Restricting Access to Your Web Pages Using .htaccess

Follow these steps to create a text file:

1. Create a text file called .htaccess in the directory that you want to protect.
2. Type <Limit GET> as the first line of the file.
3. Use the deny and allow directives as described above to define your restrictions.
4. Type </Limit> as the last line of the text file.
5. Save your .htaccess file.
6. Release your collection to Test and if everything is ok, to Publish.

Continue Reading »
Restricting Access to Your Web Pages

Server headers and directory defaults usually show Apache server information.
This information can be used by hackers to learn about vulnerabilities on your server if the system is not updated.
You can mask server information as follows:
Continue Reading »
Mask Apache Server Version Number

Want to be notified instantly when someone logs into your server as root? No problem, check out this nice tutorial on email notification for root logins. Keeping track of who logs into your server and when is very important, especially when you’re dealing with the super user account. We recommend that you use an email address not hosted on the server your sending the alert from.

So lets get started!
Continue Reading »
Email Alert on Root SSH Login

Telnet sends clear text passwords and usernames through logins and should be disabled on all web servers and replaced with SSH.
Some hosting providers are not disabling telnet by default but you should ensure that it has been turned off as it’s a great security risk to your servers. TELNET server listens for incoming messages on port 23, and sends outgoing messages to port 23.
Continue Reading »
Disable Telnet

Allowing the root user to login directly is a major security issue, we’ll show you how to disable it so you can still login as root but just not directly, reducing the security issue.

This will force a hacker to have to guess 2 seperate passwords to gain root access.
(you do have 2 seperate passwords for admin and root right?)
What happens is you’ll first need to login as your admin user in SSH, then switch to the super user with the su command to get root.

We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys. If you’re using cPanel make sure you add your admin user to the ‘wheel‘ group so that you will be able to ‘su -‘ to root, otherwise you may lock yourself out of root.

1. SSH into your server as ‘admin‘ and gain root access by su

2. Copy and paste this line to edit the file for SSH logins
$ pico -w /etc/ssh/sshd_config

Continue Reading »
Disable Direct Root Logins

Antidos is a really nice feature of the APF firewall, but it’s not automatically turned on when you install and run APF.

First you probably want to make sure APF is running nicely for a few days and you have your own IP listed in the “allow_hosts.rules” file so you can’t lock yourself out.

And to be even more safe, lets set DEVEL_MODE to “1” (on) and we need to setup USE_AD to enable the use of antidos, so login as root to your server, find and edit these:

# pico -w /etc/apf/conf.apf

DEVEL_MODE=”1″
USE_AD=”1″

# apf -r

Now APF will quit in 5 minutes. Don’t forget to put DEVEL_MODE back when everything is OK!

Note: Your server will not be firewalled after 5 minutes! If you are under attack right now this might not be such a good thing to disable.

If you installed APF with the normal installer most of the settings for antidos should be OK. We only need to change a few things, find and change these:

# pico -w /etc/apf/ad/conf.antidos

LP_KLOG=”1″
IPT_BL=”1″

USR_ALERT=”1″
USER=“root”
ARIN_ALERT=”1″

You can test run it manually (it’s just a shell script):

# /etc/apf/ad/antidos -a

It doesn’t say anything if it liked the config file and your system, and if you ran it for the first time, you will find it created a blank log file at:

/var/log/apfados_log

You need to have antidos set to run via cron. If you have “crontab -e” all set up you can use that to set it up. Some panels let you edit the root cron job file from the panel.

This is a critical setup point, if not done, antidos will simply not operate.

Here’s an example line, I added this to my root crontab:

*/2 * * * * /etc/apf/ad/antidos -a > /dev/null 2>&1

This will run antidos every two minutes. The author of antidos doesn’t recommend running it once a minute as it may cause a bottleneck for itself and the CPU. Likewise running it beyond a period of once every 5 minutes is not recommended either, for obvious reasons.

You can check to see if it’s being run with something like this:

# tail -30 /var/log/cron

Now restart apf again:

# apf -r

Try to access a few of your sites and if you are not locked out and happy with everything you can set DEVEL_MODE to “0″ (off) :

# pico -w /etc/apf/conf.apf

DEVEL_MODE=”0″

# apf -r

At this point it would be nice to test to see if it actually works, I leave that up to you to figure out how or maybe someone else can post some ideas. I would be very careful, you don’t want to DOS the wrong server.

If for some reason you find out it’s locking the wrong people out and want to turn it off, take this line out of root cron:

*/2 * * * * /etc/apf/ad/antidos -a > /dev/null 2>&1

And blank out this file:

/etc/apf/ad/ad.rules

You can look in the log file to see what went wrong:

/etc/apf/ad/apfados_log

And don’t forget to restart apf:

# apf -r

For more info on the settings, see the doc files at: http://rfxnetworks.com/apf.php

This is a list of command that useful for System Admin.

To get the list of username with its user ID in formatted way:

# awk -F”:” ‘{ print “username: ” $1 “\t\tuid:” $3 }’ /etc/passwd

Find the particular string from the list of files in current directory:

# cd /etc
# for i in $(find -type f); do grep -iH nfsnobody $i; done

Or

# grep -iH nfsnobody *

Continue Reading »
Advance Command for System Admin