What is Suhosin?

Suhosin is an advanced protection  for PHP5 installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in independent parts, that can be used separately or in combination.

Suhosin is a great and simple way of increasing your security protection without having a immense impact on overall performance.

In this tutorial I will cover the installation and configuration of Suhosin on Debian Squeeze. I will also assume that you already have apache2 and php2 setup using this tutorial:How to install apache2, mysql5 and php5 on debian squeeze

1. Install Suhosin on Debian Squeeze:

Installation of suhosin on Debian Squeeze is simple.

apt-get update && apt-get install php5-suhosin

2. Configuring Suhosin:

The configuration file on Debian Squeeze is located in /etc/php5/conf.d/suhosin.ini.

Continue Reading…

Everyone loves using services like Dropbox or Boxnet. Half of us do have hardware laying around that we’d love to convert into our own cloud server but never came across the right software.

In this tutorial i’ll show you how to create your own cloud server:

Step1. Install depencencies need for cloud server:

apt-get install apache2 php5 php5-sqlite php5-json

optional dependencies: apt-get install mp3info curl libcurl3 libcurl3-dev php5-curl zip

Step2. Download ownCloud from owncloud.org:

You can download it from here: http://gitorious.org/owncloud/owncloud/archive-tarball/master

or from repository: git clone git://gitorious.org/owncloud/owncloud.git

Step3. Extract the archive using tar and copy the content to /var/www:

Continue Reading…

Percona is glad to announce the release of Percona Server 5.1.60-13.1 on December 16, 2011 (Downloads are available from Percona Server 5.1.60-13.1 downloads and from the Percona Software Repositories).

Based on MySQL 5.1.60, including all the bug fixes in it, Percona Server 5.1.60-13.1 is now the current stable release in the 5.1 series. All of Percona ‘s software is open-source and free, all the details of the release can be found in the 5.1.60-13.1 milestone at Launchpad.

Bug Fixes

  • SHOW SLAVE STATUS could give incorrect output with master-master replication and using SET user variables. This could only occur with a sever having both master-master replication and --log-slave-updates enabled. This is also filed in MySQL bug tracker, but not fixed in upstream MySQL at the time of this Percona Server release. Bug Fixed: #860910 (Alexey Kopytov)
  • MyISAM repair-by-sort buffer cannot be more than 4GB even on 64bit architectures. With this bug fix, both the server option --myisam-sort-buffer-size and the |myisamchk| --sort-buffer-size can be set to values over 4GB on 64bit systems. For users with large MyISAM tables, this could be a great improvement in |myisamchk|, CREATE INDEX and ALTER TABLE performance. Bug Fixed: #878404 (Alexey Kopytov)
  • The atomic operations used in Response Time Distribution on 32bit systems could (in theory) be optimized incorrectly by the compiler. This has not been observed in the wild and may only be an issue with future compilers. With this bug fixed, we have corrected the inline assembly to always produce correct compiled code even if future compilers implement new optimizations. Bug Fixed:#878022 (Laurynas Biveinis)
  • GCC 4.6 has expanded diagnostics and compiler warnings. We have audited and fixed these warnings for Percona Server 5.1, finding that the warnings were benign. Bug Fixed #878164(Laurynas Biveinis)

Step1. Install ProFTPd:

apt-get install proftpd-basic

During installation you can choose to install as an inetd service,or a standalone server.  You will choose to install as Standalone  server.

Step2. Copy and rename the original configuration file for backup:

cp /etc/proftpd/proftpd.conf /etc/proftpd/proftpd.conf.bak

Step3. Edit the proftpd.conf file:

nano /etc/proftpd/proftpd.conf

And now change the following:

Continue Reading…

In the following tutorial  i will explain the installation of the apache2 module “mod_evasive“.
Mod_evasive tracks the number of requests for files on the Apache2  server and blocks the delivery in case a certain limit is reached.

Step1. Install mod_evasive module:

apt-get install libapache2-mod-evasive

Step2. Create the log directory for mod_evasive:

mkdir -p /var/log/apache2/evasive

NOTE: Make sure the www-data user will have access to create logs:

chown -R www-data:root /var/log/apache2/evasive

Step3. Now edit the configuration file for the module 0 located in /etc/apache2/mods-available/mod-evasive.load like this:

vim /etc/apache2/mods-available/mod-evasive.load

After edit the file will look  like this:

LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
 <IfModule  mod_evasive20.c>
 DOSHashTableSize 3097
 DOSPageCount 5
 DOSSiteCount 120
 DOSPageInterval 1.5
 DOSSiteInterval 1.5
 DOSBlockingPeriod 10
 DOSLogDir "/var/log/apache2/evasive"
 </IfModule>

This config seems to be optimal for me.

Step4. Enable the module and restart apache:

a2enmod mod-evasive
 /etc/init.d/apache2 restart

 

Page 2 of 3123