Linuxaria

How to protect Apache with Fail2ban

Apr 232013

Around 2 years ago I wrote an article about fail2ban.

Fail2ban is an intrusion prevention framework written in the Python programming language. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally (such as, iptables or TCP Wrapper).
Fail2ban’s main function is to block selected IP addresses that may belong to hosts that are trying to breach the system’s security. It determines the hosts to be blocked by monitoring log files (e.g. /var/log/pwdfail, /var/log/auth.log, etc.) and bans any host IP that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator.

Today I want to show you some configurations that you can use to improve the security of your Apache.
Continue reading »

Find me on Google+

The Importance of Securing a Linux Web Server

Article, Howto 3 Responses »

Jan 132013

Today I present a really interesting article by Scott Miller first published on Infosecinstitute.com.

With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

Many risks are possible from a compromise including using the web server into a source of malware, creating a spam-sending relay, a web or TCP proxy, or other malicious activity. The operating system and packages can be fully patched with security updates and the server can still be compromised based purely on a poor security configuration. Security of web applications first begins with configuring the server itself with strict security in mind.

Find me on Google+

4 open source software to analyse big quantity of log files

Article, Review No Responses »

Dec 022012

Logging is a critical thing for all system administrators, if you log too much and you don’t manage the files you could fill up a partition or even worst stop some service, if you don’t log enough you’ll lose information when something goes wrong, in general a good solution for this is to send all the logs to a central server that will store for the time you need them, and keep just 1,2 days of log into the local machine.

You could do this configuration easily with rsyslog or syslog-ng to send/receive the logs and logrotate to rotate the files locally on your machines, today I want to show you some open source programs that can receive the logs, store them on filesystem or database and analyse them presenting the results via Web dashboards.

These are large applications most suited for big company, or in general to everyone that want to keep and manage a lot of data they are: Apache Flume, Logstash, Greylog2 and Scribe

Find me on Google+

Tune mod_jk to Boost HTTP/Java Server Performance

10/25/2012
Tune mod_jk to Boost HTTP/Java Server Performance
Posted by Riccardo at 18:31
No Responses
Article, Howto
Tagged with: apache, Apache HTTP Server, apache jserv, apache tomcat, httpd, java application server, jboss, jk, load balancer, load balancing, mod_jk, system administration, Technical, Tomcat, Tutorial, web server

This is an article of mine first published on Wazi The mod_jk connector serves as the glue between the Apache HTTP server and a Java application server such as Tomcat or JBoss. While most adminstrators concentrate on optimizing Apache or the Java server, setting up mod_jk optimally can also improve your users’ experience. To be [...]

Cacti Makes Device Monitoring Simple

08/21/2012
Cacti Makes Device Monitoring Simple
Posted by Riccardo at 23:22
No Responses
Article, Howto
Tagged with: apache, cacti, data logging, graphs, infrastructure, linux, monitoring program, mysql database, nagios, network, open source, rrdtool, scripts

This is an article of mine, first published on Wazi Every organization must monitor its infrastructure’s uptime and performance. While the popular Nagios application is a good general-purpose monitoring program that you can extend with plugins to handle just about any task, you may do even better by employing Cacti as a graphical front end to RRDTool‘s data logging and graphing functionality. Cacti was [...]

Older Entries