cd /etc/yum.repos.d/ wget http://centos.karan.org/kbsingh-CentOS-Extras.repo rpm --import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka rpm --import http://centos.karan.org/RPM-GPG-KEY-karan.org.txt cat > utterramblings.repo [utterramblings] name=Jason's Utter Ramblings Repo baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/ enabled=1 gpgcheck=0 gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka ^D yum install mysql.x86_64 mysql-server.x86_64 php-mysql php-mhash php-mcrypt \ php-common php-pdo php-xml php-imap php-tidy php-soap php-mbstring php-cli \ php-xmlrpc php-bcmath php-gd httpd-devel-2.2.16-jason.1 gcc gcc-c++ pcre-devel \ libxml2-devel vsftpd chkconfig --levels 235 httpd on chkconfig mysqld on chkconfig vsftpd on rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm yum install php-memcache.x86_64 vim-enhanced wget http://packages.sw.be/perl-Net-SSLeay/perl-Net-SSLeay-1.36-1.el5.rfx.i386.rpm wget http://packages.sw.be/perl-Net-SSLeay/perl-Net-SSLeay-1.36-1.el5.rfx.x86_64.rpm wget http://packages.sw.be/perl-IO-Socket-SSL/perl-IO-Socket-SSL-1.34-1.el5.rfx.noarch.rpm rpm -e perl-Net-SSLeay-1.30-4.fc6 rpm -e perl-IO-Socket-SSL-1.01-1.fc6 rpm -i perl-Net-SSLeay-1.36-1.el5.rfx.x86_64.rpm rpm -i perl-Net-SSLeay-1.36-1.el5.rfx.i386.rpm rpm -i perl-IO-Socket-SSL-1.34-1.el5.rfx.noarch.rpm yum install memcached.x86_64 vim /etc/sysconfig/memcached CACHESIZE="1024" /etc/init.d/memcached start cat > /etc/httpd/conf.d/php.conf # # PHP is an HTML-embedded scripting language which attempts to make it # easy for developers to write dynamically generated webpages. # #LoadModule php5_module modules/libphp5.so # # Cause the PHP interpreter to handle files with a .php extension. # #AddHandler php5-script .php #AddType text/html .php # # Add index.php to the list of files that will be served as directory # indexes. # DirectoryIndex index.php # # Uncomment the following line to allow PHP to pretty-print .phps # files as PHP source code: # #AddType application/x-httpd-php-source .phps ^D echo cgi.fix_pathinfo = 1 >> /etc/php.ini groupadd nairabetwww useradd -s /bin/false -d /var/www/nairabet.com -m -g nairabetwww nairabetwww mkdir /var/www/nairabetwww/web mkdir -p /var/www/php-fcgi-scripts/nairabetwww cat > /var/www/php-fcgi-scripts/nairabetwww/php-fcgi-starter #!/bin/sh PHPRC=/etc/ export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/bin/php-cgi ^D chmod +x /var/www/php-fcgi-scripts/nairabetwww/php-fcgi-starter chown -R nairabetwww:nairabetwww /var/www/php-fcgi-scripts/nairabetwww cat >> /etc/httpd/conf/httpd.conf NameVirtualHost *:80 ServerName nairabet.com ServerAlias www.nairabet.com ServerAdmin webmaster@nairabet.com DocumentRoot /var/www/nairabet.com/web/ SuexecUserGroup nairabetwww nairabetwww ProcessLifeTime 7200 IPCCommTimeout 600 PHP_Fix_Pathinfo_Enable 1 Options +ExecCGI AllowOverride All AddHandler fcgid-script .php FCGIWrapper /var/www/php-fcgi-scripts/nairabetwww/php-fcgi-starter .php Order allow,deny Allow from all DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 # ErrorLog /var/log/apache2/error.log # CustomLog /var/log/apache2/access.log combined ServerSignature Off SecRuleEngine On SecDefaultAction "log,deny,phase:2" ^D /etc/init.d/httpd reload wget http://thesuki.org/scripts/zend/ZendOptimizer-3.3.9-linux-glibc23-x86_64.tar.gz tar zxfv ZendOptimizer-3.3.9-linux-glibc23-x86_64.tar.gz cp ZendOptimizer-3.3.9-linux-glibc23-x86_64/data/5_2_x_comp/ZendOptimizer.so /usr/lib64/php/modules/ZendOptimizer.so cat >> /etc/php.ini [Zend] zend_extension=/usr/lib64/php/modules/ZendOptimizer.so ^D wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz tar zxfv mod_evasive_1.10.1.tar.gz cd mod_evasive apxs -cia mod_evasive20.c cd wget http://www.modsecurity.org/download/modsecurity-apache_2.5.12.tar.gz tar zxfv modsecurity-apache_2.5.12.tar.gz cd modsecurity-apache_2.5.12 cd apache2 ./configure make make install mkdir /etc/httpd/modsecurity.d cd .. cd rules cp base_rules/* /etc/httpd/modsecurity.d/ cp -Rfp optional_rules /etc/httpd/modsecurity.d/ cp modsecurity_crs_10_config.conf /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf cat > /etc/httpd/conf.d/mod_security.conf # Example configuration file for the mod_security Apache module LoadModule security2_module modules/mod_security2.so LoadModule unique_id_module modules/mod_unique_id.so # This is the ModSecurity Core Rules Set. # Basic configuration goes in here Include modsecurity.d/modsecurity_crs_10_config.conf # Protocol violation and anomalies. Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf # HTTP policy rules Include modsecurity.d/modsecurity_crs_30_http_policy.conf # Here comes the Bad Stuff... Include modsecurity.d/modsecurity_crs_35_bad_robots.conf Include modsecurity.d/modsecurity_crs_40_generic_attacks.conf Include modsecurity.d/modsecurity_crs_45_trojans.conf Include modsecurity.d/modsecurity_crs_50_outbound.conf # Search engines and other crawlers. Only useful if you want to track # Google / Yahoo et. al. # Include modsecurity.d/modsecurity_crs_55_marketing.conf # Put your local rules in here. Include modsecurity.d/modsecurity_localrules.conf ^D touch /etc/httpd/modsecurity.d/modsecurity_localrules.conf vim /etc/vsftpd/vsftpd.conf anonymous_enable=NO chroot_local_user=YES /etc/init.d/vsftpd start echo /bin/false >> /etc/shells /etc/init.d/mysqld start mysqladmin password CHANGEME cat > /root/.my.cnf [client] password=CHANGEME ^D chmod 600 /root/.my.cnf passwd nairabetwww mkdir /var/www/nairabet.com/web chown -R nairabetwww:nairabetwww /var/www/nairabet.com chmod +x /var/www/nairabet.com vim /etc/yum.repos.d/kbsingh-CentOS-Extras.repo yum install mod_fcgid.x86_64 chmod +x /var/www/nairabet.com apachectl stop apachectl start
Warning: Cannot modify header information - headers already sent by (output started at /var/www/thesuki.org/dokuwiki/inc/Action/Export.php:106) in /var/www/thesuki.org/dokuwiki/inc/actions.php on line 38
huy:centos_for_rozum [SukuDokuWiki]

