Ubuntu Servers :: HTTP Throttling - Limit Access To My Web-server

Apr 12, 2010

I'm thinking about some ways to limit access to my web-server. It runs Nginx and php in FCGI. The server contains a large amount of information. The data is freely available and no authentication is required but other companies might like to mirror it and use on their own servers.

The requests could be limited on different levels: IP, TCP, HTTP (by nginx) or by the php application. I found some solutions (like Nginx's limit_req_zone directive), but they do not solve the second part of the problem: there's no way to define a whitelist of clients who are allowed to use the data.

I thought about an intellectual firewall that would limit the requests on IP basis, but I'm yet to find such device. Another way was to hack some scripts that would parse the log file every minute and modify the iptables to ban suspicious IPs. It would take days and I doubt this system will survive, say, 1000 requests per second.

Perhaps, some HTTP proxy, like Squid, could do this?

View 2 Replies


ADVERTISEMENT

Ubuntu Servers :: Nagios On 10.04 Server Using Apt-get - HTTP WARNING: HTTP/1.1 404 Not Found

Aug 4, 2010

I installed Nagios on my Ubuntu 10.04 server using apt-get and when I accessed the web console, everything was OK. I made some changes to apache (creating some new virtual sites) and since then Nagios gives me a warning message for HTTP with the message, HTTP WARNING: HTTP/1.1 404 Not Found. The sites that I created are working perfectly. I noticed that the attemps are 4/4. Does this need to be reset or does Nagios automatically reset that once it detects the issue is resolved?

View 1 Replies View Related

Ubuntu Servers :: HTTP Response Into Apache Access Logs

Jul 6, 2011

I am new to web server support. I have a request from my management to modify the logging slightly. Effectively I need to redirect a custom string from our http response into the apache access logs. When a user navigates to our site they receive a "dye" number that is associated with them. This number follows them to whatever cluster they are directed too. The string is formatted as such, com-company-dye: d0a2#6dfce. I need that that header dye to appear in the access logs so we can use that dye number as a key for troubleshooting issues though out our various monitoring systems.

View 3 Replies View Related

Ubuntu Servers :: Install Jinzero - When Try To Access Index.php Get An Http Error 500

Oct 5, 2010

I am trying to install Jinzero a media server on my ubuntu server.

I already had apache2 installed and have installed php5 etc.

When I try to access index.php I get an http error 500 and when I check the logs of my apache2 it shows:

PHP Code:

View 1 Replies View Related

Fedora Servers :: HTTP Access - Browser Unable To Establish Connection

Apr 20, 2009

I need to install a program by using the address http://255.255.255.255. However, when I type this address in my browser, I get the following error: "Failed to connect. Firefox can't establish a connection to the server at 255.255.255.255. Though the site seems valid, the browser was unable to establish a connection." Is there an easy way to put this site into the air?

View 3 Replies View Related

Fedora Servers :: Cannot Start Apache - No Read / Write Access To HTTP Files

Jan 14, 2009

I am trying to setup my webserver and I am trying to make a website to run under suexec but somehow I cannot start my apache it directly fails and SELinux is giving me errors and don't really know what to do with it, it is giving me some command to type but not sure if this will make my server less secure. The SELinux error is as follow:

Code:
Summary:
SELinux prevented httpd reading and writing access to http files.

Detailed Description:
SELinux prevented httpd reading and writing access to http files. Ordinarily httpd is allowed full access to all files labeled with http file context. This machine has a tightened security policy with the httpd_unified turned off, this requires explicit labeling of all files. If a file is a cgi script it needs to be labeled with httpd_TYPE_script_exec_t in order to be executed. If it is read-only content, it needs to be labeled httpd_TYPE_content_t, it is writable content. it needs to be labeled httpd_TYPE_script_rw_t or httpd_TYPE_script_ra_t. You can use the chcon command to change these contexts. Please refer to the man page "man httpd_selinux" or FAQ [URL] "TYPE" refers to one of "sys", "user" or "staff" or potentially other script types.

