SlideShare a Scribd company logo

Configuring apache, php, my sql, ftp, ssl, ip tables phpmyadmin and server monitoring complete solution

Chanaka Lasantha
Chanaka Lasantha

This document provides instructions for configuring various server applications and services on a Linux server including Apache, PHP, MySQL, FTP, SSL, IPTables, PHPMyAdmin, and server monitoring. It discusses installing and configuring each of these applications and services individually with specific configuration details. The document is intended to provide a complete solution for setting up these common LAMP stack components and services on a Linux server.

Technology
1 of 10
Download to read offline
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 1 Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution Documented By Chanaka Lasantha Nanayakkara Email : chanaka.lasantha@gmail.com Mob : 071-1381308 Contents Setting Up Ips, Repos and Nameserver info 01 Installing and Config Apache Web Server 02 Installing and Config PHP 03 Installing and Config SSL 04 Installing and Config MySQL 05 Installing and Config PHPmyadmin 06 Installing and Config FTP Server 07 Installing and Config DDNS Client 08 Configuring IPTables Firewall 09 Installing and Config Web Server Monitoring 10
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 2 Setting Up Ips, Repos and Nameserver info Date: date -s "9 AUG 2013 11:32:08" Time: date +%T -s "11:32:08" ## RHEL/CentOS 6 32-Bit ## wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm rpm -ivh epel-release-6-8.noarch.rpm ## RHEL/CentOS 6 64-Bit ## wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm rpm -ivh epel-release-6-8.noarch.rpm Preparing... ###################################### [100%] 1:epel-release ###################################### [100%] sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/epel.repo # when you use the repository, input yum command like follows yum --enablerepo=epel install xayhsdhsd Installing Apache Web Server yum -y install httpd rm -f /etc/httpd/conf.d/welcome.conf rm -f /var/www/error/noindex.html ln -s /usr/bin/perl /usr/local/bin/perl Configure httpd vim /etc/httpd/conf/httpd.conf # line 44: change ServerTokens Prod # line 74: change to ON KeepAlive On # line 251: Admin's address ServerAdmin root@myweb.com # line 265: change to your server's name ServerName www.myweb.com:80 # line 320: change (enable CGI and disable Indexes) Options FollowSymLinks ExecCGI # line 327: change AllowOverride All # line 391: add file name that it can access only with directory's name DirectoryIndex index.html index.cgi index.php # line 524: change
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 3 ServerSignature Off # line 747: make it comment #AddDefaultCharset UTF-8 # line 778: uncomment and add file-type that apache looks them CGI AddHandler cgi-script .cgi .pl /etc/rc.d/init.d/httpd start chkconfig httpd on Installing PHP yum -y install php php-mbstring php-pear vim /etc/httpd/conf/httpd.conf # line 402: add file name that it can access only with directory's name DirectoryIndex index.html index.php vim /etc/php.ini # line 946: set your timezone date.timezone = "Asia/Colombo" /etc/rc.d/init.d/httpd restart Create a your server's original SSL Certificate. cd /etc/pki/tls/certs make server.key openssl rsa -in server.key -out server.key make server.csr openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 chmod 400 server.* Configration of SSL yum -y install mod_ssl vim /etc/httpd/conf.d/ssl.conf # line 84: uncomment DocumentRoot "/var/www/html" # line 85: uncomment and specify server name ServerName www.myweb.com:443 # line 112: specify certificate SSLCertificateFile /etc/pki/tls/certs/server.crt # line 119: specify certification key SSLCertificateKeyFile /etc/pki/tls/certs/server.key /etc/rc.d/init.d/httpd restart
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 4 Installing MySQL yum -y install mysql-server /etc/rc.d/init.d/mysqld start chkconfig mysqld on /usr/bin/mysql_secure_installation Log in MySQL as root mysql -uroot -p Installing PHPmyadmin yum --enablerepo=epel -y install phpMyAdmin php-mysql php-mcrypt # install from EPEL vi /etc/httpd/conf.d/phpMyAdmin.conf # line 13: add IP address you permit Allow from 127.0.0.1 10.0.0.0/24 /etc/rc.d/init.d/httpd reload Access to 'http://192.168.2.204/phpmyadmin' with web browser, then following screen is shown. Login with a user in MySQL. Installing FTP Server use existing group to provide access on shared directory: groupadd ftpusers chgrp -R ftpusers /var/www/html chmod -R 777 /var/www/html # This is Optional useradd chanaka usermod -G ftpusers chanaka passwd chanaka chown -R chanaka: chanaka /var/www/html # This is Optional yum -y install vsftpd vim /etc/vsftpd/vsftpd.conf # line 12: no anonymous anonymous_enable=NO # line 80,81: uncomment ( allow ascii mode ) ascii_upload_enable=YES ascii_download_enable=YES # line 95, 96: uncomment ( enable chroot ) chroot_local_user=YES chroot_list_enable=YES # line 98: uncomment ( specify chroot list ) chroot_list_file=/etc/vsftpd/chroot_list # line 104: uncomment
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 5 ls_recurse_enable=YES # add at the last line # specify root directory ( if don't specify, users' home directory become FTP home directory) local_root=/var/www/html # use localtime use_localtime=YES vim /etc/vsftpd/chroot_list # add users you allow to move over their home directory chanaka Sameera Admin /etc/rc.d/init.d/vsftpd start Starting vsftpd for vsftpd: [ OK ] chkconfig vsftpd on Installing DDNS Client Domain Transfer Guide (Inbound) In order to transfer a domain from your current registrar you will need your Authorization/EPP code. Contact your current registrar for this code and have them release/unlock your domain. Once you receive your Authorization/EPP code and your domain is released you can request a transfer from your No-IP account. If your account does not already have valid contact information you should do this first. This can be set by going to “Domain Registration” and then click the “Domain Contact” link on the left-hand navigation bar. Enter your contact information (all fields with an asterisk ‘*’ are required). Once your contact information is entered click “Create Contact.” To request a domain transfer go to the “Domain Registration” tab and click “Transfer Domain.” Type your domain into the box. If you have multiple domains that you wish to transfer you can enter them in box labeled “Domains to Transfer,” simply separate the domains by using a space (as specified). Note, the following specifications need to be met before proceeding (for each domain): · There is a valid email address you can access for its registrant contact · The domain name has been registered more than 60 days · Any lock or hold at your current registrar has been removed · For .com, .net, .org, .biz, .info, .tv, .cc, .me, .us, and .co you have the Authorization Code (EPP Key) for domain transfers from your current registrar. Once your domains have been entered click “Next.” Specify the DNS package you will be using for your domain. Enter the current Registrants email address for the domains you are transferring. Then enter the Auth/EPP codes for each domain you will be transferring (these are case sensitive) then click “Next.” Verify the “Post-transfer Contact Information” and then click “Next” again.
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 6 Your request will need to be activated before it is completed. To do this click “Activate Now” and then select the service that you will need from the “Renew/Activate” and follow the check out process. Domain’s that can be transferred and pricing can be viewed here. Once you have paid we will send a verification email to the email address of the current owner listed on the Whois database. Please follow the instructions in that email to approve the transfer. When the transfer request has been made your current registrar will process the request (this can take up to seven days, after the seven days, the transfer will become automatic). Please monitor the status of your Domain Transfer by going to the “Domain Registration” and clicking on “Manage Transfers.” A successful request will have the status of “Requested.” A completed transfer will have the status of “Complete.” Once the transfer is completed and approved by your domain name registrar please allow 24-48 hours for the DNS information to propagate globally. Once this process is complete No-IP will be the registrar and the DNS provider for your domain/s. Install “Make” compiler program in preparation to compile the no-ip program. You might also have to install the “GCC” compiler if “Make” compiler don’t work; I have both GCC and Make installed. The following is the commands to download &install them: yum install gcc yum install make Now onto the easy step-by-step installation of no-ip client. Run the following 6 commands from the terminal: mkdir noip && cd noip wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz tar zvxf noip-duc-linux.tar.gz cd noip-2.1.9-1 make make install Please enter the login/email string for no-ip.com (email account that you used to set-up no-ip account) Please enter the password for user(password that you used to login to no-ip) Please enter an update interval: [30] 30 (Increments in minutes that you want no-ip client to check if your router’s external dynamic IP address has changed and updates it accordingly.) Do you wish to run something at successful update? *N+ (y/N) N(Just enter “N” here.) /usr/local/bin/noip2(To start/run noip client) echo ‘/usr/local/bin/noip2′ >> /etc/rc.local(To start/run noip client after each system reboot More useful no-ip commands  /usr/local/bin/noip2 -C to configure noip client  /usr/local/bin/noip2 -S to display info about running noip client  /usr/local/bin/noip2 -U to set update intervals (in minutes)
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 7 Enable IP Forwarding (Highly Important!) If you want your OpenVPN clients to be able to access the network, in addition to the push routes statements above you will need to setup ip forwarding for the tunnel interface and change the 0 to a 1. vim /etc/sysctl.conf # ------ Edit the following line changing the 0 to a 1 ----- net.ipv4.ip_forward = 1 Save and close the file. Reload the changes by typing the following command: Or echo 1 > /proc/sys/net/ipv4/ip_forward sysctl -p Configuring IPTables Firewall service iptables start iptables --flush iptables --table nat -–flush iptables --delete-chain service iptables save service iptables restart service network restart iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 2 -j ACCEPT iptables -A INPUT -p icmp -j ACCEPT iptables -A OUTPUT -p icmp -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state INVALID -j DROP iptables -A OUTPUT -m state --state INVALID -j DROP iptables -A INPUT -m state --state NEW -p tcp --tcp-flags ALL ALL -j DROP iptables -A INPUT -m state --state NEW -p tcp --tcp-flags ALL NONE -j DROP iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP iptables -N SYN_FLOOD iptables -A INPUT -p tcp --syn -j SYN_FLOOD iptables -A SYN_FLOOD -m limit --limit 2/s --limit-burst 6 -j RETURN iptables -A SYN_FLOOD -j DROP iptables -A INPUT -p icmp -m icmp --icmp-type address-mask-request -j DROP iptables -A INPUT -p icmp -m icmp --icmp-type timestamp-request -j DROP iptables -A INPUT -p icmp -m icmp -m limit --limit 1/second -j ACCEPT
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 8 iptables -A INPUT -p tcp -m tcp --tcp-flags RST RST -m limit --limit 2/second --limit-burst 2 -j ACCEPT iptables -A INPUT -m recent --name portscan --rcheck --seconds 86400 -j DROP iptables -A FORWARD -m recent --name portscan --rcheck --seconds 86400 -j DROP iptables -A INPUT -m recent --name portscan --remove iptables -A FORWARD -m recent --name portscan –remove iptables -A INPUT -s 0.0.0.0/7 -j DROP iptables -A INPUT -s 2.0.0.0/8 -j DROP iptables -A INPUT -s 5.0.0.0/8 -j DROP iptables -A INPUT -s 7.0.0.0/8 -j DROP iptables -A INPUT -s 10.0.0.0/8 -j DROP iptables -A INPUT -s 23.0.0.0/8 -j DROP iptables -A INPUT -s 27.0.0.0/8 -j DROP iptables -A INPUT -s 31.0.0.0/8 -j DROP iptables -A INPUT -s 36.0.0.0/7 -j DROP iptables -A INPUT -s 39.0.0.0/8 -j DROP iptables -A INPUT -s 42.0.0.0/8 -j DROP iptables -A INPUT -s 49.0.0.0/8 -j DROP iptables -A INPUT -s 50.0.0.0/8 -j DROP iptables -A INPUT -s 77.0.0.0/8 -j DROP iptables -A INPUT -s 78.0.0.0/7 -j DROP iptables -A INPUT -s 92.0.0.0/6 -j DROP iptables -A INPUT -s 96.0.0.0/4 -j DROP iptables -A INPUT -s 112.0.0.0/5 -j DROP iptables -A INPUT -s 120.0.0.0/8 -j DROP iptables -A INPUT -s 169.254.0.0/16 -j DROP iptables -A INPUT -s 172.16.0.0/12 -j DROP iptables -A INPUT -s 173.0.0.0/8 -j DROP iptables -A INPUT -s 174.0.0.0/7 -j DROP iptables -A INPUT -s 176.0.0.0/5 -j DROP iptables -A INPUT -s 184.0.0.0/6 -j DROP iptables -A INPUT -s 192.0.2.0/24 -j DROP iptables -A INPUT -s 197.0.0.0/8 -j DROP iptables -A INPUT -s 198.18.0.0/15 -j DROP iptables -A INPUT -s 223.0.0.0/8 -j DROP iptables -A INPUT -s 224.0.0.0/3 -j DROP iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 9 iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+1%3d1” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%27%27%3d%27” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+1%3d1” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%27%27%3d%27” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+1%3d1” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP service iptables save service iptables restart service network restart /sbin/iptables -L iptables -L -t nat –n iptables -vnL Installing Web Server Monitoring yum -y install graphviz wget http://www.hping.org/visitors/visitors-0.7.tar.gz tar zxvf visitors-0.7.tar.gz cd visitors_0.7 make cp visitors /usr/local/bin/ cd mkdir /var/www/html/visitors vim /etc/httpd/conf.d/visitors.conf # create new <Location /visitors> Order Deny,Allow Deny from all Allow from 10.0.0.0/24 # IP address you allow </Location> /etc/rc.d/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] # generate common reports visitors -A /var/log/httpd/access_log -o html > /var/www/html/visitors/index.html -- 11 lines processed in 1 seconds 0 invalid lines, 0 blacklisted referers # generate page tour reports visitors -A -m 30 /var/log/httpd/access_log -o html --trails --prefix http://www.myweb.com > /var/www/html/visitors/trails.html --
Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 10 11 lines processed in 1 seconds 0 invalid lines, 0 blacklisted referers # generate page tour image visitors /var/log/httpd/access_log --prefix http://www.myweb.com -V > /var/www/html/visitors/graph.dot -- 11 lines processed in 1 seconds 0 invalid lines, 0 blacklisted referers dot -Tpng /var/www/html/visitors/graph.dot > /var/www/html/visitors/graph.png Access to 'http://(your server's name or IP address)/visitors/' http://(your server's name or IP address)/visitors/graph.png Remort Login to the Web Server with Putty

Recommended

DNS windows server(2008R2) & linux(SLES 11)
DNS windows server(2008R2) & linux(SLES 11)DNS windows server(2008R2) & linux(SLES 11)
DNS windows server(2008R2) & linux(SLES 11)
Tola LENG
 
How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7Tola LENG
 
Free ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connectionFree ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connection
Rustam Sariyev
 
Open-VPN Server
Open-VPN ServerOpen-VPN Server
Open-VPN Server
Manish Kc
 
Open vpn server_linux
Open vpn server_linuxOpen vpn server_linux
Open vpn server_linux
Tola LENG
 
Ad, dns, dhcp, file server
Ad, dns, dhcp, file serverAd, dns, dhcp, file server
Ad, dns, dhcp, file server
Tola LENG
 
Configure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Configure Webserver & SSL secure & redirect in SuSE Linux EnterpriseConfigure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Configure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Tola LENG
 
Configure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-RelayConfigure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-Relay
Tola LENG
 

Recommended

DNS windows server(2008R2) & linux(SLES 11)
DNS windows server(2008R2) & linux(SLES 11)DNS windows server(2008R2) & linux(SLES 11)
DNS windows server(2008R2) & linux(SLES 11)
Tola LENG
 
How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7Tola LENG
 
Free ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connectionFree ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connection
Rustam Sariyev
 
Open-VPN Server
Open-VPN ServerOpen-VPN Server
Open-VPN Server
Manish Kc
 
Open vpn server_linux
Open vpn server_linuxOpen vpn server_linux
Open vpn server_linux
Tola LENG
 
Ad, dns, dhcp, file server
Ad, dns, dhcp, file serverAd, dns, dhcp, file server
Ad, dns, dhcp, file server
Tola LENG
 
Configure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Configure Webserver & SSL secure & redirect in SuSE Linux EnterpriseConfigure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Configure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Tola LENG
 
Configure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-RelayConfigure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-Relay
Tola LENG
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Yiwei Gong
 
Dhcp Server Linux Server
Dhcp Server Linux ServerDhcp Server Linux Server
Dhcp Server Linux Servermuh kemal
 
Under the Covers with the Web
Under the Covers with the WebUnder the Covers with the Web
Under the Covers with the Web
Trevor Lohrbeer
 
Content Navigation
Content NavigationContent Navigation
Content Navigationsanjoysanyal
 
Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola.leng mail server (sq_mail &amp; rcmail)_q5_Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola LENG
 
Configuration DHCP
Configuration DHCPConfiguration DHCP
Configuration DHCP
Tan Huynh Cong
 
Setting up a web server in Linux (Ubuntu)
Setting up a web server in Linux (Ubuntu)Setting up a web server in Linux (Ubuntu)
Setting up a web server in Linux (Ubuntu)
Zakaria Hossain
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Sophan Nhean
 
Lession4 Dhcp
Lession4 DhcpLession4 Dhcp
Lession4 Dhcpleminhvuong
 
Enterprise desktop at home with FreeIPA and GNOME
Enterprise desktop at home with FreeIPA and GNOMEEnterprise desktop at home with FreeIPA and GNOME
Enterprise desktop at home with FreeIPA and GNOME
Alexander Bokovoy
 
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam ObszyńskiPLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PROIDEA
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxjasembo
 
Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11
Tola LENG
 
IPTABLES
IPTABLESIPTABLES
IPTABLES
Tan Huynh Cong
 
Web Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting StartedWeb Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting Started
Port80 Software
 
US07FFT-mod_ftp.ppt
US07FFT-mod_ftp.pptUS07FFT-mod_ftp.ppt
US07FFT-mod_ftp.pptwebhostingguy
 
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configurationBrkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Michael Ganschuk
 
Resolution for a Faster Site
Resolution for a Faster SiteResolution for a Faster Site
Resolution for a Faster Site
Ido Safruti
 
