LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-01-2017, 07:53 AM   #16
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,839

Rep: Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868

Quote:
Originally Posted by gemmajid View Post
I have followed the modsecurity example mentioned by you earlier, i have entered codes in vhost file as well but no success yet.
Could you be more specific? Give some logs or post your configuration
 
Old 02-01-2017, 10:13 AM   #17
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,139
Blog Entries: 4

Rep: Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227
If you truly need to wall-off Apache or any other application then I suggest that AppArmor technology is a very good thing to use.

It employs many of the same operating-system hooks as SELinux (Security-Enhanced Linux), but IMHO it is considerably easier to understand and therefore to use.
 
Old 02-01-2017, 11:20 AM   #18
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
htpasswd is "basic authorization".
See http://serverfault.com/questions/350...credent#350197
suggests PAM module.

If the directory is using "basic authorization" why should those known to the system need limiting?
 
Old 02-06-2017, 12:24 AM   #19
gemmajid
Member
 
Registered: Mar 2012
Location: Karachi
Distribution: Ubuntu, RedHat, CentOs,
Posts: 104

Original Poster
Rep: Reputation: Disabled
below mentioned is my configuration file.

Quote:
# domain: Test Domain
# public: /var/www/Test Domain/public_html/

<VirtualHost *:80>
# Admin email, Server Name (domain name), and any aliases
ServerAdmin webmaster@testdomain
ServerName www.test domain.com
ServerAlias testdomain.com

# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.php
DocumentRoot /var/www/test domain/public_html
# Log file locations
LogLevel warn
ErrorLog /var/www/testdomain/log/error.log
CustomLog /var/www/testdomain/log/access.log combined

<LocationMatch /sessions>
# Uncomment to troubleshoot
#SecDebugLogLevel 9
#SecDebugLog /tmp/troubleshooting.log

# Enforce an existing IP address block
SecRule IP:bf_block "@eq 1" \
"phase:2,deny,\
msg:'IP address blocked because of suspected brute-force attack'"

# Check that this is a POST
SecRule REQUEST_METHOD "@streq POST" "phase:5,chain,t:none,nolog,pass"
# AND Check for authentication failure and increment counters
# NOTE this is for a Rails application, you probably need to customize this
SecRule RESPONSE_STATUS "^200" \
"setvar:IP.bf_counter=+1"

# Check for too many failures from a single IP address. Block for 10 minutes.
SecRule IP:bf_counter "@ge 3" \
"phase:5,pass,t:none, \
setvar:IP.bf_block,\
setvar:!IP.bf_counter,\
expirevar:IP.bf_block=600"
</LocationMatch>
</VirtualHost>
 
Old 02-06-2017, 02:42 AM   #20
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,839

Rep: Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868Reputation: 1868
Quote:
below mentioned is my configuration file.
What you've done is a copy/paste of the example I gave you and you expect it to work in your case! Did you bother reading at least the comments?

This example is written for Rails and works after 3 failed POSTs. What have you done to test it?

Also did you look at the apache logs?
I guess you need to at least change the 200 Response to 401 and most likely the POST to GET
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
unhide directory with .htaccess file amangb Linux - Server 6 07-23-2014 04:20 AM
Kernel/driver parameter to limit (S)ATA disk bad sector read retries? Nyyr Linux - Kernel 2 11-27-2012 10:08 AM
Limit sudo to only one directory and it's subdirectories by sudoers file lcwilson Linux - Security 2 03-28-2012 03:55 PM
file size limit exeeded for NFS mounted directory rizwan.cheema Red Hat 2 11-28-2006 04:52 AM
How do I specify a memory slice limit with a .htaccess file? abefroman Linux - Software 0 09-22-2005 07:38 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration