标题:
CentOS8_云锁+Nginx
[打印本页]
作者:
admin
时间:
2021-2-12 16:54
标题:
CentOS8_云锁+Nginx
服务器信息: [root@centos8 ~]# cat /etc/redhat-release
CentOS Linux release 8.2.2004 (Core)
[root@centos8 ~]# [root@centos8 ~]# uname -r 4.18.0-193.el8.x86_64 [root@centos8 ~]# hostname
centos8.zhuohua.store
[root@centos8 ~]# cat /etc/hostname
centos8.zhuohua.store
[root@centos8 ~]# ifconfig
-bash: ifconfig: 未找到命令
[root@centos8 ~]# [root@centos8 ~]# yum -y install net-tools [root@centos8 ~]# ifconfig
ens160
|grep netmask |awk '{print $2}'
192.168.168.154
下载Nginx: [root@centos8 ~]# dnf -y install wget [root@centos8 ~]# [root@centos8 ~]# wget -c --progress=bar:force http://nginx.org/download/nginx-
1.14.2
.tar.gz 安装Nginx: yum -y install pcre-devel openssl-devel zlib-devel gcc-c++ make psmisc useradd -M -s /sbin/nologin nginx tar -zxvf nginx-1.14.2.tar.gz cd nginx-1.14.2 ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-http_ssl_module && make && make install ln -sf /usr/local/nginx/sbin/nginx /usr/sbin/ ### 开机自动运行Nginx [root@centos8 ~]# vi /etc/init.d/nginx #!/bin/bash #chkconfig: 35 99 20 #description:Nginx Service Control Script case "$1" in start) /usr/local/nginx/sbin/nginx ;; stop) /usr/bin/killall -s QUIT nginx ;; restart) $0 stop $0 start ;; *) echo "Usage:$0 {start|stop|restart}" exit 1 esac exit 0 [root@centos8 ~]# chmod a+x /etc/init.d/nginx [root@centos8 ~]# chkconfig --add nginx 启动Nginx: [root@centos8 ~]# service nginx start 查看Nginx的进程: [root@centos8 ~]# ps -ef |grep
nginx
|grep -v grep
root 17200 1 0 11:32 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx nginx 17201 17200 0 11:32 ? 00:00:00 nginx: worker process
开机自动启动Nginx: [root@centos8 ~]#
systemctl enable nginx
nginx.service is not a native service, redirecting to systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install enable nginx 确认开机自动启动Nginx: [root@centos8 ~]# systemctl is-enabled nginx nginx.service is not a native service, redirecting to systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install is-enabled nginx
enabled
查看Nginx的版本: [root@centos8 ~]# nginx -v nginx version: nginx/
1.14.2
[root@centos8 ~]# nginx -V nginx version: nginx/
1.14.2
built by gcc 8.3.1 20191121 (Red Hat 8.3.1-5) (GCC) built with OpenSSL 1.1.1c FIPS 28 May 2019 TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-http_ssl_module 服务器本地测试Nginx: [root@centos8 ~]# yum -y install lsof [root@centos8 ~]# lsof -nP -iTCP:
80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nginx 17200 root 9u IPv4 48956 0t0 TCP *:80 (LISTEN) nginx 17201 nginx 9u IPv4 48956 0t0 TCP *:80 (LISTEN)
停止Nginx: [root@centos8 ~]# service nginx stop 或 [root@centos8 ~]# killall -9 nginx [root@centos8 ~]# ps -ef |grep
nginx
|grep -v grep [root@centos8 ~]# [root@centos8 ~]# lsof -nP -iTCP:
80
[root@centos8 ~]# 重启Nginx: [root@centos8 ~]# service nginx restart [root@centos8 ~]# ps -ef |grep
nginx
|grep -v grep
root 17554 1 0 11:35 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx nginx 17555 17554 0 11:35 ? 00:00:00 nginx: worker process
[root@centos8 ~]# lsof -nP -iTCP:
80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nginx 17554 root 9u IPv4 51071 0t0 TCP *:80 (LISTEN) nginx 17555 nginx 9u IPv4 51071 0t0 TCP *:80 (LISTEN)
在防火墙(Firewalld)打开TCP 80端口: firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --reload 查看防火墙所有打开的端口: [root@centos8 ~]# firewall-cmd --zone=public --list-ports
80/tcp
关闭SELinux: setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 客户端通过浏览器访问服务器IP地址,理应可以看到Nginx的测试页:
下载
(44.07 KB)
2021-2-12 16:46
############ ############ 安装云锁: [root@centos8 ~]# tar -zxvf yunsuo_agent_64bit.tar.gz [root@centos8 ~]# chmod a+x yunsuo_install/install [root@centos8 ~]#
yunsuo_install/install
Welcome. If you encounter any problems during installation, you can use 'ctrl-c' to cancel. checking installation environment:[ OK ] decompression package:[ OK ] Install Selinux Policy Module:[ OK ] Initialize Configuration Information:[ OK ] Install Auto-start Script:[ OK ] Install Protection Driver:[ OK ] Starting SoftWare:[ OK ]
Install Complete.
