[SCRIPT] Install mod_security with OWASP ruleset and GeoIP2 NGINX modules with script.

Because I don’t own NGINX plus, I must build mod_security and geoip2 modules manually each time I set up a new server with NGINX. It’s good practice to have both installed, as it can increase security of your web application significantly. I was getting tired of building every time, so I created a script which will do that for you. This script is build for Rocky Linux 8, so it should work on CentOS 8 (Stream), AlmaLInux …

This script will auto-detect your NGINX version and will download source, build extensions and install ModSecurity also. It will also install necessary dependencies which are needed for install.  If you encounter errors, please check for errors on which library you need. It will also install OWASP ruleset for mod_security and configure your NGINX accordingly. Path to extensions will be inserted in your NGINX configuration by script.

You should install and configure geoipupdate and add geoip definitions in your nginx configuration.

I hope this helps you and saves you some time. Feel free to modify and customize the script according to your needs.

Here is the script: build nginx modules script

Get SSL certificate expiry date quickly and easily with ckcrt script

SSL certificates are daily routine of my work, so there was regular practice to check expiry date of live certificate through Chrome browser -> Developer tools. It is quite time-consuming and annoying work if you have to repeat it. So I made this very simple bash script with which you can check expiry date and some other certificate information quickly, from your terminal. This will work on osx or linux machines. Of corse, you must have OpenSSL installed on your machine in order to use this script.

Continue Reading

Icinga/Nagios plugin for http brute force detection

When dealing with web servers where there are a lot of web sites, especially WordPresses, Joomlas etc., it is very common problem to dealing with flood/brute force attacks. One of most common for example, is generating massive requests on wp-login.php, or xmlrpc.php. With brute force, attackers goal is usually gaining access to administration. This is the simplest kind of method to gain access. Idea is very simple, attacker tries with a lot of different passwords and usernames, until it gets it right. Those operations of course, are automated by bots, scripts.

This can be very damaging for your server as it consumes a lot of memory. Every request means that someone just visited your website. When there is a script with bad intentions visiting your site, that means a lot of requests. Most modern web pages, every request like this, also makes database query. In most cases, server will become unresponsive, system will run out of memory, swap will fill up, mysql will stop responding.. This also means, that all websites on your server will stop working. In many cases, you’ll have to reboot your server to make it responsive again. Of course, there are systems that don’t allow this, like Cloud Linux with its LVE. One of great practices is to lock your administration to some static IP. There different ways.

Continue Reading

Scan your cPanel/Directadmin for excessive files

When dealing with cPanel/Directadmin that contains a lot of users, you need some control of what those users are uploading. Web hosting accounts should be used just for that, hosting websites, and not as data storage – in most cases. Sometimes you even offer packets with unlimited disk capacity but you don’t want that users are storing movies and all kind of other unnecessary files that don’t belong on web hosting account. From web hosting perspective, in most cases, any single file that exceeds 100M is usually not part of website and is just laying there, wasting your precious disk space. In cases like this, account is used as backup service. You’ll be able to find all kind of files. Movies, music, applications, archives …

So you may want to have some reports on regular basis that gives you list of all files that exceed some maximum allowed file size limit – defined by you. Personaly, I scan on interval of 7 days for all files that exceed size of 300M. I created a simple script that will do just that. It will check your /home directory for all files that exceed size that you defined. At the end, report will be sent to your email. You can also scan other directory beside /home if you wish.

Continue Reading

Generate NGINX virtual hosts script

I created simple script for creating NGINX virtual hosts so that you don’t have to do it manualy for every new website. Script was created for Linux – CentOS 7 – operating system but it should work on other distributions too. It is written in bash. You will also need wget and tar installed for script to work – wordpress install option.

What it does is pretty straightforward. On input side it will ask you for domain name, SSL option and WordPress installation. You can choose between http and https virtual host definition. By default it will create document root for your domain and NGINX configuration file for that domain. If you choose option for WordPress installation, then it will also download latest wordpress version and unpack files to your newly created document root. You’ll still need to create database manually and finish WordPress installation. This script is suitable for basic NGINX website configurations

Just download script here and template files. Put script createsite to your /usr/sbin/ directory and make it executable. Of corse you can change virtual host templates according to your needs too.

Continue Reading

Mass email migration with imapsync

You may want to migrate larger number of email accounts to another server. If there are even different types of mail servers, than imapsync is one of the best solutions for migration. With script below, you’ll be able to migrate multi accounts without repeating and running imapsync again and again.

Here is the script. Just create file, e.g. mail-migration.sh, and paste code below in it.

#!/bin/bash

# Source and destination mail server setting
SERVER1=post.literal.si
SERVER2=cp2.hosterdam.com

# Select appropriate auth mechanism.
#AUTHMECH1="--authmech1 LOGIN"
#AUTHMECH2="--authmech2 LOGIN"

# Uncomment if you want to start test/dryrun only. No emails will be transfered!
#TESTONLY="--dry"

# Path to imapsync
imapsync=/usr/bin/imapsync

# Users file
if [ -z "$1" ]
then
echo "No users text file given." 
exit
fi

if [ ! -f "$1" ]
then
echo "Given users text file \"$1\" does not exist" 
exit
fi

# start loop
{ while IFS=';' read  u1 p1 u2 p2; do
	$imapsync ${TESTONLY} ${AUTHMECH1} --host1 ${SERVER1} --user1 "$u1" --password1 "$p1" ${AUTHMECH2} --host2 ${SERVER2} --user2 "$u2" --password2 "$p2"
done ; } < $1

Don’t forget to chmod your script so that will be executable.

chmod +x mail-migration.sh

Now you’ll have to create a simple text file that will contain login informations for each email account that you want to transfer. Create text file, for example, mail-users.txt and add login informations like shown bellow. Login informations must be separated with ;. username1 is username on old server, username2 is username on new server.

username1@domain.com;password1;username2;password2
anotheruser1@domain.com;password1;anotheruser2@domain.com;password2
.
.
.

Finaly, lets transfer emails. Simply run your script like shown below. Use text file with login informations that you created. Imapsync will try to transfer all accounts that are in mail-users.txt.

root@myserver [~]# ./migrate-mail.sh mail-users.txt

© 2024 geegkytuts.net
Hosted by SIEL


About author