SukuDokuWiki

User Tools

Site Tools

Trace: centos_for_rozum
huy:centos_for_rozum
cd /etc/yum.repos.d/
wget http://centos.karan.org/kbsingh-CentOS-Extras.repo
rpm --import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
rpm --import http://centos.karan.org/RPM-GPG-KEY-karan.org.txt
cat > utterramblings.repo
[utterramblings]
name=Jason's Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=1
gpgcheck=0
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
^D
yum install mysql.x86_64 mysql-server.x86_64 php-mysql php-mhash php-mcrypt \
php-common php-pdo  php-xml php-imap php-tidy php-soap php-mbstring php-cli \
php-xmlrpc php-bcmath php-gd httpd-devel-2.2.16-jason.1 gcc gcc-c++ pcre-devel \
libxml2-devel vsftpd
chkconfig --levels 235 httpd on
chkconfig mysqld on
chkconfig vsftpd on
rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
yum install  php-memcache.x86_64 vim-enhanced

wget http://packages.sw.be/perl-Net-SSLeay/perl-Net-SSLeay-1.36-1.el5.rfx.i386.rpm
wget http://packages.sw.be/perl-Net-SSLeay/perl-Net-SSLeay-1.36-1.el5.rfx.x86_64.rpm
wget http://packages.sw.be/perl-IO-Socket-SSL/perl-IO-Socket-SSL-1.34-1.el5.rfx.noarch.rpm

rpm -e perl-Net-SSLeay-1.30-4.fc6 
rpm -e perl-IO-Socket-SSL-1.01-1.fc6
rpm -i perl-Net-SSLeay-1.36-1.el5.rfx.x86_64.rpm
rpm -i perl-Net-SSLeay-1.36-1.el5.rfx.i386.rpm
rpm -i perl-IO-Socket-SSL-1.34-1.el5.rfx.noarch.rpm

yum install memcached.x86_64  
vim /etc/sysconfig/memcached
   CACHESIZE="1024"
/etc/init.d/memcached start




cat > /etc/httpd/conf.d/php.conf

#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#

#LoadModule php5_module modules/libphp5.so

#
# Cause the PHP interpreter to handle files with a .php extension.
#
#AddHandler php5-script .php
#AddType text/html .php

#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php

#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps

^D
echo cgi.fix_pathinfo = 1 >> /etc/php.ini
groupadd nairabetwww
useradd -s /bin/false -d /var/www/nairabet.com -m -g  nairabetwww nairabetwww
mkdir /var/www/nairabetwww/web
mkdir -p /var/www/php-fcgi-scripts/nairabetwww
cat > /var/www/php-fcgi-scripts/nairabetwww/php-fcgi-starter
#!/bin/sh
PHPRC=/etc/
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/bin/php-cgi

^D
chmod +x /var/www/php-fcgi-scripts/nairabetwww/php-fcgi-starter
chown -R nairabetwww:nairabetwww    /var/www/php-fcgi-scripts/nairabetwww
cat >> /etc/httpd/conf/httpd.conf

NameVirtualHost *:80

<VirtualHost *:80>
  ServerName nairabet.com
  ServerAlias www.nairabet.com
  ServerAdmin webmaster@nairabet.com
  DocumentRoot /var/www/nairabet.com/web/

  <IfModule mod_fcgid.c>
    SuexecUserGroup nairabetwww nairabetwww
    ProcessLifeTime 7200
    IPCCommTimeout 600
    PHP_Fix_Pathinfo_Enable 1
    <Directory /var/www/nairabet.com/web/>
      Options +ExecCGI
      AllowOverride All
      AddHandler fcgid-script .php
      FCGIWrapper /var/www/php-fcgi-scripts/nairabetwww/php-fcgi-starter .php
      Order allow,deny
      Allow from all
    </Directory>
  </IfModule>
<IfModule mod_evasive20.c>
    DOSHashTableSize    3097
    DOSPageCount        2
    DOSSiteCount        50
    DOSPageInterval     1
    DOSSiteInterval     1
    DOSBlockingPeriod   10
</IfModule>
  # ErrorLog /var/log/apache2/error.log
  # CustomLog /var/log/apache2/access.log combined
  ServerSignature Off
<IfModule mod_security2.c>
    SecRuleEngine On
    SecDefaultAction "log,deny,phase:2"
</IfModule>

</VirtualHost>

^D
/etc/init.d/httpd reload
wget http://thesuki.org/scripts/zend/ZendOptimizer-3.3.9-linux-glibc23-x86_64.tar.gz
tar zxfv ZendOptimizer-3.3.9-linux-glibc23-x86_64.tar.gz
cp ZendOptimizer-3.3.9-linux-glibc23-x86_64/data/5_2_x_comp/ZendOptimizer.so /usr/lib64/php/modules/ZendOptimizer.so
cat >> /etc/php.ini
[Zend]
zend_extension=/usr/lib64/php/modules/ZendOptimizer.so

^D
wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz
tar zxfv mod_evasive_1.10.1.tar.gz
cd mod_evasive
apxs -cia mod_evasive20.c
cd
wget http://www.modsecurity.org/download/modsecurity-apache_2.5.12.tar.gz
tar zxfv modsecurity-apache_2.5.12.tar.gz
cd modsecurity-apache_2.5.12
cd apache2
./configure
make
make install
mkdir /etc/httpd/modsecurity.d
cd ..
cd rules
cp base_rules/* /etc/httpd/modsecurity.d/
cp -Rfp optional_rules /etc/httpd/modsecurity.d/
cp modsecurity_crs_10_config.conf /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf
cat > /etc/httpd/conf.d/mod_security.conf
# Example configuration file for the mod_security Apache module

LoadModule security2_module modules/mod_security2.so
LoadModule unique_id_module modules/mod_unique_id.so
<IfModule mod_security2.c>
        # This is the ModSecurity Core Rules Set.

        # Basic configuration goes in here
        Include modsecurity.d/modsecurity_crs_10_config.conf

        # Protocol violation and anomalies.

        Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf
        Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf

        # HTTP policy rules

        Include modsecurity.d/modsecurity_crs_30_http_policy.conf

        # Here comes the Bad Stuff...

        Include modsecurity.d/modsecurity_crs_35_bad_robots.conf
        Include modsecurity.d/modsecurity_crs_40_generic_attacks.conf
        Include modsecurity.d/modsecurity_crs_45_trojans.conf
        Include modsecurity.d/modsecurity_crs_50_outbound.conf

        # Search engines and other crawlers. Only useful if you want to track
        # Google / Yahoo et. al.

        # Include modsecurity.d/modsecurity_crs_55_marketing.conf

        # Put your local rules in here.

        Include modsecurity.d/modsecurity_localrules.conf
</IfModule>

^D
touch /etc/httpd/modsecurity.d/modsecurity_localrules.conf
vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
chroot_local_user=YES
/etc/init.d/vsftpd start
echo /bin/false >> /etc/shells
/etc/init.d/mysqld start

mysqladmin password CHANGEME

cat > /root/.my.cnf
[client]
password=CHANGEME
^D
chmod 600 /root/.my.cnf
passwd nairabetwww
mkdir /var/www/nairabet.com/web
chown -R nairabetwww:nairabetwww /var/www/nairabet.com
chmod +x /var/www/nairabet.com
vim /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
yum install mod_fcgid.x86_64
chmod +x /var/www/nairabet.com
apachectl stop
apachectl start
huy/centos_for_rozum.txt · Last modified: 2011/03/23 14:05 by slayer

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki