Showing posts with label apache. Show all posts
Showing posts with label apache. Show all posts

Thursday, September 4, 2014

Installing php-mcrypt in CentOS 6

For x86_64:
#rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

For i386:
#rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

After install EPEL repo:
#yum install php-mcrypt

Check list of PHP add-on that install in server:

 #yum list installed | grep php | cut -d' ' -f1

Source :

http://blog.hostonnet.com/installing-php-mcrypt-in-centos-6

Friday, August 22, 2014

Friday, August 8, 2014

Apache : Address already in use: make_sock: could not bind

Problems :

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down

 

Solution :

Run,

#netstat -ltnp | grep ':80'

Return,
tcp        0      0 0.0.0.0:8087                0.0.0.0:*                   LISTEN      4613/./mysql

Then,

# sudo kill -9 4613

Tuesday, December 27, 2011

Mod_evasive - Prevent DDOS Attack

Installing Modevasive
mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera.

-> Execute the following commands to install it:

#wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
#tar -xzvf mod_evasive_1.10.1.tar.gz
#cd mod_evasive
#/usr/sbin/apxs -cia mod_evasive20.c
#rm -rf /root/mod_evasive*

-> Test to make sure it was loaded:
#grep -i evasive /etc/httpd/conf/httpd.conf

Next, edit /etc/httpd/conf/httpd.conf and uncomment (remove the # in front of each line) the following:
<IfModule mod_evasive.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
</IfModule>

 

-> Restart Apache by executing the command

#/etc/init.d/httpd restart

Info
----

  • DOSHashTableSize: is the size of the table of URL and IP combined

  • DOSPageCount: is the number of same page requests from the same IP during an interval that will cause that IP to be added to the block list.

  • DOSSiteCount: is the number of pages requested of a site by the same IP during an interval which will cause the IP to be added to the block list.

  • DOSPageInterval: is the interval that the hash table for IPs and URLs is erased (in seconds)

  • DOSSiteInterval: is the intervale that the hash table of IPs is erased (in seconds)

  • DOSBlockingPeriod: is the time the IP is blacked (in seconds)

  • DOSEmailNotify: can be used to notify by sending an email everytime an IP is blocked

  • DOSSystemCommand: is the command used to execute a command when an IP is blocked. It can be used to add a block the user from a firewall or router.

  • DOSWhiteList: can be used to whitelist IPs such as 127.0.0.1


Although mod_dosevasive can be quite effective in some cases, in others it can cause more problems by blocking non-offending IPs. It is suggested you take a look at hardware solution if you.

 

Source : http://www.zdziarski.com/blog/?page_id=442

Source : http://sabarish4u.wordpress.com/2008/11/21/157/

Thursday, April 26, 2007

20 ways to Secure your Apache Configuration

Here are 20 things you can do to make your apache configuration more secure.

Disclaimer: The thing about security is that there are no guarantees or absolutes. These suggestions should make your server a bit tighter, but don't think your server is necessarily secure after following these suggestions.

Additionally some of these suggestions may decrease performance, or cause problems due to your environment. It is up to you to determine if any of the changes I suggest are not compatible with your requirements. In other words proceed at your own risk.

First, make sure you've installed latest security patches

There is no sense in putting locks on the windows, if your door is wide open. As such, if you're not patched up there isn't really much point in continuing any longer on this list. Go ahead and bookmark this page so you can come back later, and patch your server.

Subscribe to: Posts (Atom)