Selinux file_contexts: Multiple same specifications for /usr/local/lost\+found.

Posted by Jason Web Hosting Thursday 16 April 2009 4:07 pm

If you receive the message “/etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /usr/local/lost\+found.” in your email, this usually means the system thinks you have a user account home directory in /usr/local and this user is allowed to ssh to your server.

If there is a system account, make sure you change the shell to /sbin/nologin or /bin/false. In order for the changes to take effect, run

semodule -B

0 Comments Leave a comment

PHP Fatal error: Allowed memory size of xxxxx bytes exhausted

Posted by Jason Web Hosting Wednesday 8 April 2009 2:06 pm

You may see the error message “PHP Fatal error:  Allowed memory size of xxxxx bytes exhausted (tried to allocate xxxxxxx bytes) in Unknown on line 0″ while accessing some php pages which indicates that those php files requires more memory for it to execute than the one specified in php.ini file. If the memory_limit value is manipulated in server side php.ini file, it will be applied to all the php files server side.

In order to overcome the error without modifying the server side php.ini file, you need to use the ini_set function to increase the memory limit inserting the following code in the php file itself. Keep on increasing the memory limit unless the error disappears.

ini_set(”memory_limit”,”64M”);

0 Comments Leave a comment

HowTo: Mod_Security Installation on Linux/Plesk server

Posted by Jason Web Hosting Monday 17 November 2008 9:37 pm

The following is a step by step guide on “How to install Mod_security2 on a Linux/Plesk server” which is use to secure your server from Apache exploits.

First download and extract mod_security
cd /etc/httpd/
wget http://www.modsecurity.org/download/modsecurity-apache_2.5.7.tar.gz
tar -zxf modsecurity-apache_2.5.7.tar.gz
cd modsecurity-apache_2.5.7/apache2

Next compile mod_security at a module using apxs. BTW, APXS is an Apache tool for building Apache modules.
apxs -cia mod_security2.c

you may realise you don’t have the apxs on your server, in that case you will have to install httpd-devel package using yum.
yum install httpd-devel

Once mod_security2 is installed, make sure you have the ‘LoadModule‘ line in your Apache configuration (httpd.conf) file and the module “mod_security2.so” itself under ‘modules’ directory.

LoadModule security2_module modules/mod_security2.so

Now, create a modsecurity configuration file as modsecurity.conf under /etc/httpd/conf.d/ directory, as *.conf in the conf.d directory gets loaded. Below is the sample configuration file you may use:

#SecFilterEngine DynamicOnly
SecFilterEngine On
SecFilterDefaultAction “deny,log,status:500″
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies On
SecFilterCookieFormat 1
SecServerResponseToken Off

#If you want to scan the output, uncomment these
#SecFilterScanOutput On
#SecFilterOutputMimeTypes “(null) text/html text/plain”

# Only record the interesting stuff
SecAuditEngine RelevantOnly
SecAuditLog /var/log/modsecurity/audit_log

# You normally won’t need debug logging
SecFilterDebugLevel 0
SecFilterDebugLog /var/log/modsecurity/modsec_debug_log

#Include the sample rule files, you just downloaded
Include /etc/httpd/conf.d/apache2-rules.conf*
Include /etc/httpd/conf.d/badips.conf*
Include /etc/httpd/conf.d/blacklist.conf*
Include /etc/httpd/conf.d/blacklist2.conf*
Include /etc/httpd/conf.d/proxy.conf*
Include /etc/httpd/conf.d/rootkits.conf*
Include /etc/httpd/conf.d/rules.conf*

Download the sample rules from
wget http://hostanswers.net/modsecurity/sample_mod_rules.tar.gz

Please note: These are just the default rules that come with Mod_security2 and you need to modify them as per your needs.

At the end, make sure you create a modsecurity directory and ‘audit_log’ file and restart apache.
mkdir /var/log/modsecurity
touch /var/log/modsecurity/audit_log
service httpd restart

If you have problems accessing websites look at error log at
/etc/httpd/logs/audit_log

Just FYI, if you wish to disable mod_security, just comment the modsecurity ‘LoadModule’ line in your Apache configuration file and restart apache.

0 Comments Leave a comment

« Older Entries

Categories

Archives

Web Hosting Blogroll