Adobe Connect on-premise SSL Guide
Adobe Connect on-premise SSL GuideAdobe Connect on-premise SSL Guide
Adobe Connect on-premise SSL Guide
RapidSSLOnline.com
 
The CAA-Record for increased encryption security
The CAA-Record for increased encryption securityThe CAA-Record for increased encryption security
The CAA-Record for increased encryption security
Men and Mice
 
Lamp Server With Drupal Installation
Lamp Server With Drupal InstallationLamp Server With Drupal Installation
Lamp Server With Drupal Installationfranbow
 
main
mainmain
mainOmar Faruk Sazib
 

More Related Content

What's hot

Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Yiwei Gong
 
Dhcp Server Linux Server
Dhcp Server Linux ServerDhcp Server Linux Server
Dhcp Server Linux Servermuh kemal
 
Under the Covers with the Web
Under the Covers with the WebUnder the Covers with the Web
Under the Covers with the Web
Trevor Lohrbeer
 
Content Navigation
Content NavigationContent Navigation
Content Navigationsanjoysanyal
 
Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola.leng mail server (sq_mail &amp; rcmail)_q5_Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola LENG
 
Configuration DHCP
Configuration DHCPConfiguration DHCP
Configuration DHCP
Tan Huynh Cong
 
Setting up a web server in Linux (Ubuntu)
Setting up a web server in Linux (Ubuntu)Setting up a web server in Linux (Ubuntu)
Setting up a web server in Linux (Ubuntu)
Zakaria Hossain
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Sophan Nhean
 
Enterprise desktop at home with FreeIPA and GNOME
Enterprise desktop at home with FreeIPA and GNOMEEnterprise desktop at home with FreeIPA and GNOME
Enterprise desktop at home with FreeIPA and GNOME
Alexander Bokovoy
 
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam ObszyńskiPLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PROIDEA
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxjasembo
 
Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11
Tola LENG
 
IPTABLES
IPTABLESIPTABLES
IPTABLES
Tan Huynh Cong
 
Web Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting StartedWeb Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting Started
Port80 Software
 
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configurationBrkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Michael Ganschuk
 
Resolution for a Faster Site
Resolution for a Faster SiteResolution for a Faster Site
Resolution for a Faster Site
Ido Safruti
 
Adobe Connect on-premise SSL Guide
Adobe Connect on-premise SSL GuideAdobe Connect on-premise SSL Guide
Adobe Connect on-premise SSL Guide
RapidSSLOnline.com
 
The CAA-Record for increased encryption security
The CAA-Record for increased encryption securityThe CAA-Record for increased encryption security
The CAA-Record for increased encryption security
Men and Mice
 

What's hot (20)

Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Dhcp Server Linux Server
Dhcp Server Linux ServerDhcp Server Linux Server
Dhcp Server Linux Server
 
Under the Covers with the Web
Under the Covers with the WebUnder the Covers with the Web
Under the Covers with the Web
 
Content Navigation
Content NavigationContent Navigation
Content Navigation
 
Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola.leng mail server (sq_mail &amp; rcmail)_q5_Tola.leng mail server (sq_mail &amp; rcmail)_q5_
Tola.leng mail server (sq_mail &amp; rcmail)_q5_
 
Configuration DHCP
Configuration DHCPConfiguration DHCP
Configuration DHCP
 
Setting up a web server in Linux (Ubuntu)
Setting up a web server in Linux (Ubuntu)Setting up a web server in Linux (Ubuntu)
Setting up a web server in Linux (Ubuntu)
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3
 
Lession4 Dhcp
Lession4 DhcpLession4 Dhcp
Lession4 Dhcp
 
Enterprise desktop at home with FreeIPA and GNOME
Enterprise desktop at home with FreeIPA and GNOMEEnterprise desktop at home with FreeIPA and GNOME
Enterprise desktop at home with FreeIPA and GNOME
 
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam ObszyńskiPLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
PLNOG14: DNS, czyli co nowego w świecie DNS-ozaurów - Adam Obszyński
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linux
 
Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11
 
IPTABLES
IPTABLESIPTABLES
IPTABLES
 
Web Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting StartedWeb Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting Started
 
US07FFT-mod_ftp.ppt
US07FFT-mod_ftp.pptUS07FFT-mod_ftp.ppt
US07FFT-mod_ftp.ppt
 
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configurationBrkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
Brkcol 2344 understanding-cisco_jabber_service_discovery__client_configuration
 
Resolution for a Faster Site
Resolution for a Faster SiteResolution for a Faster Site
Resolution for a Faster Site
 
Adobe Connect on-premise SSL Guide
Adobe Connect on-premise SSL GuideAdobe Connect on-premise SSL Guide
Adobe Connect on-premise SSL Guide
 
The CAA-Record for increased encryption security
The CAA-Record for increased encryption securityThe CAA-Record for increased encryption security
The CAA-Record for increased encryption security
 

Similar to Configuring apache, php, my sql, ftp, ssl, ip tables phpmyadmin and server monitoring complete solution

Lamp Server With Drupal Installation
Lamp Server With Drupal InstallationLamp Server With Drupal Installation
Lamp Server With Drupal Installationfranbow
 
DNS,SMTP and POP3
DNS,SMTP and POP3DNS,SMTP and POP3
DNS,SMTP and POP3
Omar Faruk Sazib
 
Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)Sahira Khan
 
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmaple
Chanaka Lasantha
 
Applications.docx
Applications.docxApplications.docx
Applications.docx
ssuserf7cd2b
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and Spelix
Harald Zeitlhofer
 
Tutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk WebhostingTutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk WebhostingBeni Krisbiantoro
 
Configuring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; SuperscopesConfiguring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; Superscopes
jocelyn_tanner
 
Build your own secure mail server on the cloud using Amazon Web Services
Build your own secure mail server on the cloud using Amazon Web ServicesBuild your own secure mail server on the cloud using Amazon Web Services
Build your own secure mail server on the cloud using Amazon Web Servicesponukumatla joel nishanth
 
