笺注:这是在 CentOS8安装LAMP+phpMyAdmin 的基础上进行的。
Apache的版本:
[root@centos8 ~]# httpd -v
Server version: Apache/2.4.37 (centos)
Server built: Jun 8 2020 20:14:33
云锁的下载官网:
http://www.yunsuo.com.cn/download.html
下载云锁服务器端(64位Linux版):
[root@centos8 ~]# dnf -y install wget
[root@centos8 ~]# wget https://download.yunsuo.com.cn/v3/yunsuo_agent_64bit.tar.gz
安装云锁:
[root@centos8 ~]# tar -zxvf yunsuo_agent_64bit.tar.gz
[root@centos8 ~]# chmod a+x yunsuo_install/install
[root@centos8 ~]# yunsuo_install/install
Welcome.
If you encounter any problems during installation, you can use 'ctrl-c' to cancel.
checking installation environment:[ OK ]
decompression package:[ OK ]
Install Selinux Policy Module:[ OK ]
Initialize Configuration Information:[ OK ]
Install Auto-start Script:[ OK ]
Install Protection Driver:[ OK ]
Starting SoftWare:[ OK ]
Install Complete.
云锁会自动启动:
[root@centos8 ~]# service yunsuo status
● yunsuo.service - SYSV: start and stop mainserver
Loaded: loaded (/etc/rc.d/init.d/yunsuo; generated)
Active: active (running) since Fri 2021-02-12 14:25:46 CST; 49s ago
Docs: man:systemd-sysv-generator(8)
Process: 2460 ExecStart=/etc/rc.d/init.d/yunsuo start (code=exited, status=0/SUCCESS)
Tasks: 63 (limit: 11298)
Memory: 42.9M
CGroup: /system.slice/yunsuo.service
└─2495 ./yunsuo_agent_service -c config.xml -l runlog/run_log.log -e ALL -t ALL -s safe -m daemon
Feb 12 14:25:45 centos8.zhuohua.store systemd[1]: Starting SYSV: start and stop mainserver...
Feb 12 14:25:46 centos8.zhuohua.store yunsuo[2460]: Starting yunsuo: [ 确定 ]
Feb 12 14:25:46 centos8.zhuohua.store systemd[1]: Started SYSV: start and stop mainserver.
云锁的进程:
[root@centos8 ~]# ps aux |grep yunsuo_agent |grep -v grep
root 2495 1.3 4.3 1285648 79880 ? Sl 14:25 0:01 ./yunsuo_agent_service -c config.xml -l runlog/run_log.log -e ALL -t ALL -s safe -m daemon
root 2566 0.0 0.4 176828 8104 ? Ssl 14:25 0:00 ./yunsuo_agent_guard
停止云锁:
[root@centos8 ~]# service yunsuo stop
Stopping yunsuo (via systemctl): [ OK ]
[root@centos8 ~]#
[root@centos8 ~]# ps aux |grep yunsuo_agent |grep -v grep
root 2566 0.0 0.4 176828 8104 ? Ssl 14:25 0:00 ./yunsuo_agent_guard
启动云锁:
[root@centos8 ~]# service yunsuo start
Starting yunsuo (via systemctl): [ OK ]
[root@centos8 ~]#
[root@centos8 ~]# ps aux |grep yunsuo_agent |grep -v grep
root 2566 0.0 0.4 176828 8104 ? Ssl 14:25 0:00 ./yunsuo_agent_guard
root 2732 19.0 2.4 982428 45152 ? Sl 14:29 0:00 ./yunsuo_agent_service -c config.xml -l runlog/run_log.log -e ALL -t ALL -s safe -m daemon
服务器重启后,云锁会自动启动的:
[root@centos8 ~]# systemctl is-enabled yunsuo
yunsuo.service is not a native service, redirecting to systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install is-enabled yunsuo
enabled
添加服务器到云中心,输入以下命令即可绑定自己的服务器:(要到云锁官网注册账号)
[root@centos8 ~]# /usr/local/yunsuo_agent/agent_smart_tool.sh -u 133921xxx -p Jackxxx
Bind Server Success.
Windows客户端管理云锁:(要到云锁的官网下载云锁PC控制端)
可以看到刚刚添加的服务器:(双击进入可以针对指定的服务器进行管理)
服务器信息》开启所有的常用功能防护:
抗CC攻击:(记得要手动开启)
应用防护:(这里可以看到Web服务器软件为Apache)
安装Apache插件:
Apache的Web防护开启成功:
同理,把php-fpm的Web防护也开启:
进入网站漏洞防护:
将网站漏洞防护设置为“防护模式”:(默认是监控模式)
客户端通过浏览器,测试Apache的Web防护:
http://192.168.168.154/?order%20by
可以查看防护日志:
进入IP黑白名单:
当发现有人恶意攻击自己的网站时,可以把其IP地址添加到“访客IP黑名单”:
新增黑名单成功:
备注:使用“访客IP黑名单”里的IP地址的用户将无法访问网站。
新增白名单:
备注:
白名单优先生效,此时客户端使用IP地址192.168.168.128可以访问网站。
使用“访客IP白名单”里的IP地址的用户进行操作时,不会被云锁误拦截:
http://192.168.168.154/?order%20by
系统防护》防端口扫描:
防端口扫描要手动开启:
############
############
在服务器卸载云锁:
[root@centos8 ~]# /usr/local/yunsuo_agent/uninstall
Are you sure to uninstall?(y/n)y
Unbind Server Failed[101]: Uninstall Protection Driver:[ OK ]
Clearup Configuration Information:[ OK ]
Uninstall WebServer Plugin:
[1]: php-fpm 1048575[ OK ]
[2]: Apache 80[ OK ]
Uninstall Selinux Policy Module:[ OK ]
Uninstall Success.
还要在云锁PC控制端删除指定的服务器:
相关文章:
CentOS8_云锁+Nginx
CentOS7_云锁+Apache
Windows2012R2_云锁+IIS+防盗链
Windows2012R2_云锁+Apache+Tomcat |