very verbose, and largely isn’t needed for simple use cases. In my case, I boiled down the config options I use most frequently, and changed the format to be more inline. The format doesn’t look too good on the site, but it is pretty clean once in a wider editor. $cfg['Servers'] = [ 1 => [ 'host' => 'xxx', // MySQL hostname or IP address 'port' => '', // MySQL port - leave blank for default port 'socket' => '', // Path to the socket - leave blank for default socket 'ssl' => true, // Use SSL for connecting to MySQL server?...

December 2, 2019 · Andrew

Securing Apache Sites With Saml

So I recently have fallen in love with single sign on. I really like centralized user management, and being able to adapt it into many different application is really sweet. Plus, it makes compliance people happy! One feature I like is the ability to secure arbitrary Apache websites with it using a plugin called Mellon. Basically this acts like the native apache authentication, but rather than present a window for a username and password, it redirects you to your SSO provider to login....

October 25, 2019 · Andrew