CentOS6安装服务器安全狗、Apache版网站安全狗
笺注:这是在 [url=http://blog.zhuohua.store/viewthread.php?tid=311&extra=page%3D1]LNMP一键安装包(lamp_Apache2.4用户验证+phpMyAdmin)[/url] 的基础上进行的。要安装一些依赖软件包:
[root@localhost ~]# yum -y install wget zlib-devel libtool ncurses-devel libxml2-devel mlocate lsof dmidecode
关闭SELinux:
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
重启服务器:
reboot
去官网下载最新的安全狗软件包:
[root@localhost ~]# wget http://down.safedog.cn/safedog_linux[color=Blue]64[/color].tar.gz
安装安全狗软件:(这是64位软件)
tar -zxvf safedog_linux[color=Blue]64[/color].tar.gz
cd safedog_an_linux[color=Blue]64[/color]_2.8.21207/
chmod a+x *.py
[root@localhost safedog_an_linux64_2.8.21207]# [color=DarkRed]./install.py[/color]
extracting files ...
Warning: Web defense module will restart web process during installation!!:
Web defense module select: [color=Blue]1.apache[/color] 2.nginx . Input(Ctrl-C to skip web defense module installation): [color=Blue]1[/color] [color=DarkRed]#输入1,按回车键[/color]
step 1/3, start install common lib [ok]
step 2/3, start Install Server Defense Module
step 2.1, checking os release version... [ok]
step 2.2, installing file... [ok]
step 2.3, start service... [ok]
step 2.4, save safedog install info...
Tips:
(1)safedog install directory: [color=Purple]/etc/safedog [/color]
(2)install safedog version: [color=Purple]2.8.21207 [/color]
[color=Purple]install safedog completely[/color]
step 3/3, start install Apache Defense Module..
step 3.1, start install Apache Defend Module...
step 3.2, copy libraries [ok]
step 3.3, copy bin [ok]
step 3.4, Install apache defense module succeed.. [ok]
step 3.5, restart the apache server..send command to server ok.
[ok]
Tips:
(1)If you want to change the configuration of apache defense module, please modify the files in [color=Purple]/etc/safedog/apache/conf[/color];
(2)If you want to check apache defense module log, please use command: sdalog;
(3)If apache defense module is failed to use, you can try to restart Apache service.
[color=Purple]Installation is complete![/color]
safedog install directory:
[color=Blue]/etc/safedog [/color]
[attach]15407[/attach]
apache defense module directory:
[color=Blue]/etc/safedog/apache/conf[/color]
[attach]15408[/attach]
备注:
安全狗默认会随操作系统的启动而自动启动的;
如无特殊要求,服务器安全狗、网站安全狗里的规则保持默认即可;
查看安全狗是否运行中:(运行时的效果)
[root@localhost ~]# service safedog status
[color=Purple]safedog service is running[/color]
[root@localhost ~]#
[root@localhost ~]# ps aux |grep [color=Blue]sdsvrd[/color] |grep -v grep
[color=Purple]root 2534 1.2 2.9 724252 29364 ? Sl 09:26 0:11 sdsvrd -d[/color]
关闭安全狗:
[root@localhost ~]# service safedog stop
[color=Purple]stop sdsvrd server #####
safedog serivce stopped![/color]
[root@localhost ~]# ps aux |grep [color=Blue]sdsvrd[/color] |grep -v grep
[root@localhost ~]#
启动安全狗:
[root@localhost ~]# service safedog start
[root@localhost ~]# service safedog status
[color=Purple]safedog service is running[/color]
[root@localhost ~]#
[root@localhost ~]# ps aux |grep [color=Blue]sdsvrd[/color] |grep -v grep
[color=Purple]root 7456 15.6 2.9 731572 29328 ? Sl 09:45 0:01 sdsvrd -d[/color]
可运行命令[color=Blue]sdui[/color]进入操作界面:
[root@localhost ~]# [color=Blue]sdui[/color]
[attach]15409[/attach]
[Firewall]->NetFireWall
[attach]15410[/attach]
备注:DDOS Firewall、CC Attack Defense默认是开启的。
测试Apache版网站安全狗的防护功能:
http://192.168.168.130[color=Blue]/?order%20by[/color]
[attach]15411[/attach]
在服务器上查看Apache版网站安全狗的防护日志:
[root@localhost ~]# [color=Blue]sdalog[/color]
[color=Purple]Total 1 records!
