» vinod

Install mod_security through WHM
By vinod on February 1st, 2009 | 4 Comments

Background:
Mod_Security is an open source intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of Mod_Security is to increase web application security, protecting web applications from known and unknown attacks.

Official web site: http://www.modsecurity.org

More information:
1. Log to your Web Host Manager via your favorite web browser.

2. On the left frame, scroll all the way down till you have reached the cPanel section, then click on Addon Modules.

3. A new window will appear on the right frame. Scroll down until you see modsecurity, check the Install and Keep Updated field, and click on Save.

cPanel will now begin to download Mod_Security and add a basic security scheme. Mod_Security will be added to Apache configuration file which is located at /usr/local/apache/conf/, and will include its main security configuration file which can be found at /usr/local/apache/conf/modsec.conf

That’s it. mod_security is now installed on your server. Now, all that is left for you to do is to edit and add security filters.

You can edit Mod_Security as configuration file either through Web Host Manager, or from shell (SSH).

Web Host Manager
Once the installation has been completed, a new section will be added to WHM by the name of Add-ons. Scroll down on the left frame until you see it, and click on the Mod Security link.

Note: If you are still logged to your WHM and don’t see the Add-ons section, try refreshing your browser.

Shell
cPanel includes three configuration files: modsec.conf, modsec.user.conf, and modsec.user.conf.default.

The ones that are in effect are modsec.conf, and modsec.user.conf. The file modsec.user.conf is blank by default, however, modsec.user.conf.default contains common security filters which can be applied to modsec.user.conf.

I recommend viewing modsec.user.conf.default before copying, and applying any security filters. Misconfiguration can do more harm than good.

Hope you all like this post
SSH slow login Problem
By vinod on January 31st, 2009 | 1 Comment
SSH slow login? Disable reverse DNS lookup

when you log into the SSH server, it will do a reverse DNS lookup of the client for security reasons. Thats why it takes a time to login.

vi /etc/ssh/sshd_config (and add the below line:)

UseDNS no
So enjoy SSH
All about httpd.conf
By vinod on January 24th, 2009 | No Comments

This httpd.conf file to set itself up for this particular configuration setup with:

ServerType standalone

The option ServerType specifies how Apache should run on the system. You can run it from the super-server inetd, or as standalone daemon. It’s highly recommended to run Apache in standalone type for better performance and speed.

ServerRoot “/etc/httpd”

The option ServerRoot specifies the directory in which the configuration files of the Apache server lives. It allows Apache to know where it can find its configuration files when it starts.

PidFile /var/run/httpd.pid

The option PidFile specifies the location where the server will record the process id of the daemon when it starts. This option is only required when you configure Apache in standalone mode.

ResourceConfig /dev/null

The option ResourceConfig specifies the location of the old srm.conf file that Apache read after it finished reading the httpd.conf file. When you set the location to /dev/null, Apache allows you to include the content of this file in httpd.conf file, and in this manner, you have just one file that handles all your configuration parameters for simplicity.

AccessConfig /dev/null

The option AccessConfig specifies the location of the old access.conf file that Apache read after it finished reading the srm.conf file. When you set the location to /dev/null, Apache allows you to include the content of this file in httpd.conf file, and in this manner, you have just one file that handles all your configuration parameters for simplicity.

Timeout 300

The option Timeout specifies the amount of time Apache will wait for a GET, POST, PUT request and ACKs on transmissions. You can safely leave this option on its default values.

KeepAlive On

The option KeepAlive, if set to On, specifies enabling persistent connections on this web server. For better performance, it’s recommended to set this option to On, and allow more than one request per connection.

MaxKeepAliveRequests 0

The option MaxKeepAliveRequests specifies the number of requests allowed per connection when the KeepAlive option above is set to On. When the value of this option is set to 0 then unlimited requests are allowed on the server. For server performance, it’s recommended to allow unlimited requests.

KeepAliveTimeout 15

The option KeepAliveTimeout specifies how much time, in seconds, Apache will wait for a subsequent request before closing the connection. The value of 15 seconds is a good average for server performance.

MinSpareServers 16

The option MinSpareServers specifies the minimum number of idle child server processes for Apache, which is not handling a request. This is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 16 is recommended by various benchmarks on the Internet.

MaxSpareServers 64

The option MaxSpareServers specifies the maximum number of idle child server processes for Apache, which is not handling a request. This is also an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 64 is recommended by various benchmarks on the Internet.

StartServers 16

The option StartServers specifies the number of child server processes that will be created by Apache on start-up. This is, again, an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 16 is recommended by various benchmarks on the Internet.

MaxClients 512

The option MaxClients specifies the number of simultaneous requests that can be supported by Apache. This too is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 512 is recommended by various benchmarks on the Internet.

MaxRequestsPerChild 100000

The option MaxRequestsPerChild specifies the number of requests that an individual child server process will handle. This too is an important tuning parameter regarding the performance of the Apache web server.

User www

The option User specifies the UID that Apache server will run as. It’s important to create a new user that has minimal access to the system, and functions just for the purpose of running the web server daemon.

Group www

The option Group specifies the GID the Apache server will run as. It’s important to create a new group that has minimal access to the system and functions just for the purpose of running the web server daemon.

DirectoryIndex index.htm index.html index.php index.php3 default.html index.cgi

The option DirectoryIndex specifies the files to use by Apache as a pre-written HTML directory index. In other words, if Apache can’t find the default index page to display, it’ll try the next entry in this parameter, if available. To improve performance of your web server it’s recommended to list the most used default index pages of your web site first.

Include conf/mmap.conf

The option Include specifies the location of other files that you can include from within the server configuration files httpd.conf. In our case, we include the mmap.conf file located under /etc/httpd/conf directory. This file mmap.conf maps files into memory for faster serving.

HostnameLookups Off

The option HostnameLookups, if set to Off, specifies the disabling of DNS lookups. It’s recommended to set this option to Off in order to save the network traffic time, and to improve the performance of your Apache web server.

«
« Newer
1
2
Older »
»

» vinod

SSH slow login? Disable reverse DNS lookup

UseDNS no

Categories

Pages

Recent Posts

Top Commentators

Recent Comments

Recent Comments