Archive for August, 2010

Disabling Dangerous PHP Functions

Tuesday, August 17th, 2010

PHP contains a lot of different functions that are used in various scripts however some of these functions are deemed insecure and could leave your dedicated server vulnerable to attacks from malicious users. Luckily PHP includes an option to disable some of it’s functions so it is possible to disable some of the dangerous functions that should never be used in a standard public facing website.

  1. Find the current PHP configuration file 
    php -i |grep php.ini
Configuration File (php.ini) Path /usr/lib
Loaded Configuration File /usr/local/lib/php.ini
  2. Edit the configuration file 
    nano /usr/local/lib/php.ini
  3. Search for “disable_functions” and add in the dangerous functions 
    disable_functions = "symlink,shell_exec,exec,system,popen,proc_close"
  4. Restart apache 
    service httpd restart

If you now attempt to use one of the functions that have been disabled you should get a PHP error. Please note that this function list is not complete and you should add in the functions that you wish to disable based on your scripts and what they require to operate properly.

Tags: , , , , ,
Posted in Linux, cPanel | No Comments »

Installing Xen on CentOS

Tuesday, August 17th, 2010

If you wish to install Xen on your dedicated server to support server virtualisation it is very simple with CentOS and only takes a matter of minutes.

  1. Disable SELinux 
    nano /etc/sysconfig/selinux
Change the SELINUX line to SELINUX=disabled
  2. Install Xen and the Xen Kernel 
    yum install xen kernel-xen
  3. Reboot your dedicated server 
    shutdown -r now
  4. Check the Xen kernel is now running 
    uname -a
  5. Check Xen is running 
    xm list

If the last 2 commands return correctly your dedicated server should now be running Xen and you are ready to start creating your virtual machines. If you have any problems with the installation or are unsure on some of the commands please contact our support department who will be happy to help.

Tags: , , ,
Posted in Linux | No Comments »

Installing CHKROOTKIT on a Linux Server

Tuesday, August 3rd, 2010

Chkrootkit or Check Rootkit is a common Linux security tool which will scan your server for any signs of rootkits or worms which could severely impact the security of your server if they are not removed. In this blog post we are going to cover installing chkrootkit on a dedicated server and configure it to run daily and e-mail the results to a system administrator.

  1. Login to SSH as a privileged user and change to our source directory 
    cd /usr/local/src
  2. Create the install directory 
    mkdir /usr/local/chkrootkit
  3. Download the latest version of chkrootkit 
    wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
  4. Extract the download 
    tar -xvzf chkrootkit.tar.gz
  5. Copy the contents to the install directory 
    mv /usr/local/src/chkrootkit*/* /usr/local/chkrootkit
  6. Clear up the source files 
    rm -rf /usr/local/src/chkrootkit*
  7. Change directory to the install 
    cd /usr/local/chkrootkit
  8. Compile chkrootkit 
    make sense
  9. Perform a test run 
    ./chkrootkit
  10. Add a cron job to run chkrootkit daily 
    nano /etc/cron.daily/chkrootkit
  11. Insert the following text into the file 
    #!/bin/sh
(
/usr/local/chkrootkit/chkrootkit
) | /bin/mail -s 'CHROOTKIT Daily Run (ServerNameHere)' email@domain.com
  12. Make the cronjob executable and secure 
    chmod 700 /etc/cron.daily/chkrootkit

Chkrootkit should now be installed on your server and you should get an e-mail report on the next daily cronjob run. If you do not receive anything then you may have configured something incorrectly.

ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

Tags: , , ,
Posted in Linux, cPanel | 1 Comment »