Mod_security | Techgurulive.com

Search Results

28 Steps on how to harden your Linux server

If you run your own Linux server here are some tips on server hardening, liberally stolen from the CFS security GUI script for cPanel/WHM, that I have become only too familiar with since yesterday: On your firewall (you do have one donâ€™t you?) check the incoming MySQL port and if 3306 is open, close it. [...]

IT-Tips, Linux accesses, apache, attack, attackers, attacks, build, check, choose, client, create, daemons, databases, difference, directory, edit, edition, enable, file, firewall, functionality, help, hosts, incoming, install, lib, linux, listing, logs, mysql, nameservers, port, ports, prevent, protect, protection, protocol, recursion, recursively, risk, scripts, secure, Security, server, servers, shell, sites, source, SQL, ssh, system, systems, usr, workarounds, 0

How To Install PHP

Generally, the installation process of Apache with PHP is very similar to the process of installing Apache without PHP, as described in the previous article. The only difference is the use of two additional modules: mod_php and mod_security. As in the previous article, we will start by creating an account and group called “apache”. Then [...]

Apache, LAMP, Linux apache, check, command, community, compilation, compiler, configuration, configure, connection, Copy, create, databases, difference, directory, functionality, Generator, group, install, lib, logs, mysql, passwords, scripts, secure, Security, servers, source, 0

How to Defend against CSS and SQL Injection attacks

The last step of securing the server is implementing the logging of the GET and POST payloads, and implementing protection against Cross-Site-Scripting and SQL Injection attacks. In order to perform that, we will use the mod_security module, which we enable by adding the following line into httpd.conf: AddModule mod_security.c To enable logging of the GET [...]

Apache, IT-Tips, LAMP, Linux, Security apache, attack, client, command, configuration, configure, enable, functionality, logs, possibilities, protect, protection, risk, scripts, secure, Security, servers, SQL, vulnerability, 0

How to Disable mod_security in .htaccess file

1. If you do not have one yet, an .htaccess file in the folder of your web application 2. To disable mod_security COMPLETELY, add the following line to the .htaccess file: SecFilterEngine Off OR, to disable HTTP POST scanning only, use the following instead: SecFilterScanPOST Off 3. Save the file and test your web application [...]

Apache, IT-Tips, Security check, enable, folders, htaccess, protect, protection, servers, upload, 3

Secure your Apache2 with mod-security

Installation: In order to install mod-security with apache2, you need libapache2-mod-security: $sudo apt-get install libapache2-mod-security and then enable mod-security and reload apache2 $sudo a2enmod mod-security $sudo /etc/init.d/apache2 force-reload Once this is done, you will be able to filter GET, POST urls …. and apply different rules depending on what the page/variables/url contain Configuration: Apache running [...]

Apache, IT-Tips, Security apache, attack, byte, check, configuration, configure, create, Debugging, difference, edit, edition, enable, Generator, install, logs, prevent, secure, Security, servers, system, what, 2

20 ways to Secure your Apache Configuration

First, make sure you’ve installed latest security patches There is no sense in putting locks on the windows, if your door is wide open. As such, if you’re not patched up there isn’t really much point in continuing any longer on this list. Go ahead and bookmark this page so you can come back later, [...]

Apache, IT-Tips, LAMP, Security accesses, apache, attack, byte, chroot, client, config, configuration, configure, create, determine, directory, edit, edition, enable, Generator, grep, group, help, htaccess, install, listing, logs, memory, multiple, network, networking, patches, prevent, roots, secure, Security, servers, services, sites, source, system, upload, what, Windows, xml, 0