Dating Pro Installation Instructions
Dating Pro Installation InstructionsDating Pro Installation Instructions
Dating Pro Installation Instructions
Pilot Group Ltd
 
Capistrano
CapistranoCapistrano
Capistrano
Travis Roberts
 
FreeBSD and Hardening Web Server
FreeBSD and Hardening Web ServerFreeBSD and Hardening Web Server
FreeBSD and Hardening Web Server
Muhammad Moinur Rahman
 
Net scaler installation and configuration
Net scaler installation and configurationNet scaler installation and configuration
Net scaler installation and configuration
bimalkishore4
 
Mail
MailMail
Mail
Md Shihab
 
DirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideDirectShare Quick Start Setup Guide
DirectShare Quick Start Setup Guide
Christian Petrou
 

Similar to Configuring apache, php, my sql, ftp, ssl, ip tables phpmyadmin and server monitoring complete solution (20)

Lamp Server With Drupal Installation
Lamp Server With Drupal InstallationLamp Server With Drupal Installation
Lamp Server With Drupal Installation
 
main
mainmain
main
 
DNS,SMTP and POP3
DNS,SMTP and POP3DNS,SMTP and POP3
DNS,SMTP and POP3
 
Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)Dhcp, dns and proxy server (1)
Dhcp, dns and proxy server (1)
 
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmaple
 
Applications.docx
Applications.docxApplications.docx
Applications.docx
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and Spelix
 
Tutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk WebhostingTutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk Webhosting
 
Configuring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; SuperscopesConfiguring Dhcp Server, Scopes &amp; Superscopes
Configuring Dhcp Server, Scopes &amp; Superscopes
 
Build your own secure mail server on the cloud using Amazon Web Services
Build your own secure mail server on the cloud using Amazon Web ServicesBuild your own secure mail server on the cloud using Amazon Web Services
Build your own secure mail server on the cloud using Amazon Web Services
 
Dating Pro Installation Instructions
Dating Pro Installation InstructionsDating Pro Installation Instructions
Dating Pro Installation Instructions
 
Its3 Drupal
Its3 DrupalIts3 Drupal
Its3 Drupal
 
Its3 Drupal
Its3 DrupalIts3 Drupal
Its3 Drupal
 
Capistrano
CapistranoCapistrano
Capistrano
 
Capistrano Overview
Capistrano OverviewCapistrano Overview
Capistrano Overview
 
FreeBSD and Hardening Web Server
FreeBSD and Hardening Web ServerFreeBSD and Hardening Web Server
FreeBSD and Hardening Web Server
 
Net scaler installation and configuration
Net scaler installation and configurationNet scaler installation and configuration
Net scaler installation and configuration
 
Mail
MailMail
Mail
 
Project Pt1
Project Pt1Project Pt1
Project Pt1
 
DirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideDirectShare Quick Start Setup Guide
DirectShare Quick Start Setup Guide
 

More from Chanaka Lasantha

Storing, Managing, and Deploying Docker Container Images with Amazon ECR
Storing, Managing, and Deploying Docker Container Images with Amazon ECRStoring, Managing, and Deploying Docker Container Images with Amazon ECR
Storing, Managing, and Deploying Docker Container Images with Amazon ECR
Chanaka Lasantha
 
Building A Kubernetes App With Amazon EKS
Building A Kubernetes App With Amazon EKSBuilding A Kubernetes App With Amazon EKS
Building A Kubernetes App With Amazon EKS
Chanaka Lasantha
 
ERP System Implementation Kubernetes Cluster with Sticky Sessions
ERP System Implementation Kubernetes Cluster with Sticky Sessions ERP System Implementation Kubernetes Cluster with Sticky Sessions
ERP System Implementation Kubernetes Cluster with Sticky Sessions
Chanaka Lasantha
 
Free radius for wpa2 enterprise with active directory integration
Free radius for wpa2 enterprise with active directory integrationFree radius for wpa2 enterprise with active directory integration
Free radius for wpa2 enterprise with active directory integration
Chanaka Lasantha
 
Distributed replicated block device
Distributed replicated block deviceDistributed replicated block device
Distributed replicated block device
Chanaka Lasantha
 
Complete squid &amp; firewall configuration. plus easy mac binding
Complete squid &amp; firewall configuration. plus easy mac bindingComplete squid &amp; firewall configuration. plus easy mac binding
Complete squid &amp; firewall configuration. plus easy mac binding
Chanaka Lasantha
 
Athenticated smaba server config with open vpn
Athenticated smaba server config with open vpnAthenticated smaba server config with open vpn
Athenticated smaba server config with open vpn
Chanaka Lasantha
 
Ask by linux kernel add or delete a hdd
Ask by linux kernel add or delete a hddAsk by linux kernel add or delete a hdd
Ask by linux kernel add or delete a hdd
Chanaka Lasantha
 
One key sheard site to site open vpn
One key sheard site to site open vpnOne key sheard site to site open vpn
One key sheard site to site open vpn
Chanaka Lasantha
 
Usrt to ethernet connectivity over the wolrd cubieboard bords
Usrt to ethernet connectivity over the wolrd cubieboard bordsUsrt to ethernet connectivity over the wolrd cubieboard bords
Usrt to ethernet connectivity over the wolrd cubieboard bords
Chanaka Lasantha
 
Site to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql dbSite to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql db
Chanaka Lasantha
 
Site to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory authSite to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory auth
Chanaka Lasantha
 
Site to-multi site open vpn solution-latest
Site to-multi site open vpn solution-latestSite to-multi site open vpn solution-latest
Site to-multi site open vpn solution-latest
Chanaka Lasantha
 
Install elasticsearch, logstash and kibana
Install elasticsearch, logstash and kibana Install elasticsearch, logstash and kibana
Install elasticsearch, logstash and kibana
Chanaka Lasantha
 
Oracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfsOracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfs
Chanaka Lasantha
 
Oracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsiOracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsi
Chanaka Lasantha
 
AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)
AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)
AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)
Chanaka Lasantha
 
ully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management System
ully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management Systemully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management System
ully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management System
Chanaka Lasantha
 
