Skip to main content
  1. Tags/

Security

2007


Apache: Disable TRACE and TRACK methods

·60 words·1 min
Lots of PCI Compliance and vulnerability scan vendors will complain about TRACE and TRACK methods being enabled on your server.

Enable SSL support in Postfix

·80 words·1 min
If you have postfix installed with OpenSSL support compiled in, you can enable SSL connections by editing two configuration files.

500 OOPS error from vsftpd

·226 words·2 mins
If you find yourself with the ever-so-peculiar 500 OOPS error from vsftpd when you attempt to login over SSH, there could be a few different things at play.

FreeBSD: Limiting closed port RST response

·115 words·1 min
One of the nifty things about FreeBSD’s kernel is that it will limit closed port RST responses, which, in layman’s terms, just means that if someone repeatedly hits a port that’s closed, the kernel won’t respond to all of the requests.

Install snort and BASE on FreeBSD

·567 words·3 mins
Installing snort from ports on FreeBSD is pretty straightforward, but there are some ‘gotchas’ that you need to be aware of.

Changing the default SSL certificate in Plesk

·221 words·2 mins
When Plesk is installed, the default certificate for the Plesk interface itself is a self-signed certificate that is generated during the installation.

Joomla and Plesk permissions

·134 words·1 min
Thanks to a highly awesome technician on my team, we’ve discovered the perfect permissions setup for Joomla and Plesk:

Relay access denied

·151 words·1 min
If you’re checking through your mail logs, or you catch a bounced e-mail with “554 relay access denied” in the bounce, the issue can be related to a few different things:

SSL connection to a non-secure port

·57 words·1 min
If you have weird SSL errors and this one appears, you are trying to speak SSL to a daemon that doesn’t understand it:

Disable SSH timeouts

·65 words·1 min
To pretty much completely disable SSH timeouts, simply adjust the following directives in /etc/ssh/sshd_config:

Disable SSLv2 in Lighttpd

·30 words·1 min
As with most things, turning off SSLv2 in Lighttpd is much easier than in Apache.

Reset MySQL root password

·92 words·1 min
If you’ve forgotten the root password for a MySQL server, but you know the system root, you can reset the MySQL root password pretty easily.

Forcing HTTPS with PHP

·22 words·1 min
To force HTTPS with a PHP script, just put this snippet near the top:

Disabling SSLv2 in Plesk

·59 words·1 min
To disable SSLv2 server-wide on a Plesk server, add this in your /etc/httpd/conf.

Hide Apache Version

·23 words·1 min
If you want to hide the current version of Apache and your OS, just replace

Finding compromised mail accounts in Plesk

·291 words·2 mins
If odd bounced e-mails are coming back to the server or the server is listed in a blacklist, some accounts may be compromised on the server.

Cisco Logging to RHEL

·111 words·1 min
If you have a Cisco device logging to RHEL, here’s all that’s necessary:

Verify that SSLv2 is disabled

·74 words·1 min
If you’re looking to get PCI/CISP compliance, or you just like better security, disable SSL version 2.

Plesk admin user can’t login

·47 words·1 min
Okay, so you’ve verified that the correct admin password is being used, but you still can’t login?

Securing MySQL

·419 words·2 mins
If you work on enough servers, you discover that a lot of people put the security of their MySQL server on the back burner.

2006


About Sticky Bits

·333 words·2 mins
Sticky bits help you take file permissions to the next level.

Rootkit Checks on RHEL

·206 words·1 min
If you think you have a rooted RHEL box, you’ll want to run the usual rkhunter, chkrootkit, and you will want to inspect for rogue processes.