Checking your password expiration date (Linux Edition)

While logging into one of the Linux jump boxes at work today, it occurred to me that while I recently got notified about my password expiration from our Active Directory farm, I had no idea when my Linux password would expire or what the password life was.

To find out this information you can easily use the chage command.

Here is what the output looks like:

[user@myserver ~]$ chage -l user
Last password change : Apr 09, 2015
Password expires : Jul 08, 2015
Password inactive : never
Account expires : never
Minimum number of days between password change : 1
Maximum number of days between password change : 90
Number of days of warning before password expires : 7

It may seem like such a simple thing to do, but knowing when your password expires can be a lifesaver on occasion.

Checking your password expiration date (Linux Edition)

While logging into one of the Linux jump boxes at work today, it occurred to me that while I recently got notified about my password expiration from our Active Directory farm, I had no idea when my Linux password would expire or what the password life was.

To find out this information you can easily use the chage command.

Here is what the output looks like:

[user@myserver ~]$ chage -l user
Last password change : Apr 09, 2015
Password expires : Jul 08, 2015
Password inactive : never
Account expires : never
Minimum number of days between password change : 1
Maximum number of days between password change : 90
Number of days of warning before password expires : 7

It may seem like such a simple thing to do, but knowing when your password expires can be a lifesaver on occasion.

Posted in Uncategorized

Checking your password expiration date (Active Directory Edition)

In many cases your enterprise Active Directory will not involve too many domains, in fact it is quite common for an Active Directory implementation to only include one domain.  In some cases, however, when you have the unfortunate situation of having a username in multliple domains with differing policies on password expiration it is useful to be able to know when your password, or that of another user will expire.  Here is an easy way to accomplish this from the command line.

For the current active user

net user /domain

For a different user

net user /domain _username_here_

Here is an example of the output:

User name afore
Full Name Andrew Fore
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 1/29/2015 4:38:37 PM
Password expires 4/29/2015 4:38:37 PM
Password changeable 1/29/2015 4:38:37 PM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon 3/18/2015 3:27:55 PM
Logon hours allowed All
Local Group Memberships
Global Group memberships *
VMWare Admins *
Domain Users*
Staff

If you notice there is a lot of useful information regarding the user account here, but of particular interest in my situation was the value of Password expires since I was trying to ensure that I got my password reset prior to the policy setting so that I would not find myself locked out over the weekend that I went on call when the Helpdesk would be closed.

Posted in Uncategorized

Checking your password expiration date (Active Directory Edition)

In many cases your enterprise Active Directory will not involve too many domains, in fact it is quite common for an Active Directory implementation to only include one domain.  In some cases, however, when you have the unfortunate situation of having a username in multliple domains with differing policies on password expiration it is useful to be able to know when your password, or that of another user will expire.  Here is an easy way to accomplish this from the command line.

For the current active user

net user /domain

For a different user

net user /domain _username_here_

Here is an example of the output:

User name afore
Full Name Andrew Fore
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 1/29/2015 4:38:37 PM
Password expires 4/29/2015 4:38:37 PM
Password changeable 1/29/2015 4:38:37 PM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon 3/18/2015 3:27:55 PM
Logon hours allowed All
Local Group Memberships
Global Group memberships *
VMWare Admins *
Domain Users*
Staff

If you notice there is a lot of useful information regarding the user account here, but of particular interest in my situation was the value of Password expires since I was trying to ensure that I got my password reset prior to the policy setting so that I would not find myself locked out over the weekend that I went on call when the Helpdesk would be closed.

Posted in Uncategorized

Checking your password expiration date (Active Directory Edition)

In many cases your enterprise Active Directory will not involve too many domains, in fact it is quite common for an Active Directory implementation to only include one domain.  In some cases, however, when you have the unfortunate situation of having a username in multliple domains with differing policies on password expiration it is useful to be able to know when your password, or that of another user will expire.  Here is an easy way to accomplish this from the command line.

For the current active user

net user /domain

For a different user

net user /domain _username_here_

Here is an example of the output:

User name afore
Full Name Andrew Fore
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 1/29/2015 4:38:37 PM
Password expires 4/29/2015 4:38:37 PM
Password changeable 1/29/2015 4:38:37 PM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon 3/18/2015 3:27:55 PM
Logon hours allowed All
Local Group Memberships
Global Group memberships *
VMWare Admins *
Domain Users*
Staff

If you notice there is a lot of useful information regarding the user account here, but of particular interest in my situation was the value of Password expires since I was trying to ensure that I got my password reset prior to the policy setting so that I would not find myself locked out over the weekend that I went on call when the Helpdesk would be closed.

Checking your password expiration date (Active Directory Edition)

In many cases your enterprise Active Directory will not involve too many domains, in fact it is quite common for an Active Directory implementation to only include one domain.  In some cases, however, when you have the unfortunate situation of having a username in multliple domains with differing policies on password expiration it is useful to be able to know when your password, or that of another user will expire.  Here is an easy way to accomplish this from the command line.

For the current active user

net user /domain

For a different user

net user /domain _username_here_

Here is an example of the output:

User name afore
Full Name Andrew Fore
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 1/29/2015 4:38:37 PM
Password expires 4/29/2015 4:38:37 PM
Password changeable 1/29/2015 4:38:37 PM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon 3/18/2015 3:27:55 PM
Logon hours allowed All
Local Group Memberships
Global Group memberships *
VMWare Admins *
Domain Users*
Staff

If you notice there is a lot of useful information regarding the user account here, but of particular interest in my situation was the value of Password expires since I was trying to ensure that I got my password reset prior to the policy setting so that I would not find myself locked out over the weekend that I went on call when the Helpdesk would be closed.

Posted in Uncategorized

Updating WordFence WAF Whitelist IP programmatically

WordPress is one of the most popular CMS systems on the Internet. In the United States alone, roughly 30% of the top 1 million websites are powered by this system.

One of the most obvious things that you have to be concerned with on any hosting site is security. A widely used WordPress security plugin is WordFence. One of the featured of this plugin is a WAF, or web application firewall. While having a firewall is very handy and a great method of blocking bad actors, there are often cases in which you would want to whitelist an IP address to ensure that certain traffic sources always make it in.

For example, I try to ensure that the dynamic DNS IP for my home egress is always whitelisted to ensure that I am never blocked from managing my own CMS. With a CMS however you do not always know when your ISP changes your IP.

Fortunately, like all WP plugins, WordFence stores its configuration data in tables in the WP database. This allows for programmatic access via the command line. In order to handle this what I can up with was a script that can be run on manual basis, or via a cronjob, to update this database field.

You can check the script out in my Github repo: https://github.com/andyfore/wordfence_whitelist_conversion

Posted in Uncategorized

Updating WordFence WAF Whitelist IP programmatically

WordPress is one of the most popular CMS systems on the Internet. In the United States alone, roughly 30% of the top 1 million websites are powered by this system.

One of the most obvious things that you have to be concerned with on any hosting site is security. A widely used WordPress security plugin is WordFence. One of the featured of this plugin is a WAF, or web application firewall. While having a firewall is very handy and a great method of blocking bad actors, there are often cases in which you would want to whitelist an IP address to ensure that certain traffic sources always make it in.

For example, I try to ensure that the dynamic DNS IP for my home egress is always whitelisted to ensure that I am never blocked from managing my own CMS. With a CMS however you do not always know when your ISP changes your IP.

Fortunately, like all WP plugins, WordFence stores its configuration data in tables in the WP database. This allows for programmatic access via the command line. In order to handle this what I can up with was a script that can be run on manual basis, or via a cronjob, to update this database field.

You can check the script out in my Github repo: https://github.com/andyfore/wordfence_whitelist_conversion

Updating WordFence WAF Whitelist IP programmatically

WordPress is one of the most popular CMS systems on the Internet. In the United States alone, roughly 30% of the top 1 million websites are powered by this system.

One of the most obvious things that you have to be concerned with on any hosting site is security. A widely used WordPress security plugin is WordFence. One of the featured of this plugin is a WAF, or web application firewall. While having a firewall is very handy and a great method of blocking bad actors, there are often cases in which you would want to whitelist an IP address to ensure that certain traffic sources always make it in.

For example, I try to ensure that the dynamic DNS IP for my home egress is always whitelisted to ensure that I am never blocked from managing my own CMS. With a CMS however you do not always know when your ISP changes your IP.

Fortunately, like all WP plugins, WordFence stores its configuration data in tables in the WP database. This allows for programmatic access via the command line. In order to handle this what I can up with was a script that can be run on manual basis, or via a cronjob, to update this database field.

You can check the script out in my Github repo: https://github.com/andyfore/wordfence_whitelist_conversion

Posted in Uncategorized

Updating WordFence WAF Whitelist IP programmatically

WordPress is one of the most popular CMS systems on the Internet. In the United States alone, roughly 30% of the top 1 million websites are powered by this system.

One of the most obvious things that you have to be concerned with on any hosting site is security. A widely used WordPress security plugin is WordFence. One of the featured of this plugin is a WAF, or web application firewall. While having a firewall is very handy and a great method of blocking bad actors, there are often cases in which you would want to whitelist an IP address to ensure that certain traffic sources always make it in.

For example, I try to ensure that the dynamic DNS IP for my home egress is always whitelisted to ensure that I am never blocked from managing my own CMS. With a CMS however you do not always know when your ISP changes your IP.

Fortunately, like all WP plugins, WordFence stores its configuration data in tables in the WP database. This allows for programmatic access via the command line. In order to handle this what I can up with was a script that can be run on manual basis, or via a cronjob, to update this database field.

You can check the script out in my Github repo: https://github.com/andyfore/wordfence_whitelist_conversion

Posted in Uncategorized