Time |Type |AttackIP |FullUrl |AttackContent |PhysicalPath
2021-02-15 09:49:26 |SQL injection |192.168.168.128 |192.168.168.130/?order%20by |防止order by函数利用,可疑内容:192.168.16.. | [/color]
######
加入服云,告别Linux传统字符界面,Windows客户端可通过浏览器管理安全狗:
http://www.safedog.cn
[attach]15412[/attach]
登录后,来到主页:
[attach]15413[/attach]
在主页右边点击 [color=Blue]下载证书[/color]
[attach]15414[/attach]
下载文件:[color=Blue]safedog_user.psf[/color]
[attach]15415[/attach]
把证书放到服务器的指定目录上:
[root@localhost ~]# mv [color=Blue]safedog_user.psf[/color] /etc/safedog/sdcc/
[root@localhost ~]# ll /etc/safedog/sdcc/
[attach]15416[/attach]
刷新页面,理应就可以看到新添加的服务器了:
安全管理》服务器管理:
[attach]15417[/attach]
注释:可以看到服务器的公网IP、内网IP。
服务器安全防护:
[attach]15418[/attach]
[attach]15419[/attach]
网站安全防护:(安装了网站安全狗才会有以下选项)
[attach]15420[/attach]
当发现有人恶意攻击自己的网站时,可以把其IP地址添加到“黑名单IP”:
安全管理》安全防护设置》IP黑名单设置:
[attach]15421[/attach]
[attach]15422[/attach]
[attach]15423[/attach]
完成的效果:
[attach]15424[/attach]
使用“黑名单IP”里的IP地址的用户将无法访问网站,效果如下:
http://192.168.168.130/
或
http://192.168.168.130/phpmyadmin/
[attach]15425[/attach]
以上“黑名单IP”对应的Apache版网站安全狗的配置文件:
[root@localhost ~]# cd /etc/safedog/[color=Blue]apache[/color]/conf
[root@localhost conf]# cat WPCBlackIP.conf
[BlackIP]
ChkBlackIP=1
SendAlert=1
Count=[color=DarkRed]1[/color]
BlackIP0=[color=Blue]192.168.168.128[/color];云端添加
添加IP地址添加到“白名单IP”:
安全管理》安全防护设置》IP白名单设置:
[attach]15426[/attach]
[attach]15427[/attach]
备注:白名单IP与黑名单IP不可重复。
[attach]15428[/attach]
完成的效果:
[attach]15429[/attach]
以上“白名单IP”对应的Apache版网站安全狗的配置文件:
[root@localhost ~]# cd /etc/safedog/[color=Blue]apache[/color]/conf
[root@localhost conf]# cat WPCWhiteIP.conf
[WhiteIP]
ChkWhiteIP=1
WhiteIPCount=[color=DarkRed]2[/color]
WhiteIP0=[color=Blue]192.168.168.138[/color];云端添加
WhiteIP1=[color=Blue]192.168.168.136[/color];云端添加
使用“白名单IP”里的IP地址的用户进行操作时,不会被Apache版网站安全狗误拦截:
http://192.168.168.130[color=Blue]/?order%20by[/color]
[attach]15430[/attach]
######
某台服务器退出服云:(不能删除在线的服务器,该服务器要先关机)
[attach]15431[/attach]
[attach]15432[/attach]
卸载服务器安全狗、Apache版网站安全狗:
[root@localhost ~]# cd /root/safedog_an_linux64_2.8.21207/
[root@localhost ~]# [color=DarkRed]./uninstall.py[/color]
Would you like to backup the files of isolation?[y/n](default:y):[color=Blue]n[/color]
remove files of isolation
Would you like to backup safedog logs?[y/n](default:y):[color=Blue]n[/color]
remove safedog logs
Collecting setup information [ok]
Uninstall Server Defense Module [ok]
Uninstall Server Defense Module Compeletely
remove load information in apache... [ok]
remove file of Apache Defense Module... [ok]
restart apache server... [ok]
uninstall apache defense module succeed..
Nginx Defense Module is not installed
Uninstall Common Module [ok]
[color=Purple]Uninstall completely![/color]
相关文章:
Nginx版网站安全狗配置黑/白名单IP可参考:[url=http://blog.zhuohua.store/viewthread.php?tid=242&page=1&extra=#pid245]服务器安全狗、Nginx版网站安全狗的日常维护[/url]
[url=http://blog.zhuohua.store/viewthread.php?tid=304&extra=page%3D1]CentOS8安装服务器安全狗、Apache版网站安全狗[/url]
[url=http://blog.zhuohua.store/viewthread.php?tid=341&page=1&extra=#pid418]Windows2012R2_网站安全狗(Apache版)[/url]
[url=http://blog.zhuohua.store/viewthread.php?tid=236&page=1&extra=#pid239]Oracle Linux6安装服务器安全狗、Apache版网站安全狗[/url]
[url=http://blog.zhuohua.store/viewthread.php?tid=32&page=1&extra=#pid32]CentOS6安装服务器安全狗、Nginx版网站安全狗[/url]
页:
[1]