Oracle Linux6安装服务器安全狗、Nginx版网站安全狗
服务器的信息:
[root@oracle-linux6 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.9 (Santiago)
[root@oracle-linux6 ~]#
[root@oracle-linux6 ~]# cat /etc/issue |head -1
Oracle Linux Server release 6.9
[root@oracle-linux6 ~]#
[root@oracle-linux6 ~]# uname -r
4.1.12-61.1.28.el6uek.x86_64
[root@oracle-linux6 ~]# hostname
oracle-linux6.9
[root@oracle-linux6 ~]# cat /etc/sysconfig/network |tail -1
HOSTNAME=oracle-linux6.9
[root@oracle-linux6 ~]# ifconfig eth0 |grep "inet addr" |awk '{print $2}' |awk -F: '{print $2}'
192.168.168.135
下载nginx-1.10.0.tar.gz:https://pan.baidu.com/s/1K2yEskROiqYBNGZJ3DViGA
安装Nginx:
yum -y install pcre-devel openssl-devel zlib-devel gcc-c++ make elinks lsof
useradd -M -s /sbin/nologin nginx
tar -zxvf nginx-1.10.0.tar.gz
cd nginx-1.10.0
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-http_ssl_module && make && make install
ln -sf /usr/local/nginx/sbin/nginx /usr/sbin/
### 开机自动运行Nginx
[root@oracle-linux6 ~]# vi /etc/init.d/nginx
#!/bin/bash
#chkconfig: 35 99 20
#description:Nginx Service Control Script
case "$1" in
start)
/usr/local/nginx/sbin/nginx
;;
stop)
/usr/bin/killall -s QUIT nginx
;;
restart)
$0 stop
$0 start
;;
*)
echo "Usage:$0 {start|stop|restart}"
exit 1
esac
exit 0
[root@oracle-linux6 ~]# chmod a+x /etc/init.d/nginx
[root@oracle-linux6 ~]# chkconfig --add nginx
启动Nginx:
[root@oracle-linux6 ~]# service nginx start
查看Nginx的进程:
[root@oracle-linux6 ~]# ps -ef |grep nginx |grep -v grep
root 4733 1 0 23:51 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx 4734 4733 0 23:51 ? 00:00:00 nginx: worker process
开机自动启动Nginx:
[root@oracle-linux6 ~]# chkconfig --level 35 nginx on
[root@oracle-linux6 ~]# chkconfig --list nginx
nginx 0:关闭 1:关闭 2:关闭 3:启用 4:关闭 5:启用 6:关闭
查看Nginx的版本:
[root@oracle-linux6 ~]# nginx -v
nginx version: nginx/1.10.0
[root@oracle-linux6 ~]# nginx -V
nginx version: nginx/1.10.0
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-http_ssl_module
服务器本地测试Nginx:
[root@oracle-linux6 ~]# elinks 127.0.0.1
[root@oracle-linux6 ~]# lsof -nP -iTCP:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 4733 root 6u IPv4 15718 0t0 TCP *:80 (LISTEN)
nginx 4734 nginx 6u IPv4 15718 0t0 TCP *:80 (LISTEN)
要安装一些依赖软件包:
[root@oracle-linux6 ~]# yum -y install wget zlib-devel libtool ncurses-devel libxml2-devel mlocate lsof dmidecode
关闭SELinux:
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
重启服务器:
init 6
去官网下载最新的安全狗软件包:
[root@oracle-linux6 ~]# wget http://down.safedog.cn/safedog_linux64.tar.gz
安装安全狗软件:(这是64位软件)
tar -zxvf safedog_linux64.tar.gz
cd safedog_an_linux64_2.8.21207/
chmod a+x *.py
[root@oracle-linux6 safedog_an_linux64_2.8.21207]# ./install.py
extracting files ...
Warning: Web defense module will restart web process during installation!!:
Web defense module select: 1.apache 2.nginx . Input(Ctrl-C to skip web defense module installation): 2 #输入2,按回车键
step 1/3, start install common lib [ok]
step 2/3, start Install Server Defense Module
step 2.1, checking os release version... [ok]
step 2.2, installing file... [ok]
step 2.3, start service... [ok]
step 2.4, save safedog install info...
Tips:
(1)safedog install directory: /etc/safedog
(2)install safedog version: 2.8.21207
install safedog completely
step 3/3, start install Nginx Defense Module..
step 3.1, Nginx exe path:/usr/local/nginx/sbin/nginx
step 3.2, download nginx.. [ok]
step 3.3, copy libraries [ok]
step 3.4, copy bin and set boot [ok]
step 3.5, start the nginx server.. [ok]
Tips:
(1)If you want to change the configuration of nginx defense module, please modify the files in /etc/safedog/nginx/conf;
(2)If you want to check nginx defense module log, please use command: sdalog -n;
(3)If nginx defense module is failed to use, you can try to restart Nginx.
send command to server ok.
Installation is complete!
备注:安装Nginx版网站安全狗时,要连公网。
safedog install directory:
/etc/safedog
nginx defense module directory:
/etc/safedog/nginx/conf
备注:
安全狗默认会随操作系统的启动而自动启动的;
如无特殊要求,服务器安全狗、网站安全狗里的规则保持默认即可;
查看安全狗是否运行中:(运行时的效果)
[root@oracle-linux6 ~]# service safedog status
safedog service is running
[root@oracle-linux6 ~]#
[root@oracle-linux6 ~]# ps -ef |grep sdsvrd |grep -v grep
root 2111 2099 7 Feb15 ? 00:00:24 sdsvrd -d
可运行命令sdui进入操作界面:
[root@oracle-linux6 ~]# sdui
[Firewall]->NetFireWall
备注:DDOS Firewall、CC Attack Defense默认是开启的。
安装Nginx版网站安全狗后,Nginx的版本会发生变化:
[root@oracle-linux6 ~]# nginx -v
safedog-nginx-waf version/2.4
developed by www.safedog.cn
nginx version: nginx/1.10.2
[root@oracle-linux6 ~]# nginx -V
safedog-nginx-waf version/2.4
developed by www.safedog.cn
nginx version: nginx/1.10.2
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-46)
built with OpenSSL 1.0.2k 26 Jan 2017
TLS SNI support enabled
configure arguments: --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-ipv6 --with-http_auth_request_module --with-http_v2_module --with-pcre=../3th_lib/pcre-8.40 --with-openssl=../3th_lib/openssl-1.0.2k --with-cc-opt=-I../../../../Plugin_tag_before_yunyu/NginxSiteShield --with-ld-opt='-Wl,-rpath=/etc/safedog/libs/nginx -Wl,-rpath=/etc/safedog/libs/sdcommon -Wl,-rpath=/etc/safedog/libs/sdcc -Wl,-dynamic-linker=/etc/safedog/libs/sdcommon/ld-linux.so.2 -lstdc++ -lnginx_safedog_plugin -lWPCPlugin -lcurl -liconv -lSPModule -llog4cplus' _fuyun --add-module=../module/3rd_part_module/ngx_cache_purge-2.3 --add-module=../module/3rd_part_module/nginx_upstream_check_module-master --add-module=../module/3rd_part_module/ngx_http_accounting_module-master --add-module=../module/3rd_part_module/testcookie-nginx-module-master
服务器加入服云,参考:Oracle Linux6安装服务器安全狗、Apache版网站安全狗
刷新页面,理应就可以看到新添加的服务器了:
安全管理》服务器管理
注释:可以看到服务器的公网IP、内网IP。
服务器安全防护:
网站安全防护:(安装了网站安全狗才会有以下选项)
备注:漏洞防护要设置为“记录并拦截”
网站防护》HTTP安全检测:
测试Nginx版网站安全狗的HTTP安全检测功能:
http://192.168.168.135/?order%20by
在服务器上查看Nginx版网站安全狗的防护日志:
[root@oracle-linux6 ~]# sdalog -n
Total 3 records!
Time |Type |AttackIP |FullUrl |AttackContent |PhysicalPath
2021-02-16 00:07:18 |SQL injection |192.168.168.138 |192.168.168.135/?order%20by |防止order by函数利用,可疑内容:192.168.16.. |
2021-02-16 00:08:21 |SQL injection |192.168.168.138 |192.168.168.135/?order%20by |防止order by函数利用,可疑内容:192.168.16.. |
2021-02-16 00:09:55 |SQL injection |192.168.168.138 |192.168.168.135/?order%20by |防止order by函数利用,可疑内容:192.168.16.. |
网站防护》上传防护:
Nginx版网站安全狗对应的上传防护配置文件:
[root@oracle-linux6 ~]# cat /etc/safedog/nginx/conf/WPCDefTrojan.conf
[Trojan]
ChkTrojan=1
NeedSendInterceptPage=0
NeedSendInterceptPageUploadForbidExt=0
NeedSendInterceptPageOtherOptionRequest=0
NeedSendInterceptPageWebTrojan=0
NeedSendInterceptPageHangTrojan=0
SpeSiteCount=0
WhitePathCount=0
ChkWTBrowsyFile=1
Resource=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|jsp|php
ChkForbidPostExt=1
ForbidPostExt=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|dll|exe|jsp|php
ChkHTCookie=0
ChkHTPost=0
ChkHTUrl=0
SendAlert=1
ForbidOtherRequests=0
ChkCommaLeakStatus=0
相关文章:
CentOS6安装服务器安全狗、Nginx版网站安全狗
CentOS6_Nginx反向代理+Nginx版网站安全狗
#################################
#################################
亲,学习研究也要劳逸结合哦,来我微店逛逛,买点东西好好犒劳犒劳自己和家人吧^_^^_^
正品飞科电动剃须刀FS868全身水洗充电式男士电动胡须刮胡刀
飞科剃须刀正品FS370电动递刮胡刀男士充电式剃须刀胡须刀剃须刀
飞科正品男士电动剃须刀FS876充电式刮胡刀即插即用刮胡剃须刀
|