Ubuntu Servers :: Logging - Record Password Attempts On Htaccess Files
Jul 22, 2010
After reading this pdf on top 5 things to log for security, ive decided to attempt this for my webserver. how i might setup some logging systems to do these tasks. Basic things i need to be able to do: Record things like password attempts on htaccess files, from what IP address, and how many attempts there were. Any useful links anyone can think of to get me started? Im a student programmer at university so any programming i should be able to cope fine.
View 2 Replies
ADVERTISEMENT
Aug 9, 2010
My server (CentOS 5.4) is being bombarded 24x7 with IP addresses from China trying to exploit phpMyAdmin. For every one I block on the firewall, half a dozen come to the funeral! It's a pity these morons don't have something better to occupy their time. I'm getting page after page of this (see below) every day and it's been going on for weeks. I don't even have phpMyAdmin on the server. I don't use it and I deleted it.
I've read that you can use .htaccess and / or mod_rewrite to redirect / block them based on any query for phpMyAdmin (they try all letters in upper and lower case, leading to page after page). Unfortunately, I have no idea of how to do this. I already have an .htaccess file. Maybe someone can suggest what to add to stop these pests from wasting my bandwidth and suggest somewhere I could redirect them to to cause them maximum problems. I don't want to block the entire country, seems a bit like overkill, not all Chinese are morons. we aren't even in the USA, so why they are doing this is beyond me.
A TINY sample!
[Sun Aug 08 13:29:08 2010] [error] [client 61.191.41.53] File does not exist: /var/www/corp/phpMyAdmin-2.7.2
[code]...
View 6 Replies
View Related
Feb 2, 2011
I cannot sudo nor log into a second ssh session on my Ubuntu 10.10 server edition headless setup. Entering an incorrect password works as expected but the correct password gives errors, and on the second attempt a segfault. I recently changed my password as the old one was about to expire, that was 3 days ago, I can't find evidence that I have sudo'ed or logged in a second session since, I have been logged into it via ssh throughout all of it and I am still currently logged in. What should I do to correct this problem? I'm worried that by turning it off I will lose all access. Is the only option using a live cd to change the password?
[Code]...
View 1 Replies
View Related
Mar 8, 2010
I'm having a lot of problems getting NIS set up with our firewall. I've looked online and no one seems to have any answers. When the firewall is off, NIS works. When it's on, it doesn't.I would like to know which ports NIS needs by logging connection attempts on the server, since I would swear the right ports seem open already. Right now I'm using this to generate the log entries:
iptables -I INPUT -m state --state NEW -j LOG --log-prefix "New Connection: "
iptables -I OUTPUT -m state --state NEW -j LOG --log-prefix "New Connection: "
However, I think it must only work for successful connections, because I'm not seeing any new entries when I try running the NIS client on another machine (ypbind).
View 5 Replies
View Related
Jun 27, 2011
Does anyone know if vsftpd logs successful and failed logon attempts anywhere? I grep'd my /var/log directory and didnt find anything. or if it can, do you know how to enable it?
View 12 Replies
View Related
Feb 7, 2010
My root filesystem recently filled up. I finally established why - that my /media directory had filled up due to the USB-attached device having been unmounted for whatever reason, and SimpleBackup tried backing up without the mount in place - thereby filling up the filesystem.
I discovered that the root directory was full when the machine tried to get updates, and couldn't. So, I went into /media and tried to delete the backup directory and file(s) that were in that directory, but it tells me that permission is denied. So I try to SUDO the same command, and it tells me 3 times in a row, "Sorry, try again", followed by "sudo: 3 incorrect password attempts".
So, how to I get root privileges back again?
Code:
name@machine:/media$ sudo rm -R FreeAgent
Sorry, try again.
Sorry, try again.
Sorry, try again.
[Code].....
View 9 Replies
View Related
Feb 10, 2009
My friend has a website whereby once you have logged in on one page, you are redirected to another page, with a url similar to:
[URL]
the random string changes each time you log in, however the login page has a static url What i was attempting to do is run a script to get some data from the members page (after uve logged in) - however ive been having some trouble in how to do this, as the variable url with the random string will become invalid after a certain time, and i did not want to consantly change it.
While reading through some documentation i read that wget should be able to login to a form login website however ive had no luck, the command i was attempting to use was:
wget --user USERNAME -password PASSWORD [URL]
similarly i also tried
wget --post-data "username=USERNAME&password=PASSWORD" [URL]
and even both combined. However neither has worked as the html dl'd is simply the login page website. I cannot post a direct link to the website as it is private, however ive looked at the source coding and ive extracted (what i think) is the relevant bit, which is:
Code:
<form action="/cgi-bin/sblogin/login.cgi" method="post" name="login" id="login"><br /><br />
<div class="user_text"><span class="text3">USERNAME:</span></div><div class="user_box"><input type="text" class="text" name="uname"></div>
[code].....
