Naufal Projects

In this post, i will show you how to setup failover links on MikroTik. I’m using “recursive gateway” method Background : i have 2 connections, 1 from Fiber Optic and 1 from 4G. If my connection (from Fiber Optic) is down, it does not switch to 4G (except if you dial your ISP’s PPPoE from MikroTik. Or using DHCP from ISP, not from your ONT). So, i was think how to setup “auto route” to 4G Here is the guide : 1. Go to “IP >> Routes” 2. Create new route, and follow this (Don’t forget to apply) : Dst Address : 1.1.1.1 (i’m using this) Gateway : your ISP gateway 3. Then, create new route again, and follow this (Don’t forget to apply) : Dst Address : keep it Gateway : 1.1.1.1 (follow from step 2) Distance : 1 Check Gateway : Ping Target Scope : 30 And what about for secondary (or other) link? You can follow from step 2. But starts from step 2, Gateway (at step 3) and Distance (at step 3) you must set other than main link. For example : Second Static Route : Dst Address : 1.1.1.2 Gatew

If you switched to new theme, you may want to delete that old one. Or, you want to remove preinstalled WordPress theme (assuming that you don’t use preinstalled theme). Why Delete a WP Theme? It can be a “trash” for your storage Some themes have a vulnerability You will get an update, even you don’t using at all In this article, i will show how to delete a WP theme. Of course, this method is totally safe, because you don’t need to access “file manager” or “database”, just from wp-admin 1. First, go to  Appearance » Themes  page and click “Theme Details” on the theme that you want to delete.   2. Click “Delete Theme”. Your browser will prompt for confirm. Then, click OK That’s it. Now, your unused theme is deleted permanently. Hope you enjoy my article ^_^

If you do a start VM using Ubuntu VM with KVM, you will get long boot times. That is because cloud-init trying to auto initialization for your cloud instance. You can remove cloud-init permanently, by following this guide 1. Disable all cloud-init service dpkg-reconfigure cloud-init Then, disable all data sources. By pressing “space” in box section. Then press “Tab” and press “enter” for choose OK 2. After that, uninstall the package and delete the cloud-init folder sudo apt remove cloud-init --autoremove && sudo apt purge cloud-init* && sudo rm -rf /etc/cloud/ && sudo rm -rf /var/lib/cloud/ 3. Restart your VM sudo reboot That’s it. Now cloud-init is totally removed from your VM ^_^

If you want to change your MikroTik interface MAC Address, you must do with in terminal. Because in Winbox, “Change MAC” feature are unavailable This feature also known as “MAC Cloning” You can change it with this command : /interface ethernet set ether1 mac-address= XX:XX:XX:XX:XX:XX Where : ether1 = you must change the interface do you want to change the MAC Address . But please note that you CANNOT change the VLAN MAC Address. For SFP port, i don’t know. But it should possible for change the MAC Address XX:XX = you must fill with new MAC Address If you want revert to original MAC Address, simply click the interface where MAC Address was changed by yourself in previous step. In your Winbox, then click Reset MAC Address (See picture below) : That’s it. Hope you enjoy my article ^_^

In this article, i will share about How to block torrent connection on MikroTik If someone do a torrenting, it will consume extra (and unusual) bandwidth. Especially if your ISP apply a different bandwidth rule between domestic and international, it will be annoyed for other international connection. Or, if someone do an “illegal” download over torrent, some ISP will notice you regarding “Copyright download”. So you must drop the torrent connection Brief history : i got a copyright notice from Vultr, because my VPN client was download over torrent using my connection (FYI, i have 2 servers, one from domestic and one from Vultr SG. I did a tunneling between 2 servers using IP Tunnel, then from my domestic server i did a route some /8 IP to Vultr SG). So, i was think “how to drop torrent connection”. Now, i found the solution. Hope it will effective Step for block torrent connection (Note that I’m using Filter option. If you are using Raw method, no problem) : 1. Navigate to IP > Fir

