http://tecadmin.net/protect-ssh-ftp-using-fail2ban-on-centos-rhel/
相關參數
http://manpages.ubuntu.com/manpages/saucy/man1/fail2ban-client.1.html
2014年12月11日 星期四
vsftp 安裝及設定
安裝
yum install vsftpd
設定
vi /etc/vsftpd/vsftpd.conf
local_enable=YES
write_enable=YES
userlist_enable=YES
userlist_deny=YES
use_localtime=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
tcp_wrappers=YES
# 關閉匿名登入
anonymous_enable=NO
# 改變 umask 讓新增的檔案屬性為 750 (umask 計算方式為:777 - 027 = 750)
local_umask=027
# 設定 idle 斷線時間(秒)
idle_session_timeout=600
# 設定 timeout 時間(秒)
data_connection_timeout=120
# 設定 chroot 避免使用者亂跑
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
# 限制最高幾個 client 連線
max_clients=20
# 限制同一個 ip 可以建立多少連線
max_per_ip=5
yum install vsftpd
設定
vi /etc/vsftpd/vsftpd.conf
local_enable=YES
write_enable=YES
userlist_enable=YES
userlist_deny=YES
use_localtime=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
tcp_wrappers=YES
# 關閉匿名登入
anonymous_enable=NO
# 改變 umask 讓新增的檔案屬性為 750 (umask 計算方式為:777 - 027 = 750)
local_umask=027
# 設定 idle 斷線時間(秒)
idle_session_timeout=600
# 設定 timeout 時間(秒)
data_connection_timeout=120
# 設定 chroot 避免使用者亂跑
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
# 限制最高幾個 client 連線
max_clients=20
# 限制同一個 ip 可以建立多少連線
max_per_ip=5
Linux 掛載(Mount) NTFS (Windows磁區)
DOWNLOAD
http://www.tuxera.com/community/ntfs-3g-download/
tar -xzvf [target]
./configure
make
make install
NOTE:
如果conpiler失敗需確認gcc是否安裝
yum install gcc
掛載
mount -t ntfs-3g /dev/sda1 /mnt/windows
開機自動掛載
vi /etc/fstab
加入
/dev/sda1 /mnt/windows ntfs-3g defaults 0 0
http://www.tuxera.com/community/ntfs-3g-download/
tar -xzvf [target]
./configure
make
make install
NOTE:
如果conpiler失敗需確認gcc是否安裝
yum install gcc
掛載
mount -t ntfs-3g /dev/sda1 /mnt/windows
開機自動掛載
vi /etc/fstab
加入
/dev/sda1 /mnt/windows ntfs-3g defaults 0 0
2014年11月24日 星期一
A Command Line Web Browsing with Lynx and Links Tools
http://www.tecmint.com/command-line-web-browsers/
Installation of Lynx and Links
Install Lynx on Debian based Linux systems.
# apt-get install lynx # apt-get install links
Install Lynx on Red Hat based Linux systems.
# yum -y install lynx # yum -y install links
How to Use Lynx and Links
Open a link: lynx/links http://www.tecmint.com.
# lynx http://www.tecmint.com OR # links http://www.tecmint.com
2014年10月25日 星期六
[MAC]顯示詳細路徑
(1) 開啓 Finder 顯示完整路徑的設定
defaults write com.apple.finder _FXShowPosixPathInTitle -bool YES
(2) 關閉所有 Finder
killall Finder
2014年9月27日 星期六
Red Hat / CentOS Install nginx PHP5 FastCGI Webserver
http://geekpeek.net/install-nginx-php55-fastcgi/
2014年8月19日 星期二
OS X 10.10 Yosemite 重置 Launchpad 的方法
defaults write com.apple.dock ResetLaunchPad -bool true; killall Dock
2014年8月18日 星期一
Mac OS X 自帶apache啟動php
/etc/apache2/httpd.conf文件,把#loadModule php5_module libexec/apache2/libphp5.so 前面的#去掉
cp /etc/php.ini.default /etc/php.ini
服務重啟:apachectl start
WEB根目錄:/Libary/WebServer/Documents/
cp /etc/php.ini.default /etc/php.ini
服務重啟:apachectl start
WEB根目錄:/Libary/WebServer/Documents/
2014年7月26日 星期六
2014年7月17日 星期四
yum install nginx
To add nginx yum repository, create a file named /etc/yum.repos.d/nginx.repo and paste one of the configurations below:
CentOS:
[nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=0 enabled=1
RHEL:
[nginx] name=nginx repo baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/ gpgcheck=0 enabled=1
Due to differences between how CentOS, RHEL, and Scientific Linux populate the $releasever variable, it is necessary to manually replace $releasever with either "5" (for 5.x) or "6" (for 6.x), depending upon your OS version.
source:http://wiki.nginx.org/Install
2014年6月28日 星期六
Posftix Permission denied problem
http://www.spidersoft.com.au/2011/posftix-permission-denied-problem/
After investigation
tail -f /var/log/messages I founded a pleasant line of code with really nice explanation:1 | sendmail: fatal: chdir /var/spool/postfix: Permission denied |
In theory this should be a problem for sysadmin, but – I wanted to find faster solution.
After short adventure with Google I found a clue:
1 | /usr/sbin/getsebool httpd_can_sendmail |
My result was obvious:
1 | httpd_can_sendmail --> off |
Problem was solved by
1 | setsebool httpd_can_sendmail 1 |
2014年6月27日 星期五
CentOS 6版 yum --skip-borken..修護方式!!!!!!
Centos 5.x
wget http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm
Centos 6.x
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
2014年6月22日 星期日
MySQL & MariaDB 指令備忘
- 新裝的資料庫設定root權限
- mysqladmin -u root password '你的密碼'
- or
- mysqladmin -u root password
- 修改使用者密碼(自已)或來源主機
- mysql>set password for 'username'@'localhost' = password('密碼');
- mysql>flush privileges;
- NOTE:若是開放全域存取的話只要將localhost改成% 但是非常之不建議
- flush privilegs這指令也建議搭配使用。
- 修改使用者密碼(他人)或來源主機
- mysql>UPDATE user SET Password=PASSWORD("密碼") WHERE User='目標使用者';
- mysql>flush privileges;
使用者分配與權限GRANT ALL ON *.* TO 'username'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
Linux 指令備忘
find "path name" -name "file name" -exec grep -H "search content" {} \;
find原本是用「檔案名稱」來搜尋在哪些地方有這些檔案,將這些路徑結果餵給grep後,就可以拿來搜尋檔案內部的文字片段。
Ex:
find ./kernel -name "*.c" -exec grep -H "main" {} \;
以上這段指令,是要搜尋./kernel底下所有的.c檔,內容含有"main"的地方。
find的參數:
-name 要搜尋哪些檔名
-exec utility name [argument...] {} \;
搜尋出的檔名 交給哪個執行檔(utility name)處理
{} 會被find搜尋後的檔名路徑名稱所取代
\; 代表exec的參數到此為止
grep的參數:
-H 列出搜尋到的檔案名稱路徑
find原本是用「檔案名稱」來搜尋在哪些地方有這些檔案,將這些路徑結果餵給grep後,就可以拿來搜尋檔案內部的文字片段。
Ex:
find ./kernel -name "*.c" -exec grep -H "main" {} \;
以上這段指令,是要搜尋./kernel底下所有的.c檔,內容含有"main"的地方。
find的參數:
-name 要搜尋哪些檔名
-exec utility name [argument...] {} \;
搜尋出的檔名 交給哪個執行檔(utility name)處理
{} 會被find搜尋後的檔名路徑名稱所取代
\; 代表exec的參數到此為止
grep的參數:
-H 列出搜尋到的檔案名稱路徑
CentOS安裝MariaDB
vim /etc/yum.repos.d/mariadb.repo
#自行決定要安裝5.5版或10版
#MariaDB 5.5 CentOS repository list - created 2014-01-10 13:53 UTC#http://mariadb.org/mariadb/repositories/ [mariadb] name = MariaDB baseurl = http://yum.mariadb.org/5.5/centos6-amd64 gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck=1#MariaDB 10.0 CentOS repository list - created 2014-01-10 13:54 UTC#http://mariadb.org/mariadb/repositories/ [mariadb] name = MariaDB baseurl = http://yum.mariadb.org/10.0/centos6-amd64 gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck=1
更新套件庫 # yum update 安裝 MariaDB # yum -y install MariaDB-server MariaDB-client 啟動 MariaDB # service mysql start 開機後啟動 # chkconfig --level 3 mysql on
來源:http://blog.ilc.edu.tw/blog/blog/25793/post/78462/471141
2014年6月1日 星期日
尋找yum安裝程式的 預設的安裝位置
例如:httpd
rpm -qa | grep httpd #至少大概知道自已yum install 了什麼吧…不然會找到死="=
以上指令產出的資訊
httpd-2.2.15-30.el6.centos.x86_64 httpd-devel-2.2.15-30.el6.centos.x86_64 httpd-tools-2.2.15-30.el6.centos.x86_64
rpm -ql httpd-2.2.15-30.el6.centos.x86_64以上指令產出的資訊/etc/httpd /etc/httpd/conf /etc/httpd/conf.d /etc/httpd/conf.d/README /etc/httpd/conf.d/welcome.conf /etc/httpd/conf/httpd.conf /etc/httpd/conf/magic /etc/httpd/logs /etc/httpd/modules /etc/httpd/run /etc/logrotate.d/httpd /etc/rc.d/init.d/htcacheclean /etc/rc.d/init.d/httpd /etc/sysconfig/htcacheclean /etc/sysconfig/httpd /usr/lib64/httpd /usr/lib64/httpd/modules----略......一大堆資訊;建議加個 more 方法="=
httpd + tomcat 整合
環境:CentOS
1、下載最新的的Apache Tomcat Connector
http://tomcat.apache.org/connectors-doc/
2、安裝http-devel
yum -y install httpd-devel gcc
3、解壓tomcat-connectors-1.2.37-src.tar,然後進行如下操作
cd native/
./configure --with-apxs=/usr/sbin/apxs
make
make install
4、在httpd.conf中添加模塊
LoadModule jkmodule modules/mod_jk.so
5、vi /etc/httpd/conf/httpd.conf底下新增以下
# Load mod_jk module
# Update this path to match your modules location
LoadModule jk_module modules/mod_jk.so