View 1 Replies
View Related
Nov 24, 2010
I want to give my users option of logging to the system. They should have posibillity for choosing option betweend logging to the system with their default password or one-time password OTPW. I installed OTPW in my Debian. Here is my /etc/pam.d/sshd file:
[Code]....
View 12 Replies
View Related
Jul 21, 2009
What command should i add into htaccess if i want to make a certain page protected with username and password?
View 1 Replies
View Related
Feb 22, 2010
I am unable to find the syslogd files. Ubuntu 9.1 installed. Logging is taking place. I want to redirect logging to central location. Do I need to install syslogd in order to control this service or is it controled via a different name/service?
View 1 Replies
View Related
Sep 1, 2011
I am changing domain name for web, web is staying on same IP / ServerI want www.OLD.com to redirect (change address name in browser) to at the moment both point to same IP..am not sure why but this .htaccess is not working.
Code:
#Options +FollowSymLinks
RewriteEngine on
[code]....
View 1 Replies
View Related
Feb 9, 2010
I'm a newb when it comes to linux operating systems so I'm attempting to get better through experience. I work for a web development company and we use Ubuntu for our operating systems (the programmers at least). Anyways, I'm trying to install LAMP services and get them working. I have all L.A.M.P. services installed... but Apache2 is giving me a problem. I have an .htaccess file installed in a directory under my document root. But Apache2 is not interpreting it. I have AllowOverride All on but I can't figure it out. I did make a bogus .htaccess file attempting to make apache give me a error, nothing.
View 2 Replies
View Related
Nov 22, 2010
I installed AWSTATS on my LAMP 10.04 LTS and followed several tutorials URL...) but I can't secure the folder, either by an alias or by .htaccess. I tried both methods manually and by using Webmin.If you go to the URL www.mywebsite/awstats/awstats.pl it shows up, which is good, but this is the default installation site and anyone who knows awstats could possibly see my stats. The conf folder is /etc/awstats/, and I did an alias for that, then .htacess, but neither worked. With the .htaccess, I would get a password promt but the full stats page was visible behind the password promt, and if you clicked "Cancel" about 20 times or so the promt would go away and the full stats page would be visible.
The actual file that powers awstats is in /usr/share/lib/cgi-bin/awstats.pl, and I also tried an Alias and .htaccess seperately and neither worked.I restarted apache2 after each change and I've searched several forums, but I still can't figure this out.
View 2 Replies
View Related
Jan 27, 2011
I am running into a very strange problem where my my .htaccess file keep getting deleted.Attempted scenarios ftp upload file.txt rename to .htaccess ftp upload .htaccess ssh - wget url/.htaccess ssh - wget url/htaccess.txt, rename to .htaccess
[Code]...
View 7 Replies
View Related
Mar 10, 2010
I looked at my apache2 logs. Code:[Wed Mar 10 01:56:34 2010] [crit] [client 192.168.1.100] (13)Permission denied: /home/user/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable the server is located at /etc/apache2 the default place.
View 1 Replies
View Related
Apr 6, 2010
I have followed the tutorial from this site [URL]. I have changed this file /etc/apache2/sites-available/default and in this file I have changed AllowOverride None to AllowOverride All but still I get:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, webmaster@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. I have installed and reinstalled apache 2 time already.
View 8 Replies
View Related
Apr 29, 2010
I am not sure what happened, but my .htaccess file is no longer working for my 301 redirects. I did have a hard time getting it working a few weeks back (when I first set it up), unfortunately I did not document it well. Main question is for multiple sites getting redirected, do I want the additional sites listed as aliases? My original setup virtual host config listed seven additional hostnames as aliases.
I later had difficulty with google listing these secondary domains within search result and hurting my page rank. So I setup 301 redirects, and from memory, I had to leave the alias names for the .htacces 301 redirect to work. Now it won't work either way. Can anyone tell me if the aliases need to be in place? Do I need to setup individual vhost files and add an .htacces 301 for each? What is the preferred way to do this? I tried reloading apache2 but it did not help.
Permissions for .htacces:
Code:
-rwxr-xr-x 1 eric www-data 866 2010-04-14 12:06 .htaccess
Attaced is my .htaccess. It resides in the site root directory. Also attached is the virtual host config file.
httpd.conf
Code:
NameVirtualHost *
NameVirtualHost *:443
AddHandler cgi-script .pl
RewriteEngine On
I'm still not sure after hours of reading the various how-to's, what should the file permissions be for the .htaccess. I have not performed any updates during the period it was working till now.
View 2 Replies
View Related
Jul 12, 2010
I have an existing blog that I migrated to ubuntu server recently. The site was running fine until I transfered it over to ubuntu. I get a 404 error whenever I view pages that is not my index. I believe it has to do with my .htaccess file.
I have enclosed the .htaccess and my default file taken from sites-enabled.
.htaccess
Code:
#####################
#PREVENT viewing of .htaccess file
<Files .htaccess>
order allow,deny
[Code].....
View 9 Replies
View Related
Aug 10, 2010
How can I redirect my URL after a site move.I have phpBB forum software installed on a 10.04 server, and I recently moved the forums from mysite.com/forums/ to mysite.com/.
So, a thread that looked like
mysite.com/forums/viewtopic=...
now looks like
[code]...
View 2 Replies
View Related
Apr 11, 2010
I've managed to setup Ubuntu Server 9.10, and created folders/files toview/edit/execute with Windows and Mac.
Now here is my dilemma, this is for a home server, and I will have 4 users(1 for myself, one with "admin" rights, my fiance(mac user), media pc, and a "guest" account for the computer or 2 that are out in the public(they don't need access to my taxes ).
I'd like to have it so that on my laptop, I can access the whole server, but some files/folders would even need me to put in a password. I want to do this because my fiance gets delete happy and deletes things, so if she goes on my computer she won't delete important info. I'd like her to have access to music, photos, and videos, as well as her having her own folder that she can treat as her hard drive.
The question is, do I need to setup a domain for this, or can I get away with a workgroup?
View 2 Replies
View Related
Mar 25, 2011
I recently set up a machine with Ubuntu 10.4 LTS to help to replace an aging VAX mailserver that was the DMZ mailserver for the company I work for. I set up a default install of postfix (via apt-get) to function as a DMZ border device that routes between two internal mailservers based on subdomain aliasing via internal DNS.
The problem is that although I have installed no anti-spam or anti-virus options, mail sent to this machine from any outside source containing a password-protected zip file is being rejected with error:
552 Password protected zip file found inside of the email
At first I'd thought that possibly it was the sending mailserver issuing this error, but after further testing I found that no matter the source, any password protected zip file is immediately rejected. Being as we're in a HIPAA-sensitive environment, this has been relied upon as a backup for people to do one time encrypted file sends via email. The file in question is relatively small, and I do not have any quotas on, and the same test file sent two ways (one encrypted zip and one non-encrypted zip) caused the encrypted zip only to fail.
As stated before, I do not use any type of antivirus or antispam measures, no header or body checks have been put in place, and in the course of trying to troubleshoot this problem, have probably opened my server up more than is strictly wise. I really need to enable this feature as being unable to take encrypted zips puts the entire migration at risk.
View 1 Replies
View Related
Sep 29, 2010
We are trying to migrate from a centos server to ubuntu server, but we have some problems with an application called Topincs [url].
The installation is quite simple and I did it several time (but with ubuntu it's the first time).
Probably there are some parameters to set that I don't know, but even if the installation works fine and I can see the home page, the application doesn't work because RewriteRules aren't applied.
First I tried to ensure that mod_rewrite works fine and I found a weird situation: rewriterules work if they are in .htaccess but don't work if they are directly in http.conf.
View 4 Replies
View Related
Dec 16, 2010
Is anyone here fluent with the usage of the .htaccess file? Is it the way to go to deter search bots or is there a better method? Never mind. I already have a thread about .htaccess here.
View 1 Replies
View Related
Aug 22, 2011
I'm just having a small issue with Firefox 6 (Ubuntu 11.04, 32 bit).Whenever I save a file and try to open it by double clicking in theDownloads Windows, Firefox attempts to open it with Nautilus.I can't understand why, but now every time I'm forced to openthe containing folder and launch the file manually.It's not a big issue but I'd like to solve it
View 4 Replies
View Related
Jan 28, 2010
I have a folder /home/dryaf/Desktop/site and I want to copy its content to the folder ~/www/sitename in the remote server. How to do that ? also does the scp copy also hidden files likes .htaccess?
View 1 Replies
View Related
Mar 5, 2010
I have a remote VPS with 9.10 installed and would like to host some files on it. I'd like to be able to download the files from a browser using a login name and password.
View 2 Replies
View Related
Jun 10, 2010
Any idea how to log a user in without a password in GDM? I've found this archived thread but it doesn't appear to do anything when I tried what it says: [URL] I'm not looking for auto-login. I'd simply like one user to be able to click on his name and it will log in without prompting for a password.
View 3 Replies
View Related
May 8, 2010
Got latest version of ubuntu, installed skype and i keep logging in it keeps saying incorrect pw. than i made a new account and tried that, still incorrect pw?
View 1 Replies
View Related
Sep 11, 2010
How can I disable Options +FollowSymlinks in .htaccess files on an Apache web server?
View 3 Replies
View Related
Apr 23, 2011
I have a site hosted with a cheap hosting company and limited control of the site. I need to allow some other users all over the world to have write access to files or complete directories and I have no idea how to do that. Initially I thought I could use "chown" somehow but it looks like it's a no-go with ftp and others. By default, there is a .htaccess file and a .htpasswd file in the root directory of the site and the hosting company suggested to use .htaccess file with something like below:
[Code]....
and put it in a .htaccess file in the directory of user1 but the server does not like something since I inserted that file. Is it an error in the script or is there more to it than that? Can someone point me to a suitable tutorial or explain what to do?
View 5 Replies
View Related
