This guide will explain how to chroot an SSH user.
This is NOT a guide on how to jail/chroot an sFTP user, but allow the user to ssh into the device with restricted access and restricted commands.
Quick Links:
Directory Structure
SSH config
User Creation
Shell Access
Command Access
I am going to create a chrooted SSH user in a method that is scalable.
What is an xmlrpc attack? xmlrpc.php can use system.multicall – this can be used to execute multiple methods inside a single request. This allows applications to pass multiple commands with one http request, meaning that potential bots and hackers can use the system.multicall method to guess 100’s or 1000’s of passwords with a single http request. […]
Sometimes you may need to convert your mysql table engines. One of the most common reason to convert tables to InnoDB is for better reliability and scalability Quick Links: Viewing Table Engines Viewing Active Engines Alter Table Command Viewing Current Table Engines To view your current mysql engines use the following command: SELECT TABLE_NAME, ENGINE […]
APC is used for php caching. There are two main ways you can install APC. This guide will show you how to do both eventually. To start off I will show you how to install using Pecl. Pecl installs the latest version of APC. This install should normally be fine however sometimes it may not […]
This guide will go through secure FTP (sFTP) which uses the ssh port 22. sFTP is more secure than FTP as it encrypts data. This guide will explain how to jail a user so that they have no way to break out of their home directory. You are then able to mount a location to their […]
This guide will go through installing and configuring vsFTPd on CentOS. The guide will also cover chrooting users. Quick Links: Installing vsFTPd Configuring vsftpd.conf Configuring vsftpd chroot Firewall rules Adding a new user Modifying a user Creating an FTP group Upload Permissions
Memcache(d) is a object caching system that stores data in RAM to reduce the number of times something has to be read. It is generally used to speed up dynamic database-driven websites. Quick Links: Memcache repo CentOS Installing memcache Installing memcache php module Php.ini configuration Memcache Commands
Perconadb Quick Links: Adding Perconadb Repo Installing Percona db 5.5/5.1 Securing db configuration Creating .my.cnf
If you have a server behind a loadbalancer then your web servers access logs may not log the correct IP address, they may log localhost or the ipaddress of the load balancer. Some hosting companies such as Rackspace have their LoadBalancer add a specific header called X-Forwarded-For headers. You can make a few changes to […]
Varnish is a reverse caching proxy. It is used to reduce the load on a server when the same website is being repeatedly requested. This guide is for CentOS. Quick Introduction to varnish: