Oracle Linux6安装服务器安全狗、Apache版网站安全狗
服务器的信息:
[root@oracle-linux6 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.9 (Santiago)
[root@oracle-linux6 ~]#
[root@oracle-linux6 ~]# cat /etc/issue |head -1
Oracle Linux Server release 6.9
[root@oracle-linux6 ~]#
[root@oracle-linux6 ~]# uname -r
4.1.12-61.1.28.el6uek.x86_64
[root@oracle-linux6 ~]# hostname
oracle-linux6.9
[root@oracle-linux6 ~]# cat /etc/sysconfig/network |tail -1
HOSTNAME=oracle-linux6.9
[root@oracle-linux6 ~]# ifconfig eth0 |grep "inet addr" |awk '{print $2}' |awk -F: '{print $2}'
192.168.168.135
安装Apache:
[root@oracle-linux6 ~]# yum -y install httpd* elinks lsof
修改Apache的配置文件:
[root@oracle-linux6 ~]# sed -i 's/#ServerName www.example.com:80/ServerName www.example.com:80/g' /etc/httpd/conf/httpd.conf
启动Apache:
service httpd start
开机自动启动Apache:
chkconfig --level 35 httpd on
查看Apache的版本:
[root@oracle-linux6 ~]# httpd -v
Server version: Apache/2.2.15 (Unix)
Server built: Jan 11 2017 18:42:38
服务器本地测试Apache:
[root@oracle-linux6 ~]# elinks 127.0.0.1
[root@oracle-linux6 ~]# lsof -nP -iTCP:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 2232 root 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2234 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2235 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2236 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2237 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2238 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2239 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2240 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
httpd 2241 apache 4u IPv6 14717 0t0 TCP *:80 (LISTEN)
要安装一些依赖软件包:
[root@oracle-linux6 ~]# yum -y install wget zlib-devel libtool ncurses-devel libxml2-devel mlocate lsof dmidecode
关闭SELinux:
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
重启服务器:
reboot
去官网下载最新的安全狗软件包:
[root@oracle-linux6 ~]# wget http://down.safedog.cn/safedog_linux64.tar.gz
安装安全狗软件:(这是64位软件)
tar -zxvf safedog_linux64.tar.gz
cd safedog_an_linux64_2.8.21207/
chmod a+x *.py
[root@oracle-linux6 safedog_an_linux64_2.8.21207]# ./install.py
extracting files ...
Warning: Web defense module will restart web process during installation!!:
Web defense module select: 1.apache 2.nginx . Input(Ctrl-C to skip web defense module installation): 1 #输入1,按回车键
step 1/3, start install common lib [ok]
step 2/3, start Install Server Defense Module
step 2.1, checking os release version... [ok]
step 2.2, installing file... [ok]
step 2.3, start service... [ok]
step 2.4, save safedog install info...
Tips:
(1)safedog install directory: /etc/safedog
(2)install safedog version: 2.8.21207
install safedog completely
step 3/3, start install Apache Defense Module..
step 3.1, start install Apache Defend Module...
step 3.2, copy libraries [ok]
step 3.3, copy bin [ok]
step 3.4, Install apache defense module succeed.. [ok]
step 3.5, restart the apache server..send command to server ok.
[ok]
Tips:
(1)If you want to change the configuration of apache defense module, please modify the files in /etc/safedog/apache/conf;
(2)If you want to check apache defense module log, please use command: sdalog;
(3)If apache defense module is failed to use, you can try to restart Apache service.
Installation is complete!
safedog install directory:
/etc/safedog
apache defense module directory:
/etc/safedog/apache/conf
备注:
安全狗默认会随操作系统的启动而自动启动的;
如无特殊要求,服务器安全狗、网站安全狗里的规则保持默认即可;
查看安全狗是否运行中:(运行时的效果)
[root@oracle-linux6 ~]# service safedog status
safedog service is running
[root@oracle-linux6 ~]#
[root@oracle-linux6 ~]# ps -ef |grep sdsvrd |grep -v grep
root 1627 1547 1 13:54 ? 00:00:02 sdsvrd -d
关闭安全狗:
[root@oracle-linux6 ~]# service safedog stop
stop sdsvrd server #####
safedog serivce stopped!
[root@oracle-linux6 ~]# ps -ef |grep sdsvrd |grep -v grep
[root@oracle-linux6 ~]#
启动安全狗:
[root@oracle-linux6 ~]# service safedog start
[root@oracle-linux6 ~]# service safedog status
safedog service is running
[root@oracle-linux6 ~]#
[root@oracle-linux6 ~]# ps -ef |grep sdsvrd |grep -v grep
root 3027 1547 0 13:58 ? 00:00:01 sdsvrd -d
可运行命令sdui进入操作界面:
[root@oracle-linux6 ~]# sdui
[Firewall]->NetFireWall
备注:DDOS Firewall、CC Attack Defense默认是开启的。
######
加入服云,告别Linux传统字符界面,Windows客户端可通过浏览器管理安全狗:
http://www.safedog.cn
登录后,来到主页:
在主页右边点击 下载证书
下载文件:safedog_user.psf
把证书放到服务器的指定目录上:
[root@oracle-linux6 ~]# mv safedog_user.psf /etc/safedog/sdcc/
[root@oracle-linux6 ~]# ll /etc/safedog/sdcc/
刷新页面,理应就可以看到新添加的服务器了:
安全管理》服务器管理
注释:可以看到服务器的公网IP、内网IP。
服务器安全防护:
网站安全防护:(安装了网站安全狗才会有以下选项)
网站防护》HTTP安全检测:
备注:漏洞防护要设置为“记录并拦截”
测试Apache版网站安全狗的防护功能:
http://192.168.168.135/?order%20by
在服务器上查看Apache版网站安全狗的防护日志:
[root@oracle-linux6 ~]# sdalog
Total 1 records!
Time |Type |AttackIP |FullUrl |AttackContent |PhysicalPath
2021-02-15 13:01:54 |SQL injection |192.168.168.138 |192.168.168.135/?order%20by |防止order by函数利用,可疑内容:192.168.16.. |
网站防护》上传防护:
Apache版网站安全狗的上传防护配置文件:
[root@oracle-linux6 ~]# cat /etc/safedog/apache/conf/WPCDefTrojan.conf
[Trojan]
SpeSiteCount=0
WhitePathCount=0
ChkWTBrowsyFile=1
Resource=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|jsp|php
IgnoreFileSize=1048576
ChkForbidPostExt=1
ForbidPostExt=asa|asax|ascx|ashx|asmx|asp|aspx|cdx|cer|cgi|dll|exe|jsp|php
ChkWTPost=0
ChkHTCookie=0
ChkHTPost=0
ChkHTUrl=0
SendAlert=1
ForbidOtherRequests=1
NeedSendInterceptPage=1
############
############
设置资源防盗链:
注释:
防护模式选择“引用方式”;
网站没有域名就写服务器IP地址;
资源类型可以有多个,就是需要被保护的文件类型;
信任域名写允许进行引用操作的网站域名,其他网站域名都不得引用;
增加资源防盗链规则成功:
注释:
规则的启用状态分“已开启”、“未开启”;
增加、修改、删除规则后,记得点击此页面底下的“保存”按钮;
######
防盗链测试
被允许的网站域名引用指定类型的文件正常:
[root@oracle-linux6 ~]# curl -x127.0.0.1:80 -I -e "http://blog.zhuohua.store/1.jpg" 192.168.168.135/1.jpg
HTTP/1.1 200 OK
Date: Mon, 15 Feb 2021 05:35:11 GMT
Server: Apache/2.2.15 (Oracle)
Last-Modified: Mon, 15 Feb 2021 05:20:01 GMT
ETag: "2e05fb-4-5bb59234072e6"
Accept-Ranges: bytes
Content-Length: 4
Connection: close
Content-Type: image/jpeg
未被允许的网站域名引用指定类型的文件不正常:
[root@oracle-linux6 ~]# curl -x127.0.0.1:80 -I -e "http://blog.aaa.store/1.jpg" 192.168.168.135/1.jpg
HTTP/1.1 301 Moved Permanently
Date: Mon, 15 Feb 2021 05:37:27 GMT
Server: Apache/2.2.15 (Oracle)
Location: http://404.safedog.cn/images/bg_link.jpg
Connection: close
Content-Type: text/html; Charset=utf-8
######
Apache版网站安全狗的资源防盗链配置文件:
[root@oracle-linux6 ~]# cat /etc/safedog/apache/conf/WPCLinkGate.conf
[LinkGate]
Browser=1
ChkLinkGate=1
Name=name
Password=password
RLocalSite=1
ROtherSite=1
Reference=1
Resource=
SLocalSite=0
SOtherSite=0
SResource=
SSpeSiteCount=0
SendAlert=1
Session=0
SpeSiteCount=1
TimeOut=10
TrustCount=0
NeedSendInterceptPage=1
[SpeSite0]
BrowserType=1
DomainName=blog.zhuohua.store
ProtectMode=1
ResourceType=jpg,php
Site=192.168.168.135
Status=1
ValidityTime=0
可以在配置文件中修改资源防盗链规则:
然后重启安全狗,使更改生效:
[root@localhost ~]# service safedog restart
资源防盗链规则修改成功:
相关文章:
CentOS6安装服务器安全狗、Apache版网站安全狗
Oracle Linux6安装服务器安全狗、Nginx版网站安全狗
Nginx版网站安全狗配置资源防盗链 |