Allowing Access:
Changing the "httpd_unified" boolean to true will allow this access: "setsebool
-P httpd_unified=1"

Fix Command:
setsebool -P httpd_unified=1

I will write down how I did setup my server so maybe you can see a mistake I did. First I changed my Apache httpd.conf I added the following to it:
Code:
NameVirtualHost 192.168.1.2:80
<VirtualHost 192.168.1.2:80>
ServerName localhost
DocumentRoot /var/www/html
DirectoryIndex index.html index.html index.shtml index.php
</VirtualHost>

<VirtualHost 192.168.1.2:80>
SuexecUserGroup ulyaoth ulyaoth
ServerAdmin webmaster@ulyaoth.org
ServerName test.ulyaoth.org
DocumentRoot /var/www/ulyaoth/www/html
ErrorLog /var/www/ulyaoth/logs/error_log
CustomLog /var/www/ulyaoth/logs/access_log common
DirectoryIndex index.html index.htm index.shtml index.php
ScriptAlias /cgi-bin/ /var/www/ulyaoth/www/cgi-bin/
<Directory /var/www/ulyaoth/www/cgi-bin/>
AllowOverride none
Order allow,deny
Allow from all
Options +execCGI
AddHandler cgi-script .cgi .pl
</Directory>
</VirtualHost>

Then I created the username "ulyaoth" with the group "ulyaoth" as I specified with my suexec, then I created all the directories as specified in my httpd.conf and "chown ulyaoth:ulyaoth (dirname)" them to the right group and username.

View 10 Replies View Related

CentOS 5 Server :: User Limit Access To One Folder

Mar 24, 2011

for create an user I put:

useradd username
passwd username

View 4 Replies View Related

Ubuntu Servers :: Limit The Number Of Concurrent Clients In Ssh Server?

Feb 1, 2011

I am using ssh server to connect to my Ubuntu desktop. I opened the file sshd_config and change my port number of the server.I want to put a limit on the number of clients in the ssh server.

View 2 Replies View Related

Ubuntu Servers :: 9.10-server-i386 ISO Seems To Be Corrupted On HTTP?

Feb 3, 2010

I'd like to report an issue I've had with Ubuntu server ISO. I downloaded ubuntu-9.10-server-i386.iso by HTTP on ubuntu's website and burned it on a CD. It doesn't work well. I got an error in udevadm sys/devices/pci0000 etc. it was a problem with the hardware, but it seems that it's the ISO that is corrupted. I checked the MD5 checksum and it's not good. Then I download the same ISO a second time (by HTTP) and same problem.

So it seems to me that the ubuntu-9.10-server-i386.iso that we can download by HTTP is not the same as the torrent one. Maybe I'm wrong. Anyway, if I'm right I hope this information will be useful for administrators.

View 1 Replies View Related

Security :: Iptables - Limit Access To Port 8443 On Server To 2 Specific IP Addresses

Dec 23, 2010

I'm trying to limit access to port 8443 on our server to 2 specific IP addresses. For some reason, access is still being allowed even though I drop all packets that aren't from the named IP addresses. The default policy is ACCEPT on the INPUT chain and this is how we want to keep it for various reasons I wont get into here. Here's the output from iptables -vnL

[Code]...

Note the actual IP we are using is masked here with 123.123.123.123. Until I can get everything working properly, we're only allowing access from 1 IP instead of 2. We can add the other one once it all works right. I haven't worked with iptables very much. So I'm quite confused about why packets matching the DROP criteria are still being allowed.

View 10 Replies View Related

Security :: Limit Incoming HTTP Bandwidth Usage With IPtables

Apr 5, 2011

Can I, with only the use of IPTABLES, limit the incoming bandwith for a protocol? We have for example servers that have a FTP and HTTP server running and whenever HTTP has a lot of connections open, the other uploads/downloads get a timeout. I know I can limit the number of connections but prefer to limit on protocol level. Is this possible using IPTABLES and if so, can someone indicate how to proceed or provide a link? If it's not possible can someone point me to the right tool for the job?

View 6 Replies View Related

Ubuntu Servers :: Make Server Listen At Different Port For HTTP?

Apr 6, 2010

How can I set my server to listen at a different port for http access. I would like to use port 8080 (to circumnavigate isp blocks). Also can I do the same thing for sftp connections?

View 3 Replies View Related

Ubuntu Servers :: Iptables To Rate-limit Brute Force Attacks On SSH Server?

