Archive for Linux

How to secure/harden your apache webserver – quick guide

January 7, 2013 admin Apache, Linux No comments

In this artile I am explaining some ways to secure apache.

1 . Stay Updated

Make sure that you are installing latest updates.

2. Hide Apache version

If you do not turn this off, anyone can check which version of apache you are running by just telnet-ing to its port. So always disable this. To do this add the following to your httpd.conf

ServerSignature Off
ServerTokens Prod

 

The ServerSignature  directive adds a line containing the Apache HTTP Server server version and the ServerName to any server-generated documents, such as error messages sent back to clients. ServerSignature is set to on by default

The ServerTokens directive is used to determine what Apache will put in the Server HTTP response header. By setting it to Prod it sets the HTTP response header as follows:

Server: Apache

 

3. Apache user:group

It is common that in many servers both apache and (mail server or mysql) running under the user nobody. So if a hacker is through this it is harmful to all services. So make sure that apache is running under its own user. Open httpd.conf and make the following changes.

User apache

Group apache

 

 

Read more

How to monitor your data transfer via vnstat – Network Traffic Monitor

December 27, 2012 admin Linux No comments

We can check the status of data transfer using vnstat command. Install it by the command

yum install vnstat

Main configuration files: /etc/vnstat.conf and /etc/sysconfig/vnstat

USAGE

vnstat
vnstat -i interface
vnstat -i interface -option

To see eth0 stats, enter                   : vnstat -i eth0
To see daily stats for eth0, enter      : vnstat -i eth0 -d
To see hourly network stats, enter    : vnstat -i eth0 -h
To see monthly network stats, enter  : vnstat -i eth0 -m
To see weekly network stats, enter   : vnstat -i eth0 -w

How to change default runlevel in Ubuntu – where is /etc/inittab file

September 17, 2012 admin Linux, Ubuntu No comments

In Redhat distributions we can change the runl-evels by editing /etc/inittab file. But however in Debian distributions like Ubuntu there is no such file. So how we can change the run-level ?

We need to edit it in

/etc/init/rc-sysinit.conf

and change the default run-level at the line

 env DEFAULT_RUNLEVEL=2

But there are some differences in run-level entries in Ubuntu. In redhat the run levels are as follows.

  • 0 – shutdown
  • 1 – single user mode
  • 3 – multiuser text mode
  • 5 – multiuser graphical mode
  • 6 – reboot

But in Ubuntu it is as follows.

  • 0 – shutdown
  • 1 – single user mode
  • 2 – multiuser graphical mode
  • 6 – reboot
« Older Entries