Category: Security

SSL Life Time Reduced to 397 days

Posted on August 13, 2020 (August 13, 2020) by ServerOk

Due to changes in Apple, Mozilla and Google Root Store Policies, as of September 1, 2020, newly issued SSL/TLS certificates with a validity period greater than 13 months (397 days) are prohibited by policy and will not be trusted. https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year https://blog.mozilla.org/security/2020/07/09/reducing-tls-certificate-lifespans-to-398-days/ […]

malware

Posted on July 28, 2019 (July 16, 2020) by ServerOk

Online Malware Scanner for websites Scan a folder with clamscan maldet https://opentip.kaspersky.com/ Tools https://remnux.org/ Forums http://www.virusinfo.info http://www.rootkit.com http://www.gmer.net Blogs https://www.securelist.com/en/threats/detect?chapter=83 http://www.youtube.com/watch?v=Q5cT3YHKVsY […]

Online Malware Scanner for websites

Posted on July 28, 2019 (September 14, 2020) by ServerOk

If your web site is hacked and infected by malware, Google Safe Browsing can block your web site with red warning. If this happens, you need to clean your web site. If your web site have lot of files, cleaning become hard as hacker can hide his files in any of these files. Manually verifying […]

ssl checker

Posted on March 22, 2019 by ServerOk

Here is few web sites where you can check your SSL certificate is installed properly. https://www.ssllabs.com/ssltest/ https://cryptoreport.websecurity.symantec.com/checker/ https://sslanalyzer.comodoca.com/ See SSL […]

Tripwire

Posted on April 4, 2018 by ServerOk

Tripwire is a data integrity tool for monitoring and alerting file and directory changes. https://github.com/Tripwire/tripwire-open-source To install, run

yum install tripwire

1	yum install tripwire

Generate keys Run

tripwire-setup-keyfiles

1	tripwire-setup-keyfiles

This ask you to enter password. Creating Database

tripwire --init

1	tripwire --init

You need to edit file

vi /etc/tripwire/twpol.txt

1	vi /etc/tripwire/twpol.txt

customise it for your system or you may get file/directory not found errors. Checking for changes

tripwire --check

1	tripwire --check

[…]

ModSecurity

Posted on February 19, 2018 (April 20, 2020) by ServerOk

Install ModSecurity on Debian Disable ModSecurity for a specific URL ModSecurity is a Web Application Firewall. Protect sites from SQL injection and Application level hacking. To install ModSecurity on Ubuntu/Debian with Apache, run

apt install libapache2-mod-security2 -y

1	apt install libapache2-mod-security2 -y

verify Apache module is installed with

apachectl -M | grep security

1	apachectl -M \| grep security

Enable config file

mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

1	mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

Update config

sed -i "s/SecRuleEngine DetectionOnly/SecRuleEngine On/" /etc/modsecurity/modsecurity.conf
sed -i "s/SecResponseBodyAccess On/SecResponseBodyAccess Off/" /etc/modsecurity/modsecurity.conf

1 2	sed -i "s/SecRuleEngine DetectionOnly/SecRuleEngine On/" /etc/modsecurity/modsecurity.conf sed -i "s/SecResponseBodyAccess On/SecResponseBodyAccess Off/" /etc/modsecurity/modsecurity.conf