Archive for February, 2011

APACHE – ServerToken and X-Powered

Posted: February 21, 2011 in Debian, Freebsd

Secure your apache and php by hide information of it.

for debian / ubuntu

root@webserv# pico /etc/apache2/conf.d/security

ServerTokens Prod

ServerSignature Off

after that for php5

root@webserv#/etc/php5/apache2/php.ini

find expose_php and closed it (default is on)

expose_php off

root@webserv# /etc/init.d/apache2 restart

 

For freebsd

webserv# pico /usr/local/etc/apache22/httpd.conf

ServerTokens Prod
ServerSignature Off

after that for php5

webserv# pico /usr/local/etc/php.ini

find expose_php and closed it (default is on)

expose_php off

webserv#/usr/local/etc/rc.d/apache2 restart

 

 

 

IPTABLES – Block Script

Posted: February 13, 2011 in archlinux, Debian, Slackware

root@web:~# pico /skrip/ip
root@web:~# pico /skrip/ipsub
root@web:~# pico /skrip/block

####################### PUT THIS ON /skrip/block ##################

BLOCKDB=’/skrip/ip’
IPS=$(grep -Ev “^#” $BLOCKDB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

#BLOCK SUBNET
BLOCKSUB=’/skrip/ipsub’
IPS=$(grep -Ev “^#” $BLOCKSUB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

####################### PUT THIS ON /skrip/block ##################

root@web:~# chmod +x /skrip/block

root@web:~#/skrip/block

*** put ip /skrip/ip

root@web:~#echo ‘123.123.123.123’ >> /skrip/ip

*** put ip range on /skrip/ipsub

root@web:~#echo ‘123.123.123.0/24’ >> /skrip/ipsub

I’am suing Lighttpd for serve multiple domain …

Always forget how to configure ….

## For 1 domain

simple-vhost.server-root = “/var/www/servers/”

simple-vhost.default-host = “kami337fm.com”

simple-vhost.document-root = “pages”

$HTTP[“host”] == “kami337fm.com” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## For host www and without www (www.kami337fm.com & kami337fm.com)

$HTTP[“host”] =~ “(^|\.)kami337fm\.com$” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## For host .com and .org (www.kami337fm.com & kami337fm.org)

$HTTP[“host”] =~ “^(www\.kami337fm\.org|www\.kami337fm\.com)$” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## for 2 and more host

$HTTP[“host”] !~ “^(test1\.example\.org|test2\.example\.org)$” {

simple-vhost.server-root = “/var/www”

simple-vhost.document-root = “/html/”

## the default host if no host is sent

simple-vhost.default-host = “example.org”

}

$HTTP[“host”] == “test1.example.org” {

server.document-root = “/home/user/sites/test1.example.org/”

accesslog.filename = “/home/user/sites/logs/test1.example.org.access.log”

}

$HTTP[“host”] == “test2.example.org” {

server.document-root = “/home/user/sites/test2.example.org”

accesslog.filename = “/home/user/sites/logs/test2.example.org.access.log”

}

 

 

Sayu terpisah
Hikayat indah kini hanya tinggal sejarah
Berhembus angin rindu
Begitu nyamannya terhidu wangian kasihmu

Hujan lebat mencurah kini
Bagaikan tiada henti
Kaulah laguku kau irama terindah
Tak lagi ku dengari

Kau pergi
Pergi
Sepi tanpa kata
Terdiam dan kaku tak daya kau ku lupa
Apa pun kata mereka
Biarkan kenangan berbunga di ranting usia

Hujan lebat mencurah kini
Bagaikan tiada henti
Kaulah laguku kau irama terindah
Tak lagi ku dengari

Kau pergi
Pergi

Hujan lebat mencurah kini
Bagaikan tiada henti
Kaulah laguku kau irama terindah
Tak lagi ku dengari

Kau pergi
Pergi
Kau pergi
Pergi
Pergi

KHAS BUAT BONDA TERSAYANG 10/08/1968 – 10/12/2010

Attack from Japan

Posted: February 10, 2011 in Debian

My server have been attck from Japan for the last 4 days till now..

they get ftp access to my server. I have block them using this iptables.

Block all

root@web:~# iptables -A INPUT -p tcp –dport 21 -j DROP

Block Certain IP

root@web:~# iptables -I INPUT -p tcp -s 111.119.167.0/24 –dport 21 -j DROP

 

Simple step to install LAMP on Debian Lenny…

( Older post : https://panaharjuna.wordpress.com/2009/02/25/install-apache2-php5-mysql-ssl/)

Step 1 : install apache2

aptitude install apache2 apache2.2-common apache2-mpm-prefork apache2-utils libexpat1 ssl-cert

*****ServerName problem issued this command

echo “ServerName Casp3r” >> /etc/apache2/apache2.conf ##<— Change Casp3r to Your hostname

Restart Apache2

/etc/init.d/apache2 restart

or using this

apache2ctl graceful

Open http://localhost or http://YOUR.IP

Done Installing apache :p

Step 2 : install php5

Search php5 module using this command

aptitude search php5-

install several modules

aptitude install libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd \php5-imagick php5-mcrypt php5-memcache php5-mhash php5-mysql php5-pspell php5-snmp \php5-sqlite php5-xmlrpc php5-xsl

Restart Apache2

/etc/init.d/apache2 restart

Test php5

touch /var/www/aku.php

nano /var/www/aku.php

############## PHP Page ################

<?php

phpinfo( );

?>

############## PHP Page ################

Open http://localhost/aku.php or http://YOUR.IP/aku.php

you should see a PHP generated page

Done Installing php5 :p

Step 3 : install MySQL

aptitude install mysql-server mysql-client

after install MySQL run this command

/usr/bin/mysql_secure_installation

*** this secure installations for MySQL

/etc/init.d/apache2 reload

Done Installing MySQL :p

*** Yg lain ko pandai2 lah sendiri!!!

*** For security reason read this post

https://panaharjuna.wordpress.com/2010/01/10/hidden-apache-name-and-os/

Malaysia Open Source Conference 2011

Posted: February 9, 2011 in My live

MOSC2011-artwork-02-by-apogee

Image by : http://artofapogee.blogspot.com/