Server basic configuration after installing RHEL 8.5 (minimal).

I saved it as, gave it chmod u+x executable permissions and ran it as root ./, although I know that scripts should be run from sudo for security. But I know what I’m doing and why. Everything is described with comments in English. User was created during installation of the system, hence the change. I use sudo and user on a daily basis. Here it is a quick solution. These commands can be executed equally well using sudo.

Continue reading “Server basic configuration after installing RHEL 8.5 (minimal).”

Bash script that blocks web server (apache/nginx/litespeed) scanners.

Bash script that blocks web server (apache/nginx/litespeed) scanners

Bash script that blocks web server (apache/nginx/litespeed) scanners. It checks the 400-408 errors or any other in the log you will choose to scan and extracts IP addresses of scanners which are trying to scan a web server and adds IP addresses to the ipset which drops the connection.

Continue reading “Bash script that blocks web server (apache/nginx/litespeed) scanners.”

Using blocklist with iptables and firewalld

If you have any kind of server connected to the Internet, you are no doubt aware that no matter how small or unimportant it might seem, it is frequently probed, tested or subject to various attempts at abuse. These attacks come from so many malicious hosts that it is impossible to keep track by hand. So I started looking for a way to implement an automated blocklist to use with iptables and firewalld which I use on my servers.

Continue reading “Using blocklist with iptables and firewalld”

fail2ban – installation and configuration

Note, the following tutorial is a part of my engineering work entitled “Hardening of a Linux-based network server” under the direction of Ph. D. Kordian Smolinski in the Department of Theoretical Physics WFiIS UŁ defended in June 2019.

To install Fail2Ban on CentOS 7.6, you will first need to install the EPEL (Extra Packages for Enterprise Linux) repository. EPEL contains additional packages for all versions of CentOS, one of these additional packages is Fail2Ban.

Continue reading “fail2ban – installation and configuration”

SELinux security policy

I’m not an SELinux expert, but when I read many tutorials on the subject and saw dozens of tips that all said in one voice: turn off SELinux, because it causes problems, I thought it was time to challenge this thesis and prove that SELinux could be easy to use.

In a situation where a service does not run because of problems with permissions, creating a process ID (PID) file, you should update SELinux’s policy on enforcing the rules against the application, which by default is not included in SELinux’s Type Enforcement (TE) policies.

Continue reading “SELinux security policy”