Docker framework
Docker frameworkDocker framework
Docker framework
Chanaka Lasantha
 
CYBER SECURITY WORKSHOP (Only For Educational Purpose)
CYBER SECURITY WORKSHOP (Only For Educational Purpose)CYBER SECURITY WORKSHOP (Only For Educational Purpose)
CYBER SECURITY WORKSHOP (Only For Educational Purpose)
Chanaka Lasantha
 

More from Chanaka Lasantha (20)

Storing, Managing, and Deploying Docker Container Images with Amazon ECR
Storing, Managing, and Deploying Docker Container Images with Amazon ECRStoring, Managing, and Deploying Docker Container Images with Amazon ECR
Storing, Managing, and Deploying Docker Container Images with Amazon ECR
 
Building A Kubernetes App With Amazon EKS
Building A Kubernetes App With Amazon EKSBuilding A Kubernetes App With Amazon EKS
Building A Kubernetes App With Amazon EKS
 
ERP System Implementation Kubernetes Cluster with Sticky Sessions
ERP System Implementation Kubernetes Cluster with Sticky Sessions ERP System Implementation Kubernetes Cluster with Sticky Sessions
ERP System Implementation Kubernetes Cluster with Sticky Sessions
 
Free radius for wpa2 enterprise with active directory integration
Free radius for wpa2 enterprise with active directory integrationFree radius for wpa2 enterprise with active directory integration
Free radius for wpa2 enterprise with active directory integration
 
Distributed replicated block device
Distributed replicated block deviceDistributed replicated block device
Distributed replicated block device
 
Complete squid &amp; firewall configuration. plus easy mac binding
Complete squid &amp; firewall configuration. plus easy mac bindingComplete squid &amp; firewall configuration. plus easy mac binding
Complete squid &amp; firewall configuration. plus easy mac binding
 
Athenticated smaba server config with open vpn
Athenticated smaba server config with open vpnAthenticated smaba server config with open vpn
Athenticated smaba server config with open vpn
 
Ask by linux kernel add or delete a hdd
Ask by linux kernel add or delete a hddAsk by linux kernel add or delete a hdd
Ask by linux kernel add or delete a hdd
 
One key sheard site to site open vpn
One key sheard site to site open vpnOne key sheard site to site open vpn
One key sheard site to site open vpn
 
Usrt to ethernet connectivity over the wolrd cubieboard bords
Usrt to ethernet connectivity over the wolrd cubieboard bordsUsrt to ethernet connectivity over the wolrd cubieboard bords
Usrt to ethernet connectivity over the wolrd cubieboard bords
 
Site to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql dbSite to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql db
 
Site to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory authSite to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory auth
 
Site to-multi site open vpn solution-latest
Site to-multi site open vpn solution-latestSite to-multi site open vpn solution-latest
Site to-multi site open vpn solution-latest
 
Install elasticsearch, logstash and kibana
Install elasticsearch, logstash and kibana Install elasticsearch, logstash and kibana
Install elasticsearch, logstash and kibana
 
Oracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfsOracle cluster installation with grid and nfs
Oracle cluster installation with grid and nfs
 
Oracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsiOracle cluster installation with grid and iscsi
Oracle cluster installation with grid and iscsi
 
AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)
AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)
AUTOMATIC JBOSS CLUSTER MANAGEMENT SYSTEM (PYTHON)
 
ully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management System
ully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management Systemully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management System
ully Automatic WSO2 Enterprise Service Bus(ESB) Cluster Management System
 
Docker framework
Docker frameworkDocker framework
Docker framework
 
CYBER SECURITY WORKSHOP (Only For Educational Purpose)
CYBER SECURITY WORKSHOP (Only For Educational Purpose)CYBER SECURITY WORKSHOP (Only For Educational Purpose)
CYBER SECURITY WORKSHOP (Only For Educational Purpose)
 

Recently uploaded

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 

Recently uploaded (20)

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 

Configuring apache, php, my sql, ftp, ssl, ip tables phpmyadmin and server monitoring complete solution

  • 1. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 1 Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution Documented By Chanaka Lasantha Nanayakkara Email : chanaka.lasantha@gmail.com Mob : 071-1381308 Contents Setting Up Ips, Repos and Nameserver info 01 Installing and Config Apache Web Server 02 Installing and Config PHP 03 Installing and Config SSL 04 Installing and Config MySQL 05 Installing and Config PHPmyadmin 06 Installing and Config FTP Server 07 Installing and Config DDNS Client 08 Configuring IPTables Firewall 09 Installing and Config Web Server Monitoring 10
  • 2. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 2 Setting Up Ips, Repos and Nameserver info Date: date -s "9 AUG 2013 11:32:08" Time: date +%T -s "11:32:08" ## RHEL/CentOS 6 32-Bit ## wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm rpm -ivh epel-release-6-8.noarch.rpm ## RHEL/CentOS 6 64-Bit ## wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm rpm -ivh epel-release-6-8.noarch.rpm Preparing... ###################################### [100%] 1:epel-release ###################################### [100%] sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/epel.repo # when you use the repository, input yum command like follows yum --enablerepo=epel install xayhsdhsd Installing Apache Web Server yum -y install httpd rm -f /etc/httpd/conf.d/welcome.conf rm -f /var/www/error/noindex.html ln -s /usr/bin/perl /usr/local/bin/perl Configure httpd vim /etc/httpd/conf/httpd.conf # line 44: change ServerTokens Prod # line 74: change to ON KeepAlive On # line 251: Admin's address ServerAdmin root@myweb.com # line 265: change to your server's name ServerName www.myweb.com:80 # line 320: change (enable CGI and disable Indexes) Options FollowSymLinks ExecCGI # line 327: change AllowOverride All # line 391: add file name that it can access only with directory's name DirectoryIndex index.html index.cgi index.php # line 524: change
  • 3. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 3 ServerSignature Off # line 747: make it comment #AddDefaultCharset UTF-8 # line 778: uncomment and add file-type that apache looks them CGI AddHandler cgi-script .cgi .pl /etc/rc.d/init.d/httpd start chkconfig httpd on Installing PHP yum -y install php php-mbstring php-pear vim /etc/httpd/conf/httpd.conf # line 402: add file name that it can access only with directory's name DirectoryIndex index.html index.php vim /etc/php.ini # line 946: set your timezone date.timezone = "Asia/Colombo" /etc/rc.d/init.d/httpd restart Create a your server's original SSL Certificate. cd /etc/pki/tls/certs make server.key openssl rsa -in server.key -out server.key make server.csr openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 chmod 400 server.* Configration of SSL yum -y install mod_ssl vim /etc/httpd/conf.d/ssl.conf # line 84: uncomment DocumentRoot "/var/www/html" # line 85: uncomment and specify server name ServerName www.myweb.com:443 # line 112: specify certificate SSLCertificateFile /etc/pki/tls/certs/server.crt # line 119: specify certification key SSLCertificateKeyFile /etc/pki/tls/certs/server.key /etc/rc.d/init.d/httpd restart
  • 4. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 4 Installing MySQL yum -y install mysql-server /etc/rc.d/init.d/mysqld start chkconfig mysqld on /usr/bin/mysql_secure_installation Log in MySQL as root mysql -uroot -p Installing PHPmyadmin yum --enablerepo=epel -y install phpMyAdmin php-mysql php-mcrypt # install from EPEL vi /etc/httpd/conf.d/phpMyAdmin.conf # line 13: add IP address you permit Allow from 127.0.0.1 10.0.0.0/24 /etc/rc.d/init.d/httpd reload Access to 'http://192.168.2.204/phpmyadmin' with web browser, then following screen is shown. Login with a user in MySQL. Installing FTP Server use existing group to provide access on shared directory: groupadd ftpusers chgrp -R ftpusers /var/www/html chmod -R 777 /var/www/html # This is Optional useradd chanaka usermod -G ftpusers chanaka passwd chanaka chown -R chanaka: chanaka /var/www/html # This is Optional yum -y install vsftpd vim /etc/vsftpd/vsftpd.conf # line 12: no anonymous anonymous_enable=NO # line 80,81: uncomment ( allow ascii mode ) ascii_upload_enable=YES ascii_download_enable=YES # line 95, 96: uncomment ( enable chroot ) chroot_local_user=YES chroot_list_enable=YES # line 98: uncomment ( specify chroot list ) chroot_list_file=/etc/vsftpd/chroot_list # line 104: uncomment
  • 5. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 5 ls_recurse_enable=YES # add at the last line # specify root directory ( if don't specify, users' home directory become FTP home directory) local_root=/var/www/html # use localtime use_localtime=YES vim /etc/vsftpd/chroot_list # add users you allow to move over their home directory chanaka Sameera Admin /etc/rc.d/init.d/vsftpd start Starting vsftpd for vsftpd: [ OK ] chkconfig vsftpd on Installing DDNS Client Domain Transfer Guide (Inbound) In order to transfer a domain from your current registrar you will need your Authorization/EPP code. Contact your current registrar for this code and have them release/unlock your domain. Once you receive your Authorization/EPP code and your domain is released you can request a transfer from your No-IP account. If your account does not already have valid contact information you should do this first. This can be set by going to “Domain Registration” and then click the “Domain Contact” link on the left-hand navigation bar. Enter your contact information (all fields with an asterisk ‘*’ are required). Once your contact information is entered click “Create Contact.” To request a domain transfer go to the “Domain Registration” tab and click “Transfer Domain.” Type your domain into the box. If you have multiple domains that you wish to transfer you can enter them in box labeled “Domains to Transfer,” simply separate the domains by using a space (as specified). Note, the following specifications need to be met before proceeding (for each domain): · There is a valid email address you can access for its registrant contact · The domain name has been registered more than 60 days · Any lock or hold at your current registrar has been removed · For .com, .net, .org, .biz, .info, .tv, .cc, .me, .us, and .co you have the Authorization Code (EPP Key) for domain transfers from your current registrar. Once your domains have been entered click “Next.” Specify the DNS package you will be using for your domain. Enter the current Registrants email address for the domains you are transferring. Then enter the Auth/EPP codes for each domain you will be transferring (these are case sensitive) then click “Next.” Verify the “Post-transfer Contact Information” and then click “Next” again.
