Discover server security hardening, include the articles, news, trends, analysis and practical advice about server security hardening on alibabacloud.com
unnecessary ports, timely patching loopholes and other technologies to increase the security of the system. From this, I have compiled a short Linux reinforcement article, only for Linux beginners, I hope to be able to help you. Network security has always been the most important and the biggest gap in the Internet, and it is imperative to ensure the security of
Tags: assigning ISO grub.con an unload performing read-write associated HIDAbout "Security hardening"Safety is relative.Reinforcement may involve all aspects of the system: (1) hardware. For example: Intel X86 Hardware vulnerability; (2) operating system. Run from installation to installation and (3) system services. The service itself installs the configuration, the system resources involved in the service
System Performancevm.bdflush = + 1884, Improve virtual memory performancevm. Buffermem = 60# increases the size of the socket queue (effectively, q0). Net.ipv4.tcp_max_syn_backlog = 1024# Increa SE the maximum total tcp buffer-space Allocatablenet.ipv4.tcp_mem = 57344 57344 65536# increase the maximum TCP Write-buff Er-space Allocatablenet.ipv4.tcp_wmem = 32768 65536 52428815# increase the maximum TCP Read-buffer space Allocatablenet.ip V4.tcp_rmem = 98304 196608 1572864# increase the maximum a
,denyDeny from allTrojan Avira and Prevention:Grep-r--include=*.php ' [^a-z]eval ($_post '/home/wwwroot/Grep-r--include=. php ' file_put_contents (. $_post[.*]); '/home/wwwroot/Using Find Mtime to find the last two days or the days of discovering a trojan, which PHP files have been modified:Find-mtime-2-type F-name *.phpTo change directory and file properties:Find-type f-name *.php-exec chomd 644 {} \;Find-type d-exec chmod 755 {} \;Chown-r www.www/home/wwwroot/www.test.comTo prevent cross-site
Usage: When implementing a login system, two people are required to be authorized to log in.Vi/etc/security/userChange the following:Sjhadmin = FalseRlogin = Trueauth1 = System;sjh,system;sam -- just add the line.Next time Use SJH User name login will require you to enter SJH and the Sam password is entered correctly before you can log into the systemThis article from "Technology bo" blog, declined reprint!AIX series------
http://www.nagain.com/appscan/http://bbs.pediy.com/forumdisplay.php?f=166Http://jaq.alibaba.comHttp://www.cocoachina.com/ios/20141118/10245.htmlSecurity test Report for the online Banking app on the iOS platformHttp://www.freebuf.com/articles/terminal/102396.htmlAutomated testing for Android app detection: Comparison of five app security online detection platformshttp://safe.ijiami.cnHttps://mqc.aliyun.com/?spm=0.0.0.0.EI7ecOHttp://wetest.qq.com/?from
Write in front: Blog Writing in mind 5w 1 H law: w hat,w hy,w hen,w here,w ho,h ow.
The main content of this article:Authority authenticationSELinux operating mode/startup modeSecurity Context View and modification
Brief introduction:SELinux is all called security Enhanced Linux, which means secure hardening of Linux.It is designed to prevent "misuse of internal staff resources". It
The following configuration is used for my formal environment. More than Apache before, now basically not. Now share it.1. 2. Use rewrite to harden Apache # # # # # # # # # #APACHE url keyword Hardening Strategy # # # # # #请自行添加删减关键字 #并做好测试 Examples are as follows: Rewriteengineonrewritecond%{request_uri}xwork|java|redirect|passwd|hosts|windows|script | SCRIPT|LOCATION|PROMPT|PROC\/SELF\/ENVIRON|MOSCONFIG_[A-ZA-Z_]{1,21} (=|%3d) |base64_encode.* (.
the user is rejected if it does not matchPermitrootlogin no//deny root user LoginCp/etc/ssh/sshd_config/etc/ssh/sshd_config.bakgrep Banner/etc/ssh/sshd_configbanner/etc/ssh/ssh_login_banner# Banner None//Cancel Banner message cat/etc/ssh/ssh_login_bannerwelcome to CentOS 6.5See if there's any/etc/inittab inside.#ca:: Ctrlaltdel:/sbin/shutdown-t3-r now//disable Ctrl+alt+delvi/etc/pam.d/system-authauth required pam_tally.so ONERR=FA Il deny=6 unlock_time=300//password consecutive error 6 times, a
Overview
For Microsoft Active Directory services that are running Microsoft? Windows Server? 2003 computers, domain controller servers are important roles to ensure security in any environment. For clients, servers, and applications that rely on domain controllers to complete authentication, Group Policy, and a central LDAP (Lightweight Directory Access Protocol) directory, any loss of domain controllers o
servlet only with Tomcat.(6) Apache is the most beginning page parsing service, Tomcat is developed after, in essence, the function of Tomcat can completely replace Apache, but Apache is the predecessor of Tomcat, and there are many people in the market still using Apache, So Apache will continue to exist, will not be replaced,Apache can not parse Java things, but parsing HTML fast .4. Examples of both:Apache is a car, which can be loaded with things such as HTML, but not water, to fill the wat
Php implements troubleshooting and hardening of Linux server Trojans. Php implements troubleshooting and hardening of Linux server Trojans. linux reinforced websites are often infected with Trojans for some improvement. this problem can be basically solved because discuzx and other programs have vulnerabilities, linux
Let's discuss the security settings for the Web server. This includes the security of NT Server, the security of database SQL Server, and the security of IIS.
Note the order of installa
Tags: show change useful stage Auth tab ros. SQL descriptionby Don Kiely, 2014/06/04 reprinted from: http://www.sqlservercentral.com/articles/Stairway+Series/109941/ This series This article was part of the stairway Series:stairway to SQL Server Security Relational databases are used in a wide variety of applications, through a widely distributed network, especially the Internet, from dazzling client connec
Save the following text as: windows2000-2003 server Security and Performance registry automatic configuration file. Reg runs
Copy Code code as follows:
Windows Registry Editor Version 5.00
[Hkey_current_user/software/microsoft/windows/currentversion/policies/explorer]
"NoRecentDocsMenu" =hex:01,00,00,00
"NoRecentDocsHistory" =hex:01,00,00,00
[Hkey_local_machine/software/microsoft/windows
Ladder for SQL Server security Level 1: SQL Server Security overviewDon kiely,2014/06/04The seriesThis article is part of the "Stairway series: Steps for SQL Server security"SQL Server
In addition to patches provided by security vendors, website server security is more important to set some common security problems that can withstand attacks by some cainiao tools.
Basic Security Settings
1. Adjust the testing environment (set resolution, IP address, an
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.