云锁会自动启动: [root@centos8 ~]# service yunsuo status ● yunsuo.service - SYSV: start and stop mainserver Loaded: loaded (/etc/rc.d/init.d/yunsuo; generated) Active:
active (running)
since Sun 2021-02-21 11:37:44 CST; 4min 32s ago Docs: man:systemd-sysv-generator(8) Process: 17725 ExecStart=/etc/rc.d/init.d/yunsuo start (code=exited, status=0/SUCCESS) Tasks: 63 (limit: 11298) Memory: 43.1M CGroup: /system.slice/yunsuo.service └─17760 ./yunsuo_agent_service -c config.xml -l runlog/run_log.log -e ALL -t ALL -s safe -m daemon Feb 21 11:37:43 centos8.zhuohua.store systemd[1]: Starting SYSV: start and stop mainserver... Feb 21 11:37:44 centos8.zhuohua.store yunsuo[17725]: Starting yunsuo: [ 确定 ] Feb 21 11:37:44 centos8.zhuohua.store systemd[1]: Started SYSV: start and stop mainserver. 服务器重启后,云锁会自动启动的: [root@centos8 ~]# systemctl is-enabled yunsuo yunsuo.service is not a native service, redirecting to systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install is-enabled yunsuo
enabled
添加服务器到云中心,输入以下命令即可绑定自己的服务器:(要到云锁官网注册账号) [root@centos8 ~]# /usr/local/yunsuo_agent/agent_smart_tool.sh -u 133921xxx -p Jackxxx
Bind Server Success.
############ Windows客户端管理云锁:(要到云锁的官网下载云锁PC控制端)
下载
(4.77 KB)
2021-2-12 16:48
下载
(36.67 KB)
2021-2-12 16:48
可以看到刚刚添加的服务器:(双击进入可以针对指定的服务器进行管理)
下载
(15.7 KB)
2021-2-12 16:49
服务器信息》开启所有的常用功能防护:
下载
(24.78 KB)
2021-2-12 16:49
应用防护:(这里可以看到Web服务器软件为Nginx)
下载
(60.43 KB)
2021-2-12 16:50
安装Nginx插件:
下载
(23.04 KB)
2021-2-12 16:50
下载
(6.67 KB)
2021-2-12 16:51
Nginx的Web防护开启成功:
下载
(52 KB)
2021-2-12 16:51
备注: Nginx必须采用编译的方式安装,使用Yum安装会无法安装Web防护的插件; 点击上面的“Web防护”》进入网站漏洞防护:
下载
(26.84 KB)
2021-2-12 16:51
将网站漏洞防护设置为“防护模式”:(默认是监控模式)
下载
(77.1 KB)
2021-2-12 16:52
客户端通过浏览器,测试Nginx的Web防护: http://192.168.168.154
/?order%20by
下载
(77.98 KB)
2021-2-21 13:09
下载
(23.88 KB)
2021-2-21 13:09
应用防护》登录防护:
下载
(108.28 KB)
2021-2-21 13:10
默认就是允许所有用户、IP地址进行SSH登录:
下载
(49.89 KB)
2021-2-21 13:10
新增一条规则:
下载
(26.62 KB)
2021-2-21 13:11
下载
(28.85 KB)
2021-2-21 13:11
新增规则(成功):(默认的规则要关闭)
下载
(36.6 KB)
2021-2-21 13:11
客户端使用非允许IP将无法SSH登录到服务器,效果如下图:
下载
(53.91 KB)
2021-2-21 13:11
开启sshd服务的爆破防护:
下载
(100.16 KB)
2021-2-21 13:12
下载
(9.62 KB)
2021-2-21 13:12
sshd服务的爆破防护开启成功:
下载
(95.22 KB)
2021-2-21 13:12
下载
(10.81 KB)
2021-2-21 13:13
############ ############ 在服务器卸载云锁: [root@centos8 ~]#
/usr/local/yunsuo_agent/uninstall
Are you sure to uninstall?(y/n)
y
Unbind Server Failed[101]: Uninstall Protection Driver:[ OK ] Clearup Configuration Information:[ OK ] Uninstall WebServer Plugin: [1]:
Nginx
80[ OK ] Uninstall Selinux Policy Module:[ OK ]
Uninstall Success.
还要在云锁PC控制端删除指定的服务器:
下载
(13.99 KB)
2021-2-12 16:53
下载
(5.96 KB)
2021-2-12 16:53
相关文章:
CentOS8_云锁+Apache
CentOS7_云锁+Nginx
CentOS8_lnmp1.7_更改Nginx的版本
Nginx/1.14.2重新编译安装使用Jemalloc
CentOS6安装服务器安全狗、Nginx版网站安全狗
图片附件:
图片1.png
(2021-2-12 16:46, 44.07 KB) / 下载次数 128
http://blog.zhuohua.store/attachment.php?aid=15390&k=b0942d07a527a3dcc442d0775755c3ab&t=1713599068&sid=YD2Ul2
图片附件:
图片2.png
(2021-2-12 16:48, 4.77 KB) / 下载次数 124
http://blog.zhuohua.store/attachment.php?aid=15391&k=853e65d560aae297e707f31155aca595&t=1713599068&sid=YD2Ul2
图片附件:
图片3.png
(2021-2-12 16:48, 36.67 KB) / 下载次数 110
http://blog.zhuohua.store/attachment.php?aid=15392&k=5c8b40956216b1b62eec4d2baee0d05a&t=1713599068&sid=YD2Ul2
图片附件:
图片4.png
(2021-2-12 16:49, 15.7 KB) / 下载次数 111
http://blog.zhuohua.store/attachment.php?aid=15394&k=5d8b6c7ff51128c4b241a4e3e72f6ae3&t=1713599068&sid=YD2Ul2
图片附件:
图片5.png
(2021-2-12 16:49, 24.78 KB) / 下载次数 124
http://blog.zhuohua.store/attachment.php?aid=15395&k=772de0eb89c20ff8e39090782aacaa9b&t=1713599068&sid=YD2Ul2
图片附件:
图片6.png
(2021-2-12 16:50, 60.43 KB) / 下载次数 121
http://blog.zhuohua.store/attachment.php?aid=15396&k=a90ffc40726958d27c39572e03574574&t=1713599068&sid=YD2Ul2
图片附件:
图片7.png
(2021-2-12 16:50, 23.04 KB) / 下载次数 115
http://blog.zhuohua.store/attachment.php?aid=15397&k=1e43bbb6de2fafaef66205553d796a56&t=1713599068&sid=YD2Ul2
图片附件:
图片9.png
(2021-2-12 16:51, 6.67 KB) / 下载次数 122
http://blog.zhuohua.store/attachment.php?aid=15398&k=7d717507e4f59467305f62137af62598&t=1713599068&sid=YD2Ul2
图片附件:
图片10.png
(2021-2-12 16:51, 52 KB) / 下载次数 133
http://blog.zhuohua.store/attachment.php?aid=15399&k=28396c0cc4ac2600abaf956d3e2b092b&t=1713599068&sid=YD2Ul2
图片附件:
图片11.png
(2021-2-12 16:51, 26.84 KB) / 下载次数 119
http://blog.zhuohua.store/attachment.php?aid=15400&k=31263b3ff5875b10e491c6746fca1d99&t=1713599068&sid=YD2Ul2
图片附件:
图片12.png
(2021-2-12 16:52, 77.1 KB) / 下载次数 115
http://blog.zhuohua.store/attachment.php?aid=15401&k=d5b95f3da37b63a9e39e7a435465c2d0&t=1713599068&sid=YD2Ul2
图片附件:
图片15.png
(2021-2-12 16:53, 13.99 KB) / 下载次数 120
http://blog.zhuohua.store/attachment.php?aid=15404&k=d329160ed91076d1da406fb03d34bcc8&t=1713599068&sid=YD2Ul2
图片附件:
图片16.png
(2021-2-12 16:53, 5.96 KB) / 下载次数 107
http://blog.zhuohua.store/attachment.php?aid=15405&k=de412adef4956ad07281f2e5b15fc135&t=1713599068&sid=YD2Ul2
图片附件:
图片1.png
(2021-2-21 13:09, 77.98 KB) / 下载次数 113
http://blog.zhuohua.store/attachment.php?aid=15521&k=9e71bcfb0fe5d5c54b7f16cee4b33118&t=1713599068&sid=YD2Ul2
图片附件:
图片2.png
(2021-2-21 13:09, 23.88 KB) / 下载次数 105
http://blog.zhuohua.store/attachment.php?aid=15522&k=a9e2bdb4e62219b5a3bccddbbbe99bec&t=1713599068&sid=YD2Ul2
图片附件:
图片3.png
(2021-2-21 13:10, 108.28 KB) / 下载次数 128
http://blog.zhuohua.store/attachment.php?aid=15523&k=8d86d17239689f57ce7aa0dfd85a4088&t=1713599068&sid=YD2Ul2
图片附件:
图片4.png
(2021-2-21 13:10, 49.89 KB) / 下载次数 102
http://blog.zhuohua.store/attachment.php?aid=15524&k=237a6dec33f618e7ed8e1890dbf082a2&t=1713599068&sid=YD2Ul2
图片附件:
图片5.png
(2021-2-21 13:11, 26.62 KB) / 下载次数 111
http://blog.zhuohua.store/attachment.php?aid=15525&k=19d6631d19fd41dbaf7489e58f64cfb5&t=1713599068&sid=YD2Ul2
图片附件:
图片6.png
(2021-2-21 13:11, 28.85 KB) / 下载次数 114
http://blog.zhuohua.store/attachment.php?aid=15526&k=13432f57331a83ac64d55cc3b746ef6c&t=1713599068&sid=YD2Ul2
图片附件:
图片7.png
(2021-2-21 13:11, 36.6 KB) / 下载次数 110
http://blog.zhuohua.store/attachment.php?aid=15527&k=8a71d19c2e502005123eb5f8bdd67c25&t=1713599068&sid=YD2Ul2
图片附件:
图片8.png
(2021-2-21 13:11, 53.91 KB) / 下载次数 114
http://blog.zhuohua.store/attachment.php?aid=15528&k=0ad2b5c87e462ffa0a43daee06199473&t=1713599068&sid=YD2Ul2
图片附件:
图片9.png
(2021-2-21 13:12, 100.16 KB) / 下载次数 109
http://blog.zhuohua.store/attachment.php?aid=15529&k=455deda44a1e76024e748392087e410c&t=1713599068&sid=YD2Ul2
图片附件:
图片10.png
(2021-2-21 13:12, 9.62 KB) / 下载次数 108
http://blog.zhuohua.store/attachment.php?aid=15530&k=69c73dbd39cde5a3fc2c7ac13959c51c&t=1713599068&sid=YD2Ul2
图片附件:
图片11.png
(2021-2-21 13:12, 95.22 KB) / 下载次数 107
http://blog.zhuohua.store/attachment.php?aid=15531&k=d2dabbd7ba7ac9b31a4561709cbaf152&t=1713599068&sid=YD2Ul2
图片附件:
图片12.png
(2021-2-21 13:13, 10.81 KB) / 下载次数 112
http://blog.zhuohua.store/attachment.php?aid=15532&k=40ccfb2c0e36f2a729edf922d357e20f&t=1713599068&sid=YD2Ul2
欢迎光临 blog.zhuohua.store (http://blog.zhuohua.store/)
Powered by Discuz! 7.2