  • 6. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 6 Your request will need to be activated before it is completed. To do this click “Activate Now” and then select the service that you will need from the “Renew/Activate” and follow the check out process. Domain’s that can be transferred and pricing can be viewed here. Once you have paid we will send a verification email to the email address of the current owner listed on the Whois database. Please follow the instructions in that email to approve the transfer. When the transfer request has been made your current registrar will process the request (this can take up to seven days, after the seven days, the transfer will become automatic). Please monitor the status of your Domain Transfer by going to the “Domain Registration” and clicking on “Manage Transfers.” A successful request will have the status of “Requested.” A completed transfer will have the status of “Complete.” Once the transfer is completed and approved by your domain name registrar please allow 24-48 hours for the DNS information to propagate globally. Once this process is complete No-IP will be the registrar and the DNS provider for your domain/s. Install “Make” compiler program in preparation to compile the no-ip program. You might also have to install the “GCC” compiler if “Make” compiler don’t work; I have both GCC and Make installed. The following is the commands to download &install them: yum install gcc yum install make Now onto the easy step-by-step installation of no-ip client. Run the following 6 commands from the terminal: mkdir noip && cd noip wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz tar zvxf noip-duc-linux.tar.gz cd noip-2.1.9-1 make make install Please enter the login/email string for no-ip.com (email account that you used to set-up no-ip account) Please enter the password for user(password that you used to login to no-ip) Please enter an update interval: [30] 30 (Increments in minutes that you want no-ip client to check if your router’s external dynamic IP address has changed and updates it accordingly.) Do you wish to run something at successful update? *N+ (y/N) N(Just enter “N” here.) /usr/local/bin/noip2(To start/run noip client) echo ‘/usr/local/bin/noip2′ >> /etc/rc.local(To start/run noip client after each system reboot More useful no-ip commands  /usr/local/bin/noip2 -C to configure noip client  /usr/local/bin/noip2 -S to display info about running noip client  /usr/local/bin/noip2 -U to set update intervals (in minutes)
  • 7. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 7 Enable IP Forwarding (Highly Important!) If you want your OpenVPN clients to be able to access the network, in addition to the push routes statements above you will need to setup ip forwarding for the tunnel interface and change the 0 to a 1. vim /etc/sysctl.conf # ------ Edit the following line changing the 0 to a 1 ----- net.ipv4.ip_forward = 1 Save and close the file. Reload the changes by typing the following command: Or echo 1 > /proc/sys/net/ipv4/ip_forward sysctl -p Configuring IPTables Firewall service iptables start iptables --flush iptables --table nat -–flush iptables --delete-chain service iptables save service iptables restart service network restart iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 2 -j ACCEPT iptables -A INPUT -p icmp -j ACCEPT iptables -A OUTPUT -p icmp -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state INVALID -j DROP iptables -A OUTPUT -m state --state INVALID -j DROP iptables -A INPUT -m state --state NEW -p tcp --tcp-flags ALL ALL -j DROP iptables -A INPUT -m state --state NEW -p tcp --tcp-flags ALL NONE -j DROP iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP iptables -N SYN_FLOOD iptables -A INPUT -p tcp --syn -j SYN_FLOOD iptables -A SYN_FLOOD -m limit --limit 2/s --limit-burst 6 -j RETURN iptables -A SYN_FLOOD -j DROP iptables -A INPUT -p icmp -m icmp --icmp-type address-mask-request -j DROP iptables -A INPUT -p icmp -m icmp --icmp-type timestamp-request -j DROP iptables -A INPUT -p icmp -m icmp -m limit --limit 1/second -j ACCEPT
  • 8. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 8 iptables -A INPUT -p tcp -m tcp --tcp-flags RST RST -m limit --limit 2/second --limit-burst 2 -j ACCEPT iptables -A INPUT -m recent --name portscan --rcheck --seconds 86400 -j DROP iptables -A FORWARD -m recent --name portscan --rcheck --seconds 86400 -j DROP iptables -A INPUT -m recent --name portscan --remove iptables -A FORWARD -m recent --name portscan –remove iptables -A INPUT -s 0.0.0.0/7 -j DROP iptables -A INPUT -s 2.0.0.0/8 -j DROP iptables -A INPUT -s 5.0.0.0/8 -j DROP iptables -A INPUT -s 7.0.0.0/8 -j DROP iptables -A INPUT -s 10.0.0.0/8 -j DROP iptables -A INPUT -s 23.0.0.0/8 -j DROP iptables -A INPUT -s 27.0.0.0/8 -j DROP iptables -A INPUT -s 31.0.0.0/8 -j DROP iptables -A INPUT -s 36.0.0.0/7 -j DROP iptables -A INPUT -s 39.0.0.0/8 -j DROP iptables -A INPUT -s 42.0.0.0/8 -j DROP iptables -A INPUT -s 49.0.0.0/8 -j DROP iptables -A INPUT -s 50.0.0.0/8 -j DROP iptables -A INPUT -s 77.0.0.0/8 -j DROP iptables -A INPUT -s 78.0.0.0/7 -j DROP iptables -A INPUT -s 92.0.0.0/6 -j DROP iptables -A INPUT -s 96.0.0.0/4 -j DROP iptables -A INPUT -s 112.0.0.0/5 -j DROP iptables -A INPUT -s 120.0.0.0/8 -j DROP iptables -A INPUT -s 169.254.0.0/16 -j DROP iptables -A INPUT -s 172.16.0.0/12 -j DROP iptables -A INPUT -s 173.0.0.0/8 -j DROP iptables -A INPUT -s 174.0.0.0/7 -j DROP iptables -A INPUT -s 176.0.0.0/5 -j DROP iptables -A INPUT -s 184.0.0.0/6 -j DROP iptables -A INPUT -s 192.0.2.0/24 -j DROP iptables -A INPUT -s 197.0.0.0/8 -j DROP iptables -A INPUT -s 198.18.0.0/15 -j DROP iptables -A INPUT -s 223.0.0.0/8 -j DROP iptables -A INPUT -s 224.0.0.0/3 -j DROP iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
  • 9. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 9 iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+1%3d1” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%27%27%3d%27” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+1%3d1” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%27%27%3d%27” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+1%3d1” --algo bm -j DROP iptables -I FORWARD -s 0.0.0.0/0 -m string --string “%27+or+%271%27%3d%271” --algo bm -j DROP service iptables save service iptables restart service network restart /sbin/iptables -L iptables -L -t nat –n iptables -vnL Installing Web Server Monitoring yum -y install graphviz wget http://www.hping.org/visitors/visitors-0.7.tar.gz tar zxvf visitors-0.7.tar.gz cd visitors_0.7 make cp visitors /usr/local/bin/ cd mkdir /var/www/html/visitors vim /etc/httpd/conf.d/visitors.conf # create new <Location /visitors> Order Deny,Allow Deny from all Allow from 10.0.0.0/24 # IP address you allow </Location> /etc/rc.d/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] # generate common reports visitors -A /var/log/httpd/access_log -o html > /var/www/html/visitors/index.html -- 11 lines processed in 1 seconds 0 invalid lines, 0 blacklisted referers # generate page tour reports visitors -A -m 30 /var/log/httpd/access_log -o html --trails --prefix http://www.myweb.com > /var/www/html/visitors/trails.html --
  • 10. Configuring Apache, PHP, MySQL, FTP, SSL, IPTables PHPMyadmin and Server Monitoring Complete Solution 10 11 lines processed in 1 seconds 0 invalid lines, 0 blacklisted referers # generate page tour image visitors /var/log/httpd/access_log --prefix http://www.myweb.com -V > /var/www/html/visitors/graph.dot -- 11 lines processed in 1 seconds 0 invalid lines, 0 blacklisted referers dot -Tpng /var/www/html/visitors/graph.dot > /var/www/html/visitors/graph.png Access to 'http://(your server's name or IP address)/visitors/' http://(your server's name or IP address)/visitors/graph.png Remort Login to the Web Server with Putty