Create a “secure” Linux web server

This solution provides an apache/httpd server with PHP 5.3.0 on a RHEL system that utilizes the following products for protection:

iptables (“here’s a good policy stack. X.”)
mod_security (and the SpiderLab’s OWASP customer rule set/CSR.)
mod_evasive (yes, built for apache 2.4.x, because, grep.)
fail2ban (yep)
samhain (this sucker is fantastically intricate and awesome.)

I also include some hardening advice for sshd, httpd, and php.

Here is a list of web pages I referenced during the entire thing:

http://www.howtoforge.com/host-based-intrusion-detection-samhain
http://www.la-samhna.de/samhain/manual/
http://www.la-samhna.de/library/scanners.html
http://www.symantec.com/connect/articles/host-integrity-monitoring-best-practices-deployment
http://www.symantec.com/connect/articles/securing-linux-aide
http://www.foosel.org/blog/2008/04/banning_phpmyadmin_bots_using_fail2ban
http://admintweets.com/2013/02/12/fail2ban-add-apache-post-flood-rule/
https://www.digitalocean.com/community/articles/how-to-protect-ssh-with-fail2ban-on-centos-6
http://www.zdziarski.com/blog/?page_id=442
http://www.tecmint.com/protect-apache-using-mod_security-and-mod_evasive-on-rhel-centos-fedora/
https://www.digitalocean.com/community/articles/how-to-set-up-mod_security-with-apache-on-debian-ubuntu
http://www.howtoforge.com/apache_mod_security
https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project#tab=Installation
http://www.modsecurity.org/documentation/php-register-globals.html
http://blog.modsecurity.org/2007/02/php-peculiariti.html
http://www.modsecurity.org/documentation/apache-internal-chroot.html
http://www.symantec.com/connect/articles/securing-apache-step-step
http://www.symantec.com/connect/articles/securing-php-step-step
http://www.madirish.net/?article=229
http://www.cyberciti.biz/faq/rhel-linux-block-ssh-dictionary-brute-force-attacks/
http://serverfault.com/questions/212269/tips-for-securing-a-lamp-server
http://httpd.apache.org/docs/2.4/install.html
http://stackoverflow.com/a/9436971/843000
Advertisements
  1. Peter
    August 7, 2017 at 1:05 pm

    This is the header for a series of pages. It would be useful if the pages had “Next” and “Previous” links, so that the reader could go through the pages easily, instead of going through the ToC links.

    • August 7, 2017 at 1:15 pm

      Thanks for your comment. Agreed. I have to do this manually and have done it on other “solutions” pages. I’m not sure if I’ll have time to do it on here. The “solution” hasn’t been touched in a long time and is generally incomplete anyway.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: