Archive for April, 2013

 

Follow the below steps to install Atomic mod_security rules in cPanel.

 

Stage 1: Run the following commands at command line:

mkdir /var/asl
mkdir /var/asl/tmp
mkdir /var/asl/data
mkdir /var/asl/data/msa
mkdir /var/asl/data/audit
mkdir /var/asl/data/suspicious
chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*
chmod ug+rwx -R /var/asl/data/*
mkdir /var/asl/updates
mkdir /var/asl/rules/
mkdir /var/asl/rules/clamav
mkdir /etc/asl/
touch /etc/asl/whitelist
cd /usr/local/src/
wget http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz
tar zxvf modsec-2.7-free-latest.tar.gz
mkdir /usr/local/apache/conf/modsec_rules/
cp modsec/*  /usr/local/apache/conf/modsec_rules/

These command will create the required directory’s and download the latest free version of the Atomic Mod Security rules. It will also directly install them into the location of Apache designed for cPanel and configure the permission.

Stage 2: Configure cPanel to use the Mod Security Rules

In this stage, you can do everything from WHM as long as you have Mod Security already installed as part of your EasyApache build. If you do not, you will need to rebuild apache with Mod Security.

In go to: WHM -> Plugins -> Mod Security and then click: Edit Config

In this section, delete all the current content and then paste in the following configuration:

SecRequestBodyAccess On
SecAuditLogType Concurrent
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecServerSignature Apache
SecUploadDir /var/asl/data/suspicious
SecUploadKeepFiles Off
SecAuditLogParts ABIFHZ
SecArgumentSeparator "&"
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
SecResponseBodyLimitAction ProcessPartial

Include /usr/local/apache/conf/modsec_rules/10_asl_antimalware.conf
Include /usr/local/apache/conf/modsec_rules/10_asl_rules.conf
Include /usr/local/apache/conf/modsec_rules/20_asl_useragents.conf
Include /usr/local/apache/conf/modsec_rules/30_asl_antispam.conf
Include /usr/local/apache/conf/modsec_rules/50_asl_rootkits.conf
Include /usr/local/apache/conf/modsec_rules/60_asl_recons.conf
Include /usr/local/apache/conf/modsec_rules/99_asl_jitp.conf
Include /usr/local/apache/conf/modsec2.whitelist.conf

Save this and restart Apache.

This should now have successfully installed the Atomic mod security rules into cPanel which are a much more secure rule base and include extra protection which is important for the latest hacks.

The LAMP installation process

Posted: April 29, 2013 in General linux

A few words before we start. This is not a step by step instruction guide to install LAMP. This is how I completed the LAMP installation successfully!!! You may find some stuff  just as waste 😛 Please don’t put the blame on me for that 🙂

Ok. Let’s start

I referred the below URL to start LAMP installation.


http://lamphowto.com/lampssl.html

As mentioned here, before starting the installation, I checked for the RPM versions of below services.


rpm -qa | grep -i apache
rpm -qa | grep -i httpd
rpm -qa | grep -i php
rpm -qa | grep -i mysql
rpm -qa | grep -i openssl
rpm -qa | grep -i mod_ssl

Found rpm versions of httpd, aopache and openssl. Removed them using the below commands.


rpm -e httpd-2.2.3-43.el5.centos.
rpm -e vzdummy-apache-1.0-1.swsoft
rpm -e openssl-0.9.8e-12.el5_4.6

Then I downloaded below tar balls to /usr/local/src.


wget http://apache.mirrors.tds.net//httpd/httpd-2.2.23.tar.gz
wget http://us.php.net/get/php-5.3.15.tar.gz/from/this/mirror
wget http://mysql.mirrors.pair.com/Downloads/MySQL-5.5/mysql-5.5.18.tar.gz
wget http://www.openssl.org/source/openssl-1.0.1c.tar.gz
wget http://www.modssl.org/source/mod_ssl-2.8.30-1.3.39.tar.gz

Unzipped them using the below commmands.


tar zxf httpd-2.2.23.tar.gz
tar zxf mysql-5.5.28.tar.gz
tar zxf php-5.3.15.tar.gz
tar zxf openssl-1.0.1c.tar.gz
tar zxf mod_ssl-2.8.30-1.3.39.tar.gz
tar zxf mod_ssl-2.8.30-1.3.39.tar.gz

I decided to start with the mysql installation.

Created a group ‘mysql’ and user ‘mysql’ with the following commands.


groupadd mysql
useradd -g mysql -c “MySQL Server” mysql

Moved to ‘mysql-5.5.28’ and ran ‘./configure’, but recieved ‘command not found’ error. From the Internet, understood that from mysql-5.5, cmake is used instaed of ./configure.
Ran ‘cmake mysql-5.5.28’ and again received ‘command not found’ error.

Understood that cmake needs to be installed. Downloaded ‘cmake-2.8.3.tar.gz’, unzipped, and moved to ‘cmake-2.8.3.tar.gz’.

Ran ‘./configure’ and encountered ‘gcc’ not found error.

Made yum working and installed ‘gcc’ and ‘gcc-c++’ using yum.

Then I installed ‘cmake ‘ using the below commands.


./configure
gmake
gmake install
—‘cmake mysql-5.5.28’

After removing ‘CMakeCache.txt’, ran ‘cmake mysql-5.5.28’ and encountered ‘curses library not found’ error. Installed ‘ncurses-devel’ and ran ‘cmake mysql-5.5.28’. At the end, saw the warning ‘Bison executables not found’. Ignored it and gone ahead with ‘make’ and ‘make install’. However, running ‘./scripts/mysql_install_db’ was not successful. With the assumption that installation is corrupted, tried to reinstall several times but failed as before.

Exported the bison path as below but did not help.


export PATH=$PATH:/usr/local/bison/bin

I left the mysql installation there and went for apache installation. Since I was not convinced with the installation of apache mentioned at ‘http://lamphowto.com/lampssl.html’, went for another link and got the below link.


http://www.thegeekstuff.com/2011/03/install-apache2-ssl/

I followed the instructions here and upon compiling, encountered ‘libssl not found’error.
Installed ‘libssl-dev’ using yum and compiled apache with ssl support, and successfully installed apache-2.2.17.

I came back to the mysql installation and tried to uninstall source installation using the below command, but it wasn’t successful.


make -n uninstall

I did a detail study on source installation of mysql and understood that the new installation will overwrite the old one. Also, read that it is better to download the tar ball from mysql’s site.

So, I downloaded ‘mysql-5.5.27.tar.gz’ from the below URl.


wget http://downloads.mysql.com/archives/mysql-5.5/mysql-5.5.27.tar.gz

>From the URL ‘http://dev.mysql.com/doc/refman/5.5/en/installing-source-distribution.htm’. understood that bazar, bison and perl needs to be installed before mysql. Installed perl and bazar using yum and bison from the source. After that, I successfully installed mysql-5.5.27.

However, the command mysql was not working since the server fails to identify the binary. So, I included the following line in the root’s .bashrc and .bash_profile and this fixed the issue.


PATH=${PATH}:/usr/local/mysql/bin

Then I went for the installation of ‘php-5.3.15’ with mysql support. Upon compiling, I received the ‘configure: error: xml2-config not found’ error. So, I installed ‘libxml2-devel’ using yum. When I recompiled, again ended with the error ‘configure: error: Cannot find MySQL header files under yes’. Then I specified the path of mysql as below and the compilation eneded with another error, cannot allocate memory.


./configure –with-apxs2=/usr/local/apache2/bin/apxs –with-mysql=/usr/local/mysql

Then I recompiled using the option ‘disable-fileinfo’ as below and successfully installed ‘php-5.3.15’.


./configure –with-apxs2=/usr/local/apache2/bin/apxs –with-mysql=/usr/local/mysql –disable-fileinfo

Created a phpinfo page at ‘/usr/local/apache2/htdocs’ and upon loading, it was just showing the code instead of info page. However, the page was displaying properly when using the php command:
php -r ‘print_r(phpinfo());’
I had been copied the ‘development’ version of php.ini to /usr/local/lib/php/ini. Upon checking, I could find that the ‘short_open_tag’ has the value ‘Off’ for ‘development’ version. Changed it to ‘On’ and loaded the info page successfully.
Thus, I completed the most interesting ‘LAMP’ installation.

What is Linux?

Posted: April 23, 2013 in General linux

Linux is as much a phenomenon as it is an operating system. To understand why Linux has become so popular, it is helpful to know a little bit about its history. The first version of UNIX was originally developed several decades ago and was used primarily as a research operating system in universities. High-powered desktop workstations from companies like Sun proliferated in the 1980s, and they were all based on UNIX. A number of companies entered the workstation field to compete against Sun: HP, IBM, Silicon Graphics, Apollo, etc. Unfortunately, each one had its own version of UNIX and this made the sale of software difficult. Windows NT was Microsoft’s answer to this marketplace. NT provides the same sort of features as UNIX operating systems — security, support for multiple CPUs, large-scale memory and disk management, etc. — but it does it in a way that is compatible with most Windows applications.

The entry of Microsoft into the high-end workstation arena created a strange dynamic. The proprietary operating systems owned by separate companies and the lack of a central authority in the UNIX world weaken UNIX, but many people have personal problems with Microsoft. Linux stepped into this odd landscape and captured a lot of attention.

The Linux kernel, created by Linus Torvalds, was made available to the world for free. Torvalds then invited others to add to the kernel provided that they keep their contributions free. Thousands of programmers began working to enhance Linux, and the operating system grew rapidly. Because it is free and runs on PC platforms, it gained a sizeable audience among hard-core developers very quickly. Linux has a dedicated following and appeals to several different kinds of people:

  • People who already know UNIX and want to run it on PC-type hardware
  • People who want to experiment with operating system principles
  • People who need or want a great deal of control over their operating system
  • People who have personal problems with Microsoft

In general, Linux is harder to manage than something like Windows, but offers more flexibility and configuration options.