Author Archives: dandelion

14 Mar

fail2ban setup on Centos

fail2ban is a simple daemon (written in Python, BTW) which monitors your Linux server logs and is able to prevent bruteforce attacks by adding bad IP addresses to iptables. This is a simple self reminder on how to setup it.

yum install fail2ban
vim /etc/fail2ban/jail.conf

If you want fail2ban to only notify you  (and not add them to iptables) modify the configuratio files this way:

action = sendmail-whois[name=SSH, [email protected], [email protected]]

It would be wise to add your IP addresses to be ignored:

ignoreip = 127.0.0.1/8

Start:

service fail2ban start

Enable auto start:

chkconfig fail2ban on

Now if somebody tries to brueforce your SSH you’ll get a mail.

13 Mar

How to hide readme.html from WordPress setup under nginx

By default Worpdress places readme.hml file to your webroot directory, so it’s possible to get it. The problem is this file contains your WordPress version. So if for some reason you have vulnerable version of WordPress you might want to hide this file. This is how you can implement this:

location = /readme.html
{
return 404;
}

Keep in mind that it will not remove your WordPress version from your feeds and HTML headers.

07 Mar

How to install Node.js rpm package on Centos 6

The repository with spec file as well as the installation description can be found at Github.

yum install gcc-c++ openssl-devel
wget -P ~/rpmbuild/SOURCES http://nodejs.org/dist/v0.8.21/node-v0.8.21.tar.gz
wget -P ~/rpmbuild/SPECS https://raw.github.com/vibol/node-rpm-spec/master/nodejs.spec

Modify spec file to match current version.

rpmbuild -ba ~/rpmbuild/SPECS/nodejs.spec
rpm -ivh rpmbuild/RPMS/x86_64/nodejs-0.8.21-1.x86_64.rpm

init.d script can be found here. You would also need to modify it for your application.