# Where to find workers.properties
# Update this path to match your conf directory location (put workers.properties next to httpd.conf)
JkWorkersFile /etc/httpd/conf/workers.properties
# Where to put jk shared memory
# Update this path to match your local state directory or logs directory
JkShmFile /var/log/httpd/mod_jk.shm
# Where to put jk logs
# Update this path to match your logs directory location (put mod_jk.log next to access_log)
JkLogFile /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
6、新增 vi /etc/httpd/conf/worker.properties
# Define 2 workers, using ajp13
worker.list=worker1, worker2
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=127.0.0.1
worker.worker1.port=8009
# Set properties for worker2 (ajp13)
worker.worker2.type=ajp13
worker.worker2.host=localhost
worker.worker2.port=8009
worker.worker2.connection_pool_timeout=600
worker.worker2.socket_timeout=60
7、httpd VirtualHost設定
<VirtualHost *:80>
DocumentRoot /var/www/html/jc #如果直接要"根"丟給worker1作業的話應該不用設定這裡httpd的位置
ServerName www.example.com.tw
ErrorLog logs/www.example.com.tw-error_log
CustomLog logs/www.example.com.tw-access_log common
JkMount /* worker1 ##做什麼樣的資料夾存取時去啟用worker1的方法
</VirtualHost>
8、新增tomcat Host 以及 關閉預設的8080並開啟AJP-Port 8009
<!--Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" /--> 註解掉
<Host name="www.example.com.tw" appBase="webapps" #存取webapps/ROOT中網頁
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
9、重啟httpd 以及 tomcat
**若有要做Load Balance 可以參照來源的網友教學嘗試建置~
即可測試
來源:
http://eoffice.im.fju.edu.tw/phpbb/viewtopic.php?t=6603
http://rritw.com/a/caozuoxitong/OS/20130919/426012.html
1、下載最新的的Apache Tomcat Connector
http://tomcat.apache.org/connectors-doc/
2、安裝http-devel
yum -y install httpd-devel gcc
3、解壓tomcat-connectors-1.2.37-src.tar,然後進行如下操作
cd native/
./configure --with-apxs=/usr/sbin/apxs
make
make install
4、在httpd.conf中添加模塊
LoadModule jkmodule modules/mod_jk.so
5、vi /etc/httpd/conf/httpd.conf底下新增以下
# Load mod_jk module
# Update this path to match your modules location
LoadModule jk_module modules/mod_jk.so
# Where to find workers.properties
# Update this path to match your conf directory location (put workers.properties next to httpd.conf)
JkWorkersFile /etc/httpd/conf/workers.properties
# Where to put jk shared memory
# Update this path to match your local state directory or logs directory
JkShmFile /var/log/httpd/mod_jk.shm
# Where to put jk logs
# Update this path to match your logs directory location (put mod_jk.log next to access_log)
JkLogFile /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
6、新增 vi /etc/httpd/conf/worker.properties
# Define 2 workers, using ajp13
worker.list=worker1, worker2
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=127.0.0.1
worker.worker1.port=8009
# Set properties for worker2 (ajp13)
worker.worker2.type=ajp13
worker.worker2.host=localhost
worker.worker2.port=8009
worker.worker2.connection_pool_timeout=600
worker.worker2.socket_timeout=60
<VirtualHost *:80>
DocumentRoot /var/www/html/jc #如果直接要"根"丟給worker1作業的話應該不用設定這裡httpd的位置
ServerName www.example.com.tw
ErrorLog logs/www.example.com.tw-error_log
CustomLog logs/www.example.com.tw-access_log common
JkMount /* worker1 ##做什麼樣的資料夾存取時去啟用worker1的方法
</VirtualHost>
8、新增tomcat Host 以及 關閉預設的8080並開啟AJP-Port 8009
<!--Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" /--> 註解掉
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> 這預設應該是打開的
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
9、重啟httpd 以及 tomcat
**若有要做Load Balance 可以參照來源的網友教學嘗試建置~
即可測試
來源:
http://eoffice.im.fju.edu.tw/phpbb/viewtopic.php?t=6603
http://rritw.com/a/caozuoxitong/OS/20130919/426012.html
訂閱:
文章 (Atom)