Sep 30, 2010

I have a SSH server set up at home listening on port 22. I have hardened the server so it is pretty secure but I want to make it even safer by editing my iptables to rate-limit incoming connections and DROP false login attempts. I have tried these tutorials but I just cant get it to work:[URL]I want the debian-administration.org tutorial to work but when I try to add the first rule in terminal:sudo iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --setI get the following:Bad argument --set'I am new to iptables and I'm not sure if I'm doing something wrong when I try to set it up. I'm using Ubuntu 10.04.1 LTS with iptables v1.4.4.

View 6 Replies View Related

Server :: Limit The Suphp User Memory Limit?

May 12, 2010

I have a VPS server with 512 MB memory. The php.ini is set so script memory limit = 16 MB. However, I have noticed in my top report, instances like the following:

Quote:

5484 coldclim 25 0 46476 32m 5920 R 0.0 6.4 0:00.93 php

The bold number of 6.4 is the % of sever memory this process is using. 6.4 % of 512 MB of memory is about 32 MB of memory, so it appears that this isn't being limited by php.ini. Am I correct? This leads to the next question: Is there some way to limit the amount of memory a single suphp process can use? (Basically, something like the setting in php.ini which limits suphp processes in the same way.)

View 2 Replies View Related

General :: Bandwidth Throttling In Squid Server?

Apr 23, 2011

How to do bandwidth throttling in Squid server? i wan to set particular bandwidth for particular ip, how to do it in Squid server?

View 1 Replies View Related

Ubuntu Servers :: Access Remote Servers Via Terminal Server Client And Xserver?

May 10, 2010

i found this video, and i really want to do the same. *newbie needs to learn [URL]...my question is, what need to be installed and how?

is there any specific configuration to make it works?

and will it work if i want to connect from Ubuntu to Fedora ?

View 1 Replies View Related

Fedora Servers :: Can't Edit HTTP Server Configuration In Fedora 13

Aug 12, 2010

I am trying to edit my http configuration (menu System -> Administration -> Server Settings -> HTTP) and it seems to be impossible. My Server Name comes up empty and I want to change the default Webmaster email address root@localhost to something else, but I can't change anything. I enter mu new server name and e-mail address, but when I click on the OK button I get a popup box which asks me if I want to save and exit. I click on the Yes button, and the box disappears. HTTP Server configuration does not exit and my changes are not saved.

View 3 Replies View Related

Ubuntu :: Cannot Access Http Sites?

Aug 2, 2011

How do I get rid of my wubi partition since Ubuntu doesn't work on a Vista laptop. Sorry, it was a gift for Christmas. I never realized Ubuntu was so defective.I am running Windows Vista 32 bit with 3 gigs of ram and one partition from the factory (HP).

View 1 Replies View Related

Debian :: Best Way To Limit Access To NTFS

Jan 25, 2011

I managed to auto-mount NTFS partitions in my server.

But I want to limit access to this partition to a select few.

What's the best way, easiest way to do this.

View 3 Replies View Related

Ubuntu :: Is TightVNC Enable HTTP Access In 9.04?

May 24, 2010

Is TightVNC enable HTTP access inUbuntu 9.04?I use sudo apt-get install tightvncserver in the terminate and I can use VncViewer to view the ubuntu, but i cann't use webbrowser to view the utuntu.How can I access ubuntu in other pc with webbrowser?

View 7 Replies View Related

Ubuntu Networking :: Unable To Access Http://192.168.1.1 In Firefox 3.6.18?

Aug 2, 2011

In ubuntu 10.04 LTS I am currently unable to access the location http://192.168.1.1 I have accessed it earlier. This is necessary for modem configuration. I am at a loss why this is inaccessible at present. Can anybody please advise what to do? I am configuring firewall but I doubt if that has anything to do with my problem. Or in case this may be due to faulty firewall configuration, please indicate denial of possible service/program which may cause this. Also ping 192.168.1.1 reports 100% packet loss.

View 8 Replies View Related

Ubuntu Servers :: Access Mysql Within Same Server

Jul 15, 2010

When you access mysql within the same Apache server (same ip address) via php, do you need to GRANT user ip in order to login to mysql?

Where are the log files for php, mysql etc?

View 4 Replies View Related

Ubuntu Servers :: Access To Web Server Files ?

