CentOS6安装服务器安全狗、Apache版网站安全狗
笺注:这是在 LNMP一键安装包(lamp_Apache2.4用户验证+phpMyAdmin) 的基础上进行的。
要安装一些依赖软件包:
[root@localhost ~]# yum -y install wget zlib-devel libtool ncurses-devel libxml2-devel mlocate lsof dmidecode
关闭SELinux:
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
重启服务器:
reboot
去官网下载最新的安全狗软件包:
[root@localhost ~]# wget http://down.safedog.cn/safedog_linux64.tar.gz
安装安全狗软件:(这是64位软件)
tar -zxvf safedog_linux64.tar.gz
cd safedog_an_linux64_2.8.21207/
chmod a+x *.py
[root@localhost safedog_an_linux64_2.8.21207]# ./install.py
extracting files ...
Warning: Web defense module will restart web process during installation!!:
Web defense module select: 1.apache 2.nginx . Input(Ctrl-C to skip web defense module installation): 1 #输入1,按回车键
step 1/3, start install common lib [ok]
step 2/3, start Install Server Defense Module
step 2.1, checking os release version... [ok]
step 2.2, installing file... [ok]
step 2.3, start service... [ok]
step 2.4, save safedog install info...
Tips:
(1)safedog install directory: /etc/safedog
(2)install safedog version: 2.8.21207
install safedog completely
step 3/3, start install Apache Defense Module..
step 3.1, start install Apache Defend Module...
step 3.2, copy libraries [ok]
step 3.3, copy bin [ok]
step 3.4, Install apache defense module succeed.. [ok]
step 3.5, restart the apache server..send command to server ok.
[ok]
Tips:
(1)If you want to change the configuration of apache defense module, please modify the files in /etc/safedog/apache/conf;
(2)If you want to check apache defense module log, please use command: sdalog;
(3)If apache defense module is failed to use, you can try to restart Apache service.
Installation is complete!
safedog install directory:
/etc/safedog
apache defense module directory:
/etc/safedog/apache/conf
备注:
安全狗默认会随操作系统的启动而自动启动的;
如无特殊要求,服务器安全狗、网站安全狗里的规则保持默认即可;
查看安全狗是否运行中:(运行时的效果)
[root@localhost ~]# service safedog status
safedog service is running
[root@localhost ~]#
[root@localhost ~]# ps aux |grep sdsvrd |grep -v grep
root 2534 1.2 2.9 724252 29364 ? Sl 09:26 0:11 sdsvrd -d
关闭安全狗:
[root@localhost ~]# service safedog stop
stop sdsvrd server #####
safedog serivce stopped!
[root@localhost ~]# ps aux |grep sdsvrd |grep -v grep
[root@localhost ~]#
启动安全狗:
[root@localhost ~]# service safedog start
[root@localhost ~]# service safedog status
safedog service is running
[root@localhost ~]#
[root@localhost ~]# ps aux |grep sdsvrd |grep -v grep
root 7456 15.6 2.9 731572 29328 ? Sl 09:45 0:01 sdsvrd -d
可运行命令sdui进入操作界面:
[root@localhost ~]# sdui
[Firewall]->NetFireWall
备注:DDOS Firewall、CC Attack Defense默认是开启的。
测试Apache版网站安全狗的防护功能:
http://192.168.168.130/?order%20by
在服务器上查看Apache版网站安全狗的防护日志:
[root@localhost ~]# sdalog
Total 1 records!
Time |Type |AttackIP |FullUrl |AttackContent |PhysicalPath
2021-02-15 09:49:26 |SQL injection |192.168.168.128 |192.168.168.130/?order%20by |防止order by函数利用,可疑内容:192.168.16.. |
######
加入服云,告别Linux传统字符界面,Windows客户端可通过浏览器管理安全狗:
http://www.safedog.cn
登录后,来到主页:
在主页右边点击 下载证书
下载文件:safedog_user.psf
把证书放到服务器的指定目录上:
[root@localhost ~]# mv safedog_user.psf /etc/safedog/sdcc/
[root@localhost ~]# ll /etc/safedog/sdcc/
刷新页面,理应就可以看到新添加的服务器了:
安全管理》服务器管理:
注释:可以看到服务器的公网IP、内网IP。
服务器安全防护:
网站安全防护:(安装了网站安全狗才会有以下选项)
当发现有人恶意攻击自己的网站时,可以把其IP地址添加到“黑名单IP”:
安全管理》安全防护设置》IP黑名单设置:
完成的效果:
使用“黑名单IP”里的IP地址的用户将无法访问网站,效果如下:
http://192.168.168.130/
或
http://192.168.168.130/phpmyadmin/
以上“黑名单IP”对应的Apache版网站安全狗的配置文件:
[root@localhost ~]# cd /etc/safedog/apache/conf
[root@localhost conf]# cat WPCBlackIP.conf
[BlackIP]
ChkBlackIP=1
SendAlert=1
Count=1
BlackIP0=192.168.168.128;云端添加
添加IP地址添加到“白名单IP”:
安全管理》安全防护设置》IP白名单设置:
备注:白名单IP与黑名单IP不可重复。
完成的效果:
以上“白名单IP”对应的Apache版网站安全狗的配置文件:
[root@localhost ~]# cd /etc/safedog/apache/conf
[root@localhost conf]# cat WPCWhiteIP.conf
[WhiteIP]
ChkWhiteIP=1
WhiteIPCount=2
WhiteIP0=192.168.168.138;云端添加
WhiteIP1=192.168.168.136;云端添加
使用“白名单IP”里的IP地址的用户进行操作时,不会被Apache版网站安全狗误拦截:
http://192.168.168.130/?order%20by
######
某台服务器退出服云:(不能删除在线的服务器,该服务器要先关机)
卸载服务器安全狗、Apache版网站安全狗:
[root@localhost ~]# cd /root/safedog_an_linux64_2.8.21207/
[root@localhost ~]# ./uninstall.py
Would you like to backup the files of isolation?[y/n](default:y):n
remove files of isolation
Would you like to backup safedog logs?[y/n](default:y):n
remove safedog logs
Collecting setup information [ok]
Uninstall Server Defense Module [ok]
Uninstall Server Defense Module Compeletely
remove load information in apache... [ok]
remove file of Apache Defense Module... [ok]
restart apache server... [ok]
uninstall apache defense module succeed..
Nginx Defense Module is not installed
Uninstall Common Module [ok]
Uninstall completely!
相关文章:
Nginx版网站安全狗配置黑/白名单IP可参考:服务器安全狗、Nginx版网站安全狗的日常维护
CentOS8安装服务器安全狗、Apache版网站安全狗
Windows2012R2_网站安全狗(Apache版)
Oracle Linux6安装服务器安全狗、Apache版网站安全狗
CentOS6安装服务器安全狗、Nginx版网站安全狗 |