Search Results

Checking to see if an ACL is present in HAProxy For when you aren't sure if the whole process is working, you can manually connect to the HAProxy socket and print out the contents. socat is the way forward here. Install it with your favorite package manager, a...

Knocknoc can drive an nginx server's allow/deny list directly from the agent, without a wrapper script. Users authenticated by Knocknoc are added to a per-Knoc include file (for example /etc/nginx/acl/librenms.acl) that the agent rewrites atomically, then relo...

Apache 2.4 and above have slightly different ACL syntax, so this page covers how you can use Knocknoc to manage ACLs. The script for managing Apache ACLs as per this document was added to knocknoc-agent in version 1.0.31 Setup for your Apache webserver SSH to ...

G Suite can be set up as an Identity Provider if you have G Suite Business Starter or above plan. The basis of this guide is the official docs here: https://support.google.com/a/answer/6087519?hl=en which should be referred to in case anything changes from the...

Passive, Active or a combination Passive - Knocknoc's Allowlist feature provides a passive integration with firewalls that support External Dynamic Lists (EDLs).  This feature allows the firewall to pull from the Knocknoc server a list of IPs of authenticated ...

The Knocker utility is a command-line tool for managing various backends or server features with ease. It provides commands for enabling, disabling, installing, uninstalling, and performing health checks for supported backends. Usage (on Agent) /opt/knocknoc...

Below is a concise guide for a sysadmin (or developer) to set up and configure AWS WAF with a custom HTML 403 response and integrate it with your update-aws-waf-ipset.sh script (which follows the argument order <ACTION> <ACL_NAME_OR_ID> <IP_ADDRESS>). This gui...

Knocknoc keeps a track of source IP addresses and tries to be kind to users that share IPs. Think: shared office IP NAT address when using an internet-hosted Knocknoc. This means that if two users are coming from the same IP, revoking a session for the first u...

Debian distros (Ubuntu etc) If you are getting this error: Failed to fetch https://packages.knocknoc.io/debian/dists/bookworm/InRelease The following signatures were invalid: EXPKEYSIG E3AB5DF76BBF701F Knocknoc Support <support@knocknoc.io> You may have the o...