public marks

PUBLIC MARKS from camel with tags linux & web

October 2008

Preventing MySQL Injection Attacks With GreenSQL On Debian Etch | HowtoForge - Linux Howtos and Tutorials

by 1 other
GreenSQL (or greensql-fw) is a firewall for MySQL databases that filters SQL injection attacks. It works as a reverse proxy, i.e., it takes the SQL queries, checks them, passes them on to the MySQL database and delivers back the result from the MySQL database. It comes with a web interface (called greensql-console) so that you can manage GreenSQL through a web browser. This guide shows how you can install GreenSQL and its web interface on a Debian Etch server.

Tentakel to execute commands on multiple Linux or UNIX Servers

Many times, you want to execute a command not only on one server, but also on several servers. For example, find out * Version of kernel * Version of Apache web server * Update static html or images files on all web servers via rsync * Find out user information, server information, memory usage etc * Security/patch checking tentakel I have already covered how to execute commands on multiple Linux or UNIX servers via shell script. The disadvantage of script is commands do not run in parallel on all servers. However, several tools exist to automate this procedure in parallel. With the help of tool called tentakel, you run distributed command execution. It is a program for executing the same command on many hosts in parallel using ssh (it supports other methods too). Main advantage is you can create several sets of servers according requirements. For example webserver group, mail server group, home servers group etc. The command is executed in parallel on all servers in this group (time saving). By default, every result is printed to stdout (screen). The output format can be defined for each group.

September 2008

CrossOver Chromium

by 3 others (via)
CrossOver Chromium is a Mac and Linux port of the open source Chromium web browser. CrossOver Chromium is available for download from CodeWeavers, free of charge.

August 2008

Running Vhosts Under Separate UIDs/GIDs With Apache2 mpm-peruser On Debian Etch | HowtoForge - Linux Howtos and Tutorials

by 1 other (via)
This article explains how you can install and configure apache2-mpm-peruser on a Debian Etch server. apache2-mpm-peruser is an MPM (Multi-Processing Module) for the Apache 2 web server, very similar to apache2-mpm-itk, but faster (almost as fast as apache2-mpm-prefork). mpm-peruser allows you to run each of your vhosts under a separate UID and GID - in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts. It is based on metuxmpm, a working implementation of the perchild MPM. The result is a sane and secure web server environment for your users, without kludges like PHP's safe_mode.

Installing ModSecurity2 On Debian Etch | HowtoForge - Linux Howtos and Tutorials

by 2 others
This article shows how to install and configure ModSecurity (version 2) for use with Apache2 on a Debian Etch system. ModSecurity is an Apache module that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

About Opsview | opsview.org

by 1 other
Opsview is enterprise network and application monitoring software designed for scalability, flexibility and ease of use. Opsview has been in development since 2003 and is released under the GNU GPL license. Current version is 2.12. Opsview is a fully integrated monitoring tool that incorporates popular Open Source software including Nagios, Net-SNMP and RRDtool. The Catalyst web framework provides an extensible monitoring and configuration user interface. Opsview software is supported on Linux (Debian, CentOS, RHEL and Ubuntu) and Solaris 10. It will monitor all common operating systems including Windows. Opsview extends the capabilities of Nagios in the following ways: * Distributed monitoring with high availability and fail-over * Much improved SNMP support with trap processing with rules engine * API supporting automation of Opsview configuration * Data warehouse for storage of historical performance and event data * Opsview Reports customisable reporting * Powerful configuration and management UI * Extended monitoring UI * Extensible architecture based on Catalyst Web Framework and Altinity middleware software

June 2008

How To Set Up A Loadbalanced High-Availability Apache Cluster Based On Ubuntu 8.04 LTS | HowtoForge - Linux Howtos and Tutorials

This tutorial shows how to set up a two-node Apache web server cluster that provides high-availability. In front of the Apache cluster we create a load balancer that splits up incoming requests between the two Apache nodes. Because we do not want the load balancer to become another "Single Point Of Failure", we must provide high-availability for the load balancer, too. Therefore our load balancer will in fact consist out of two load balancer nodes that monitor each other using heartbeat, and if one load balancer fails, the other takes over silently.

