A simple Bot trap using robots.txt

Setup a simple Bot Trap for your website or web application that can enhance the security of your server and prevent malicious bots or script kiddies from poking around by luring them into a trap and banning their a**es for x amount of minutes, or else.

[Read more...]

Fail2ban with PF on OpenBSD 5.2

This explains how to quickly setup the amazing fail2ban, which monitors your log files for activity you specify and performs certain actions once a threshold is reached. Simplest case: Monitor authlog for failed ssh login attempts, and ban the originating IP after a few tries.

[Read more...]

Chrooting Apache and PHP

General Information

Chrooting has been around for a long time now. Chrooting makes a program believe that the root of the file system is higher up in the hierarchy. For example, if I wanted to create a chroot in /chroot/httpd, a program executed from within the chroot would believe that “/chroot/httpd” was actually “/”. There in lies the beauty as the program can’t reach any files outside “/chroot/httpd”. Security of the server as a whole is increased due to the fact that the system binaries are off limits. In addition, chroots usually only have the bare minimum files inside, so exploits have a harder time breaking in.

[Read more...]

Secure Apache 1.3

General Information

Apache is the most popular web server in use today. But, not everybody that sets up their Apache server takes the necessary steps to secure it properly from intruders. This guide will show you some good security changes to make to your Apache installation.

[Read more...]

Protect Apache Directories

General Information

In order to password protect a website, or part of a website, we need to create a .htaccess file and a .htpasswd file. These are the files that Apache reads from to see who is allowed in the site. This guide will show you how to setup a website directory with password protection.

[Read more...]