Posts

Showing posts from 2016

LAMP ( Linux Apache MySQL PHP ) : Apache Web Server Security Hardening

Image
Firewall - UFW A good place to start is to install a Firewall. UFW - Uncomplicated Firewall is a basic firewall that works very well and easy to configure with its Firewall configuration tool - gufw, or use  Shorewall, fwbuilder, or Firestarter. Use Firestarter GUI to configure your firewall or refer to the Ubuntu Server Guide,  UFW manual pages or the Ubuntu UFW community documentation. Install UFW and enable, open a terminal window and enter : :~$ sudo apt-get install ufw Allow SSH and Http services. :~$ sudo ufw allow ssh :~$ sudo ufw allow http :~$ sudo ufw allow https/tcp Enable the firewall. :~$ sudo ufw enable Check the status of the firewall. :~$ sudo ufw status verbose SSH Hardening - key based login, disable root login and change port. The best way to secure SSH is to use public/private key based login. See SSH/OpenSSH/Keys If you have to use password authentication, the easiest way to secure SSH is to disable root login and change the SSH por

Protect your apache server from WordPress Pingback DDoS attacks

Image
A security researcher at SANS Technology Institute put out an  advisory  around 8 months ago when he discovered that WordPress’s “pingback” functionality contains an exploit allowing it to request a result from any server that an attacker wishes. This vulnerability means that there are thousands of WordPress installations that can be effectively weaponized to conduct floods against any target site of someone’s desire. This particular attack is dangerous because many servers can be overwhelmed with only 200 blogs “pingbacking” their site, clogging up their limited connections and/or resources. To confirm if you are under wordpress pingback ddos attack, check your access logs. $ sudo tail -f /var/log/apache2/access.log Logs will look like this: 74.86.132.186 - - [09/Mar/2014:11:05:27 -0400] "GET /?4137049=6431829 HTTP/1.0" 403 0 "-" " WordPress /3.8; http://www.mtbgearreview.com" 143.95.250.71 - - [09/Mar/2014:11:05:27 -0400] "GET /?4758117=50739

Cakeswatch is adaptation of Bootswatch for CakePHP 3.x themes

Image
Cakeswatch Cakeswatch is adaptation of Bootswatch for CakePHP 3.x themes. Get it here :  https://github.com/sherwinrobles/Cakeswatch Installation using git cd my_app_name git clone git://github.com/sherwinrobles/Cakeswatch plugins/Cakeswatch Manual installation Download and extract file inside  my_app_name/ plugins/ Load plugin and use the theme In your config/bootstrap.php in the bottom of the file add Plugin::load('Cakeswatch'); In your src/Controller/AppControler.php add public function initialize() { $this->viewBuilder()->theme('Cakeswatch'); } To use the different bootswatch themes. In your plugins/Cakeswatch/src/Template/Layout/default.ctp change the css name of bootswatch theme you want to use. echo $this->Html->css('flatly.css'); When running bake use the --theme option to specify the bake-theme you want to use. bin/cake bake template model_name --theme Cakeswatch