Board logo

标题: CentOS8安装服务器安全狗、Apache版网站安全狗 [打印本页]
作者: admin    时间: 2020-2-3 20:59     标题: CentOS8安装服务器安全狗、Apache版网站安全狗

笺注:这是在 CentOS8安装LAMP+phpMyAdmin 的基础上进行的。 Apache的版本: [root@centos8 ~]# httpd -v Server version: Apache/2.4.37 (centos) Server built: Jun 8 2020 20:14:33 关闭SELinux: sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 重启服务器: reboot 安装一些依赖软件包: yum -y install wget zlib-devel libtool ncurses-devel libxml2-devel mlocate lsof dmidecode 去官网下载最新的安全狗软件包: wget http://down.safedog.cn/safedog_linux64.tar.gz 安装安全狗软件:(这是64位软件) tar -zxvf safedog_linux64.tar.gz cd safedog_an_linux64_2.8.21207/ chmod a+x *.py [root@centos8 safedog_an_linux64_2.8.21207]# ./install.py /usr/bin/env: “python”: 没有那个文件或目录 解决方法: yum -y install python2 ln -s /usr/bin/python2 /usr/bin/python [root@centos8 safedog_an_linux64_2.8.21207]# ./install.py Need system command 'netstat' to install safedog for linux. Installation aborted! 解决方法: yum -y install net-tools [root@centos8 safedog_an_linux64_2.8.21207]# ./install.py Need system command 'killall' to install safedog for linux. Installation aborted! 解决方法: yum -y install psmisc 正式安装:(以下是安装Apache版网站安全狗) [root@centos8 safedog_an_linux64_2.8.21207]# ./install.py extracting files ... Warning: Web defense module will restart web process during installation!!: Web defense module select: 1.apache 2.nginx . Input(Ctrl-C to skip web defense module installation): 1 step 1/3, start install common lib [ok] step 2/3, start Install Server Defense Module step 2.1, checking os release version... [ok] step 2.2, installing file... [ok] step 2.3, start service... [ok] step 2.4, save safedog install info... Tips: (1)safedog install directory: /etc/safedog (2)install safedog version: 2.8.21207 install safedog completely step 3/3, start install Apache Defense Module.. step 3.1, start install Apache Defend Module... step 3.2, copy libraries [ok] step 3.3, copy bin [ok] step 3.4, Install apache defense module succeed.. [ok] step 3.5, restart the apache server..send command to server ok. [ok] Tips: (1)If you want to change the configuration of apache defense module, please modify the files in /etc/safedog/apache/conf; (2)If you want to check apache defense module log, please use command: sdalog; (3)If apache defense module is failed to use, you can try to restart Apache service. Installation is complete! safedog install directory: /etc/safedog 图片1.png apache defense module directory: /etc/safedog/apache/conf 图片2.png 备注: 安全狗默认会随操作系统的启动而自动启动的; 如无特殊要求,服务器安全狗、网站安全狗里的规则保持默认即可; 查看安全狗是否运行中:(运行时的效果) [root@centos8 ~]# service safedog status safedog service is running [root@centos8 ~]# [root@centos8 ~]# pgrep -l sdsvrd 9091 sdsvrd 关闭安全狗: [root@centos8 ~]# service safedog stop stop sdsvrd server ### safedog serivce stopped! [root@centos8 ~]# [root@centos8 ~]# pgrep -l sdsvrd [root@centos8 ~]# 重启安全狗: [root@centos8 ~]# service safedog restart [root@centos8 ~]# [root@centos8 ~]# pgrep -l sdsvrd 11544 sdsvrd 可运行命令sdui进入操作界面: [root@centos8 ~]# sdui 图片3.png 图片4.png [Firewall]->NetFireWall 图片5.png 备注:DDOS Firewall、CC Attack Defense默认是开启的。 [Firewall]->NetFireWall->DDOS Firewall[Setting] 图片6.png [Firewall]->NetFireWall->CC Attack Defense[Setting] 图片7.png 测试Apache版网站安全狗的防护功能: http://192.168.168.154/?order%20by 图片8.png 在服务器上查看Apache版网站安全狗的防护日志: [root@centos8 ~]# sdalog Total 2 records! Time |Type |AttackIP |FullUrl |AttackContent |PhysicalPath 2021-02-22 16:54:01 |SQL injection |192.168.168.138 |192.168.168.154/?order%20by |防止order by函数利用,可疑内容:192.168.16.. | 2021-02-22 16:54:23 |SQL injection |192.168.168.138 |192.168.168.154/?order%20by |防止order by函数利用,可疑内容:192.168.16.. | ###### Apache版网站安全狗的上传防护配置文件: [root@centos8 ~]# cat /etc/safedog/apache/conf/WPCDefTrojan.conf [Trojan] SpeSiteCount=0 WhitePathCount=0 ChkWTBrowsyFile=1 Resource=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|jsp|php IgnoreFileSize=1048576 ChkForbidPostExt=1 ForbidPostExt=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|dll|exe|jsp|php ChkWTPost=0 ChkHTCookie=0 ChkHTPost=0 ChkHTUrl=0 SendAlert=1 ForbidOtherRequests=1 NeedSendInterceptPage=1 假如不允许在网站上传后缀为.png的文件: [root@centos8 ~]# cat /etc/safedog/apache/conf/WPCDefTrojan.conf [Trojan] SpeSiteCount=0 WhitePathCount=0 ChkWTBrowsyFile=1 Resource=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|jsp|php IgnoreFileSize=1048576 ChkForbidPostExt=1 ForbidPostExt=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|dll|exe|jsp|php|png ChkWTPost=0 ChkHTCookie=0 ChkHTPost=0 ChkHTUrl=0 SendAlert=1 ForbidOtherRequests=1 NeedSendInterceptPage=1 重启安全狗: [root@centos8 ~]# service safedog restart 测试: 在discuz!上传后缀为.png的文件:(本来是可以的) 图片9.png 备注:实验中,后缀为.png的文件无法上传,但不影响其他类型的文件上传。 在服务器上查看Apache版网站安全狗的防护日志: [root@centos8 ~]# sdalog Total 3 records! Time |Type |AttackIP |FullUrl |AttackContent |PhysicalPath 2021-02-22 16:54:01 |SQL injection |192.168.168.138 |192.168.168.154/?order%20by |防止order by函数利用,可疑内容:192.168.16.. | 2021-02-22 16:54:23 |SQL injection |192.168.168.138 |192.168.168.154/?order%20by |防止order by函数利用,可疑内容:192.168.16.. | 2021-02-22 17:39:25 |upload forbit |192.168.168.138 |192.168.168.154/discuz/misc.php?mod=sw.. |禁止上传特定类型文件:图片12.png 笺注:CentOS8也可以加入安全狗的服云,可参考:CentOS6安装服务器安全狗、Apache版网站安全狗 ################################# ################################# 亲,学习研究也要劳逸结合哦,来我微店逛逛,买点东西好好犒劳犒劳自己和家人吧^_^^_^ 苏泊尔电压力锅家用智能5L高压饭煲特价 dianfanbao.png 苏泊尔电磁炉火锅家用智能正品学生电池炉灶特价炒菜 diancilu.png 苏泊尔电蒸锅多功能家用蒸气锅三层大容量电蒸笼蒸锅蒸菜自动断电 dianzhengguo.png

图片附件: dianzhengguo.png (2020-4-12 08:19, 402.44 KB) / 下载次数 68
http://blog.zhuohua.store/attachment.php?aid=6177&k=26775c250caf42776681e26fa5af3c5a&t=1714135438&sid=ZxXiQS



图片附件: dianfanbao.png (2020-4-12 08:19, 427.46 KB) / 下载次数 71
http://blog.zhuohua.store/attachment.php?aid=6178&k=c23bc4a5f0f92af8ee1fda83393bbbbe&t=1714135438&sid=ZxXiQS



图片附件: diancilu.png (2020-4-12 08:19, 480.76 KB) / 下载次数 70
http://blog.zhuohua.store/attachment.php?aid=6179&k=e9eb199620f5934983bae7591bff2a26&t=1714135438&sid=ZxXiQS



图片附件: 图片1.png (2021-2-22 19:06, 108 KB) / 下载次数 138
http://blog.zhuohua.store/attachment.php?aid=15580&k=6da0037ff0b704616a98ef4b92b82f84&t=1714135438&sid=ZxXiQS



图片附件: 图片2.png (2021-2-22 19:06, 338.41 KB) / 下载次数 130
http://blog.zhuohua.store/attachment.php?aid=15581&k=e31fec755e0d22ec12a8380418044f61&t=1714135438&sid=ZxXiQS



图片附件: 图片3.png (2021-2-22 19:08, 81.72 KB) / 下载次数 142
http://blog.zhuohua.store/attachment.php?aid=15582&k=6748b97440e39d2815bd416cb8e795e2&t=1714135438&sid=ZxXiQS



图片附件: 图片4.png (2021-2-22 19:08, 48.93 KB) / 下载次数 131
http://blog.zhuohua.store/attachment.php?aid=15583&k=fc27edb1806a6de0243f6aad52e5eaf4&t=1714135438&sid=ZxXiQS



图片附件: 图片5.png (2021-2-22 19:08, 50.32 KB) / 下载次数 130
http://blog.zhuohua.store/attachment.php?aid=15584&k=ca5ed07642f923ee245d0078f7e8ff5b&t=1714135438&sid=ZxXiQS



图片附件: 图片6.png (2021-2-22 19:08, 49.6 KB) / 下载次数 130
http://blog.zhuohua.store/attachment.php?aid=15585&k=9f75c72283e19e47f5c81d5f58db54a9&t=1714135438&sid=ZxXiQS



图片附件: 图片7.png (2021-2-22 19:09, 78.04 KB) / 下载次数 126
http://blog.zhuohua.store/attachment.php?aid=15586&k=c229d3b439d489451ca4f20bc6794835&t=1714135438&sid=ZxXiQS



图片附件: 图片8.png (2021-2-22 19:09, 95.24 KB) / 下载次数 144
http://blog.zhuohua.store/attachment.php?aid=15587&k=1236e68fce89b80ae2ca101086e979e9&t=1714135438&sid=ZxXiQS



图片附件: 图片9.png (2021-2-22 19:11, 39.41 KB) / 下载次数 140
http://blog.zhuohua.store/attachment.php?aid=15588&k=df7bc7be898332aa3232cb31ef1e4159&t=1714135438&sid=ZxXiQS





欢迎光临 blog.zhuohua.store (http://blog.zhuohua.store/) Powered by Discuz! 7.2