In this post, i will explain about how to block Windows Update on MikroTik. So, you won’t get any automatic update, or you don’t need to edit Group Policy (especially for Home edition). This tutorial also block all Windows Update connection. So, even you do a manual update, it won’t work. Before, i was post about How to Block Windows Update using Group Policy . But, for this post, i will explain for blocking on network-side Copy this script to terminal : /ip firewall raw add action=drop chain=prerouting protocol=tcp tls-host=*windowsupdate.com* comment=”Block Windows Update” add action=drop chain=prerouting protocol=tcp tls-host=*update.microsoft.com* add action=drop chain=prerouting protocol=tcp tls-host=*windowsupdate.microsoft.com* add action=drop chain=prerouting protocol=tcp tls-host=*ntservicepack.microsoft.com* How it works? If you click “Check for Update” or Windows do an auto update, the blocking rule will work. And the update will be failed, because it looks like “no con

Windows Update is important to install security updates to protect your systems from malicious attacks.It is also important to install software updates. But sometimes, you will get a new bug (which is annonying) or even your PC can be unusable. Or, you want to “take a break” from auto update In this article, i will share how to disable automatic update for Windows Update, also this method is permanently. So you don’t need to reconfigure for disabling automatic update Works on : Windows 10 also Windows 11. But ONLY PRO version. For home version, this method is not working Step : 1. Go to Start Menu, then type gpedit.msc . Or, you can press Win button + R, then type gpedit.msc 2. Navigate to Computer Configuration> Administrative Templates> Windows Components> Windows Update . Then, double-click the Configure Automatic Update s (If you are using Windows 11, navigate to Manage end user experience ) (Picture below, marked as 1) 3. In Configure Automatic Updates window, click Dis

This post will explain about List Of Public DNS Provider . Of course, every DNS provider has different characteristic, but mostly they are same. So you can choose or compare it by yourself. Note : For Indonesian users : If you are using CloudFlare or Quad9, the DNS will going to Jakarta. But sometimes the DNS are going to Singapore. So, it depends on your ISP routing If you are using MikroTik, and want to set up DoH, you can follow this guide here Here is list of public DNS : 1. CloudFlare DNS IP 1.1.1.1 and 1.0.0.1 DNS over HTTPS https://one.one.one.one/dns-query or https://1.1.1.1/dns-query DNS over TLS (or Private DNS) one.one.one.one or 1.1.1.1 2. Quad9 DNS IP 9.9.9.9 and 149.112.112.112 (Standard) 9.9.9.10 and 149.112.112.10 (Unsecured) DNS over HTTPS https://dns.quad9.net/dns-query (Standard) https://dns10.quad9.net/dns-query (Unsecured) DNS over TLS (or Private DNS) dns.quad9.net (Standard) dns10.quad9.net (Unsecured) 3. Google DNS DNS IP 8.8.8.8 and 8.8.4.4 DNS over H

In this post, i will share about How to setup web proxy server on MikroTik . Before, what is Proxy server? Proxy server  is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. Wikipedia Proxy Server Mainly, proxy server can be used for caching the static content so it can reduces the internet bandwidth usage. But sometimes, it also can be used for blocking website. Please note : This tutorial limited for just only caching static content. If you have much clients, i recommend to use PC with >8GB RAM. But if you have small traffic, you can use MikroTik instead. In this post, i’m using MikroTik hAP ac^2 and only for personal use Step : 1. Open IP > Web Proxy 2. Here is the web proxy. You must adjust it, depends on your network condition Src Address : Use 0.0.0.0 Port : default is 8080. But i recommend to change the port to 3128 Parent Proxy and Parent Proxy Port : remove Cache Administrator : keep it defaul

In this post, i will explain how to setup DNS-over-HTTPS (DoH) on MikroTik router Before, what is DoH? DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks[1] by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver Wikipedia Do H Prerequisite : Minimum RouterOS version is 6.47 or higher! Step : 1. Download and Import root certificates , in terminal : /tool fetch url=https://curl.haxx.se/ca/cacert.pem/certificate /import file-name=cacert.pem passphrase=”” 2. Remove DNS server . Open IP | DNS, then remove existing “Server”. If you are using Dynamic Server, you can disable in IP | DHCP 3. Add a static DNS entry. (IP > DNS > Static). For example, if you want to use Google DNS, add 2 static entries for dns.google to Address : 8.8