If you hold a website and use SSL/HTTPS with Certificates theres is often the question should i block Port 80? The most Admins think after the Major Changes of the Browsers to pull first HTTPS Port 443 they can close the HTTP Port 80. But you should NOT do it! Why? most Bots scan at […]
Schlagwort: Webserver
Apache2 evasive Problems with WordPress
If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module „evasive“ must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save […]
Apache: Count Visits on Console
If you use a Webserver like Apache, you can use a small script to Analyse your Logs. Create a analyse-web.sh Script with: $sudo nano /home/user/analyse-web.sh insert: #!/bin/bash cat /var/log/apache2/access.log | awk '{ print $1 }' | sort | uniq -c exit 0 System Output: 1573 www.domain2.de 3568 www.domain3.de .. If you change the „$1“ to […]
Major Webserver Setup Rules: The „must“ do!
If you want to setup a fresh secure Webserver then use this list dont ever upload data, files, images on the Webserver who are classified as „secret“ setup daily full backup with Cron view daily the system logs, auth, www, errors … setup a local firewall with less opened ports 80,25 .. setup daily automatic […]