April 2008

How To Set Up A Debian Linux WebCam Server Using a USB Web Cam

by 1 other
First and foremost, be prepared to have some patience when trying to get a USB cam to work under Linux. In trying to get mine to work, I searched many a newsgroup thread only to find there was only one message in the thread, the original question stating the problem. i.e. no one had an answer for the person who posted the question so you may be on your own trying to get your cam to work. Often times the same camera model will use different drivers for different sub-models (ex: not all QuickCam Express sub-models use the same driver). However, my trials and tribulations were a good learning experience and I'll share what I learned here to hopefully make your setup easier.

March 2008

Set Up Gateway Level Virus Security With ClamAV And SafeSquid Proxy | HowtoForge - Linux Howtos and Tutorials

In this HowTo, I will explain how you can secure your network from virus and other malware, by installing ClamAV and integrating it with SafeSquid, to scan all in-coming content for virus, and block all infected content at the HTTP Gateway, even before it enters your network. Virus Security In SafeSquid SafeSquid has built-in connectivity to various daemon based anti virus software like ClamAV, Sophos, Avast, F-Prot, NOD32 and Kaspersky. It also has a universal ICAP (Internet Content Adaptation Protocol) client that can be used to connect to ICAP based security software like Dr.Web ICAP, Kaspersky Antivirus for Proxy Server, Trend Micro InterScan Web Security and Symantec Scan Engine. You can even use multiple anti virus software with SafeSquid to simultaneously scan in-coming content. This does not cause any significant latency, since SafeSquid has a multi-threaded architecture.

HAVP – HTTP Antivirus Proxy » UNIX Garden

Dans cet article, nous allons étudier la mise en place d’un proxy http antivirus : HAVP (http://www.server-side.de). Chacune des pages web demandées par un client est analysée par un antivirus. L’antivirus peut être au choix Clamav, F-prot ou Kaspersky. De plus, HAVP sait parfaitement travailler avec Squid au cas où vous souhaiteriez continuer de l’utiliser. Nous verrons premièrement comment installer l’antivirus utilisé par HAVP. Deuxièmement, comment installer HAVP et les modifications à effectuer pour le faire fonctionner. Enfin, nous verrons des exemples de configuration d’HAVP : * Seul ; * Seul en proxy transparent ; * Et les deux moyens différents de l’utiliser conjointement avec Squid.

February 2008

Manage Apache Download Speed And Traffic Limits With mod_cband | HowtoForge - Linux Howtos and Tutorials

by 2 others
In this tutorial I will describe how to install and configure mod_cband on an Apache2 web server. mod_cband is an Apache 2 module which provides bandwidth quota and throttling. It solves the problem of limiting users' and virtualhosts' bandwidth usage. The current version can set virtualhosts' and users' bandwidth quotas, maximal download speed, requests-per-second speed and the maximal number of simultanous IP connections.

Setting Up A High-Availability Load Balancer (With Failover and Session Support) With HAProxy/Heartbeat On Debian Etch | HowtoForge - Linux Howtos and Tutorials

by 1 other
This article explains how to set up a two-node load balancer in an active/passive configuration with HAProxy and heartbeat on Debian Etch. The load balancer sits between the user and two (or more) backend Apache web servers that hold the same content. Not only does the load balancer distribute the requests to the two backend Apache servers, it also checks the health of the backend servers. If one of them is down, all requests will automatically be redirected to the remaining backend server. In addition to that, the two load balancer nodes monitor each other using heartbeat, and if the master fails, the slave becomes the master, which means the users will not notice any disruption of the service. HAProxy is session-aware, which means you can use it with any web application that makes use of sessions (such as forums, shopping carts, etc.). From the HAProxy web site: "HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing. Supporting tens of thousands of connections is clearly realistic with todays hardware. Its mode of operation makes its integration into existing architectures very easy and riskless, while still offering the possibility not to expose fragile web servers to the Net."

Installing Lighttpd With PHP5 And MySQL Support On Debian Etch | HowtoForge - Linux Howtos and Tutorials

by 1 other
Lighttpd is a secure, fast, standards-compliant web server designed for speed-critical environments. This tutorial shows how you can install Lighttpd on a Debian Etch server with PHP5 support (through FastCGI) and MySQL support.

December 2007

Linux install and configure pound reverse proxy for Apache http / https web server

Pound is a reverse-proxy load balancing server. It accepts requests from HTTP / HTTPS clients and distributes them to one or more Web servers. The HTTPS requests are decrypted and passed to the back-ends as plain HTTP. It will act as: a) Server load balancer b) Reverse proxy server c) Apache reverse proxy etc d) It can detects when a backend server fails or recovers, and bases its load balancing decisions on this information: if a backend server fails, it will not receive requests until it recovers e) It can decrypts https requests to http ones f) Rejects incorrect requests h) It can be used in a chroot environment (security feature)

November 2007

Installation et utilisation de Prism sous Linux - Tux-planet

Prism, anciennement appelé webrunner, est un petit navigateur mono-site dépourvu de toutes interfaces (pas de menus, pas de boutons, ...) le rendant ainsi ultra-rapide. Cet article explique comment l'installer et l'utiliser sur un système d'exploitation Linux. Le but principal de ce logiciel est donc de permettre à l'utilisateur d'accéder facilement et rapidement à des applications en ligne, qu'il consulte très régulièrement (webmail, lecteur de flux RSS ...). On se retrouve ainsi avec un programme qui réunit le meilleur des deux mondes : les applications desktop locales et les applications web en ligne.

Setting Up A High-Availability Load Balancer (With Failover and Session Support) With Pound/Keepalived On Debian Etch | HowtoForge - Linux Howtos and Tutorials

This article explains how to set up a two-node load balancer in an active/passive configuration with Pound and keepalived on Debian Etch. The load balancer sits between the user and two (or more) backend Apache web servers that hold the same content. Not only does the load balancer distribute the requests to the two backend Apache servers, it also checks the health of the backend servers. If one of them is down, all requests will automatically be redirected to the remaining backend server. In addition to that, the two load balancer nodes monitor each other using keepalived, and if the master fails, the slave becomes the master, which means the users will not notice any disruption of the service. Pound is session-aware, which means you can use it with any web application that makes use of sessions (such as forums, shopping carts, etc.).

October 2007

Setting Up A High-Availability Load Balancer (With Failover and Session Support) With HAProxy/Keepalived On Debian Etch | HowtoForge - Linux Howtos and Tutorials

This article explains how to set up a two-node load balancer in an active/passive configuration with HAProxy and keepalived on Debian Etch. The load balancer sits between the user and two (or more) backend Apache web servers that hold the same content. Not only does the load balancer distribute the requests to the two backend Apache servers, it also checks the health of the backend servers. If one of them is down, all requests will automatically be redirected to the remaining backend server. In addition to that, the two load balancer nodes monitor each other using keepalived, and if the master fails, the slave becomes the master, which means the users will not notice any disruption of the service. HAProxy is session-aware, which means you can use it with any web application that makes use of sessions (such as forums, shopping carts, etc.).

Enhanced Logging With rsyslog On Debian Etch And phpLogcon For Viewing | HowtoForge - Linux Howtos and Tutorials

Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MySQL, syslog/tcp, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is quite compatible to stock sysklogd and can be used as a drop-in replacement. Its advanced features make it suitable for enterprise-class, encryption protected syslog relay chains while at the same time being very easy to setup for the novice user. An optional web interface - phpLogCon - can be used to visualize all data online."

September 2007

Monitoring Network Latency With Smokeping (Debian Etch) | HowtoForge - Linux Howtos and Tutorials

This guide shows how to install and configure Smokeping on Debian Etch to monitor network latency. From the Smokeping web site: "SmokePing is a deluxe latency measurement tool. It can measure, store and display latency, latency distribution and packet loss. SmokePing uses RRDtool to maintain a longterm data-store and to draw pretty graphs, giving up to the minute information on the state of each network connection."

July 2007

How-To: Monitor your servers with SNMP and Cacti

by 1 other
SNMP (Simple Network Management Protocol) is a protocol for managing networks. Each managed entity in the network will run an snmp server (snmpd) which is going to collect datas from the server such as networking, load, cpu ... Cacti on the other hand is a frontend to the RRDTool with SNMP support. It collects and keep data in a MySQL database and display them through a PHP web frontend.

June 2007

Apache Web Server Speed Configuration Hacks

by 1 other
Apache server performance can be improved by adding additional hardware resources such as RAM, faster CPU, etc. But most of the time, the same result can be achieved by custom configuration of the server. This article looks into getting maximum performance out of Apache with the existing hardware resources, specifically on Linux systems. Of course, it is assumed that there is enough hardware resources - especially enough RAM that the server isn’t swapping frequently. First two sections look into various Compile-Time and Run-Time configuration options. The Run-Time section assumes that Apache is compiled with prefork MPM. HTTP compression and caching is discussed next. Finally, using separate servers for serving static and dynamic contents is covered. Basic knowledge of compiling and configuring Apache and Linux are assumed.

Tuning LAMP systems, Part 2: Optimizing Apache and PHP

Applications using the LAMP (Linux®, Apache, MySQL, PHP/Perl) architecture are constantly being developed and deployed. But often the server administrator has little control over the application itself because it's written by someone else. This series of three articles discusses many of the server configuration items that can make or break an application's performance. This second article focuses on steps you can take to optimize Apache and PHP. Linux, Apache, MySQL, and PHP (or Perl) form the basis of the LAMP architecture for Web applications. Many open source packages based on LAMP components are available to solve a variety of problems. As the load on an application increases, the bottlenecks in the underlying infrastructure become more apparent in the form of slow response to user requests. The previous article showed you how to tune the Linux system and covered the basics of LAMP and performance measurement. This article focuses on the Web server components, Apache and PHP.

April 2007

The Perfect Setup - Debian Etch (Debian 4.0) | HowtoForge - Linux Howtos and Tutorials

This tutorial shows how to set up a Debian Etch (Debian 4.0) based server that offers all services needed by ISPs and hosters: Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Courier POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of Debian Etch, but should apply to the 64-bit version with very little modifications as well.

January 2007

camel's TAGS related to tag linux

admin +   apache +   apache2 +   application +   applications +   backup +   bash +   cache +   cacti +   cluster +   configuration +   control +   conversion +   convert +   cron +   database +   debian +   dns +   email +   environment +   extension +   firewall +   format +   framework +   free +   ftp +   gestion +   google +   guide +   hosting +   howto +   html +   http +   images +   install +   interface +   iscsi +   lighttpd +   live-cd +   log +   logiciel +   lvm +   mail +   management +   media center +   migration +   monitoring +   mysql +   nagios +   network +   office +   openoffice +   pdf +   performance +   php +   php5 +   postfix +   proxy +   qmail +   remote +   replication +   reseau +   rsync +   screen +   screencast +   script +   secure +   security +   sed +   server +   serveur +   setup +   share +   shell +   site +   softs +   software +   spam +   split +   ssh +   subversion +   sysadmin +   system +   tail +   tips +   tools +   tutorial +   tutoriel +   ubuntu +   usb +   video +   virtualisation +   vmware +   vpn +   vserver +   web +   webcam +   wiki +   windows +   xen +