Securing Your Server

All first a copy of our apach server, it never had: p, why, type ordering follows:
p / u sr / local / apache / conf / httpd.conf / u sr / local / apache / conf / httpd.conf.inv


1-Securing Apache server:

Type ordering follows:

Pico / u sr / local / apache / conf / httpd.conf

Then look:

AllowOverride All

And replace it with:

AllowOverride None

Then look LoadModule and add the following commende if it is not:

LoadModule php4_module libexec/libphp4.so

Now we are going to hide information from the server (AC scann the servuer, whois .....) so why look for the following word:

ServerSignature on

And replace with:

ServerSignature off

Then enter ctrl + x and type ordering follows:

Httpd restart


And now your server apache is secure, stage 1 finished successfully: D.




Now securisont everything that is in relation to the mysql (sql, blind injection etc. ....)


To do so, enter the commende follows:

Pico / e tc / my.cnf


And add the following line:


Set-variable = local-infile = 0


Then type Control + X to seauvgarder and redemarer the mysql service thanks to the commende follows:

MySQL restart service


And now secure service mysql XD


Now the most important, secure loopholes php:

Step 1: commmende type the following:

Pico / u sr / local / lib / php.ini


I will give a list of words has cherhcer (why use ctrl + w) it must be identical to the sentence below otherwise change for it to be identical

Safe_mode = On
On open_basedir = PHP:
Allow_url_fopen = Off
Expose_php = Off
FPuis taper ordering follows:
Disable_functions = "dl, passthru, pfsockopen, system, exec, passthru, popen, shell_exec, proc_close, proc_open, proc_nice, proc_terminate, proc_get_status, posix_getpwuid, posix_uname, openlog, syslog, ftp_exec, posix_uname, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, job control posix_setsid , posix_setuid, get_current_user, getmyuid, getmygid, listen, chgrp, chmod, apache_note, apache_setenv, apache_child_terminate, closelog, debugger_off, debugge_on, ini_restore, imap, tempnam, netscript, copy, curl_init, curl_exec, curl, escapeshellcmd, escapeshellarg, tmpfile, cmd , backtick, virtual, show_sourc, show_source, pclose, pcntl_exec, datasec, old_offset, ctrl_dir, ini_alter, passthru, leak, listen, chgrp, apache_setenv, define_syslog_variables, phpinfo, root, allow_url_fopen, diskfreespace, php_uname, disk_free_space, disk_total_space, posix_kill, getmyuid , getmygid, apache_child_terminate, mkdir, unlink, php_ini_scanned_files, ls, ps_aux, chown, realpath, fpassthru, getrusage, posixc, posame, chgrp, posix_setuid, job control posix_setsid, posix_setgid, set_time_limit, apache_note, apache_setenv, x_getuid, e_ini_file, nfo, SQL, mysql_list_dbs , glob, error_log, ini_get_all, fileowner, fileperms, filegroup, highlight_file, sscanf, tempnam, ilegetcontents, get_dir, popen, popens, pfsockopen, dos_conv, apache_get_modules, crack_check, crack_closedict, zip_read, rar_open, bzopen, bzread, bzwrite, shellcode, posix_isatty , posix_getservbyname, escapeshellarg, hypot, pg_host, pos, posix_access, inurl, posix_times, posix_mknod, passthru, pclose, ps_fill, posix_getegid, symlink, id


This ordering will make you forget all your worries about the vulnerability php, then try the following sentence:

Include_path. ": / U sr / local / lib / php"
And replace with:

Include_path "/ u sr / lib / php: / u sr / local / lib / php: / tmp: / home"
And now all is complete, now lindex direction root (WHM>> apache Update), then click on load Previous Config
Then choose from the list:

Php Module
PHP 4.4.7
SafeMode
Freetype Support
PHP Support suEXEC
Module Rewrite
SuEXEC Module

Then click on Start Build, and this is the securing your server is the tope.