Jul 24, 2011

I'm new to Linux and have taken over at a company where the linux admin walked out. he has several older linux based servers running version 8.1 i tried running the command sudo apt-get install swat xinetd to setup swat but i get an error that it can't find the package. in addition, this directory xinetd is no where to be found under the etc directory. i've verified that samba is in fact installed on these servers but for some reason the xinetd and inetd directories are not on these servers.

Could it be possible that this older version of linux does not support Swat? i'm considering upgrading very soon to the latest but my main problem right now is i need to copy all web server html files that he had on the web Server i know there are different ways to copy files from linux systems but need the best way to copy all the files so none of the website links get broke off this linux server over to my windows server.

Since i don't have access to anything of the directories nor files on the web server, what is the best way to copy these files and folders off this server?

View 7 Replies View Related

General :: Limit Root Access To User Account?

Jun 24, 2010

I am a user of a cluster. I don't want root to see/copy files from my user account(obviously). Is that possible to limit the access of root to users account?

View 14 Replies View Related

Security :: Limit Sudo Access - No Password Prompt

Feb 17, 2011

I have been reading guides for a while now and so far have not found an exact solution to my problem.

I want a linux user (dave) to be able to switch to another account (patrol) without a password prompt, but dave must still be denied access to root. Patrol must also be denied root access.

In the sudoers file

Code:
User_Alias Patrol=dave,john
root ALL=(ALL) ALL
Patrol ALL=(patrol) NOPSSWD: ALL

[Code].....

View 6 Replies View Related

Ubuntu Installation :: Create .php Pages So Can Access Them Using Http://localhost

Jun 16, 2011

I already installed apache 2 & php 5 .. but I don't know where I create .php pages so I can access them using http://localhost

View 4 Replies View Related

Ubuntu Servers :: Internet Access Via Proxy Server ?

Apr 28, 2010

Ubuntu lts server distro using on remote machine. i have remote site where internet access given via squid proxy. so when we enter in browser it start working internet fine. but on command line(bash shell prompt terminal) like wget,ping,nslookup,traceroute etc these commands does not work.

View 3 Replies View Related

Ubuntu Servers :: Connected To Openvpn Server But No Access

Jun 2, 2010

i have setup Open VPN on Ubuntu 9.04, generated the key and have it running successfully on the server end. I download the open vpn client for windows, copied over the key ca and cert file and connected to the erver. All went well and the open vpn gui said its connected to the server (green comp icon in taskbar) and it said in a ballon it assigned me an ip of 10.8.0.6 it all looks good... BUT i have no vpn access... The virtual adapted in windows is not able to pull an actual IP/gateway and such...

[Code]...

View 7 Replies View Related

Ubuntu Servers :: OpenVPN - Script Up/down - Access Server

Feb 24, 2011

I have a few issues after setting up Openvpn. At work i just setup a new Ubuntu Server 10.4. The server itself is working Great. I ended up getting Openvpn installed and working to a point. I have searched online and done as much reading as i could find but i keep running into the problem of not understanding. So here is the problem.

The server is set on a static IP address. At first i tried to have the config file listen on a virtual ip address i setup up in /etc/network/interface but that ended up not working so i set it to its specific ip address. I kept running into the error about script security while trying to start Openvpn. I tried to add into the config file "script-security 2" that way the up.sh and down.sh scripts were allowed to be run. That didn't help and then i kept trying to run Openvpn manually running the command

Quote:

And i kept getting a message

Quote:

So what i did was just comment out the "up" and "down" scripts in the config file. This allowed me to actually get Openvpn started on the server. So once this was done i connected form a client machine and was given an ip address like i should. The only issue is that i was not able to actually comunicate with the server. I have a samba share on there to allow me to copy files back and forth but an not able to actually communicate with the server at all. I should note that this is a web server that i can view from the outside. (actually get to the webpage) but i tried to access the website and share via the Openvpn gateway. I also tried to access the website portion using the hostname with no luck.

By the way, prior to putting the server on its separate network i was able to access the webpage and the samba share using both the ip address and the hostname.

View 1 Replies View Related

Ubuntu Servers :: Can't Access Ftp Server - Continues Asking For Password?

Jun 15, 2011

I'm using vsftpd to setup an ftp server, but whenever i attempt to connect, it asks me for a user name ( which i enter and it accepts) but it then asks for a password, which i am clueless as to what it is. I'm certain that i havent specified a password in any config file. Is there a default password i should know about?

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved