isc Home | SANS Internet Storm Center; Cooperative Network Security Community - Internet Security Network-Tools | Traceroute, Ping, Domain Name Server (DNS) Lookup, WHOIS Using suphp To Secure A Shared Server The challenge with securing a shared hosting server is how to secure the website from attack both from the outside and from the inside. PHP has built-in features to help, but ultimately it s the wrong place to address the problem. Apache has built-in features too, but the performance cost of these features is prohibitive. This has created a gap that a number of third-party solutions have attempted to fill. suphp: Running PHP As A Specified UserInstalling suphpConfiguring ApacheSome BenchmarksOther ConsiderationsConclusions suphp: Running PHP As A Specified User Like Apache’s own suexec, suphp is a solution that allows PHP to run as the user and group that owns any particular website on a shared hosting server. suphp consists of two components: mod_suphp, an Apache module that replaces mod_phpsuphp, a setuid binary that replaces Apache’s suexec It relies on PHP/CGI having been installed onto the server first. Installing suphp Download the suphp source code from the website. . Configuring Apache
InternetSupervision | Website Monitoring Services Community Help | Generating a Certificate Signing Requ... To complete your online request form for an SSL, you need to generat a key pair and a Certificate Signing Request (CSR). Follow these instructions to generate them for your website. Java 2 SDK 1.2 or above must be installed before you can generate your CSR. Once installed, you can use the "keytool" command to create your key pair and CSR. To Generate the Key Pair For the purposes of this article, we are using PuTTY as our Secure Shell (SSH) client, and we are running Tomcat on a Linux based server. To log in to the server's terminal SSH, double click on your servers SSH client.Enter the Host Name (or IP address), and then the Port the server is using.Select SSH as the Connection type, and then click OpenAt the SSH prompt, enter the server's username, and then press Enter on your keyboard.Enter the server's password, and then press Enter. To Generate a CSR For more information on how to request a certificate in our online request form, see Request an SSL certificate
Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server Find other sites hosted on a web server by entering a domain or IP address above. Note: For those of you interested, as of May 2014, my database has grown to over 100 million domain names. I am now offering this domain list for purchase. A reverse IP domain check takes a domain name or IP address pointing to a web server and searches for other sites known to be hosted on that same web server. Background All web sites are hosted on web servers, which are computers running specialized software that distribute web content as requested. As of 2003, more than 87% of all active domains names were found to share their IP addresses (i.e. their web servers) with one or more additional domains. While IP sharing is typically transparent to ordinary users, it may cause complications for both search engine optimization and web site filtering. Concerning SEO (search engine optimization) Conversely, search engines value links from web sites hosted on different IP addresses. Concerning web site filtering
Community Help | SSL Certificate Renewal - Tomcat 4.x/... After we approve your certificate renewal request, you can download your SSL and intermediate certificate. For more information, see Downloading an SSL Certificate. You must install both files on your Web server. You can also download the intermediate certificate here. Follow the instructions below to download and install signed certificate and intermediate certificates on your Web server. Note that Java 2 SDK 1.2 or above must be installed as the following describes how to install a certificate using keytool. Installation Option One: Installing SSL Certificate and CA Bundle (gd_bundle.crt) Implementing a PKCS12 Keystore Before you install your SSL certificate you must download our root certificate bundle (repository. Use the following OpenSSL command to combine the ca bundle (gd_bundle.crt) and your SSL certificate: openssl pkcs12 -export -chain -CAfile gd_bundle.crt -in Updating the server.xml Configuration File Open the server.xml file. Restart Tomcat. Root: Installing SSL Certificate
Community Help | Installing an SSL Certificate in Tomc... When you request an SSL certificate, you must provide a Certificate Signing Request (CSR) from your server. The CSR includes your public key, and must contain the same details as the online request form in your account. After your request is vetted and your certificate is issued, download and install all of the provided files to complete the installation. These steps describe how to install a certificate using keytool, so you must have Java 2 SDK 1.2 or above installed on your server. Generating a Keystore and CSR in Tomcat Using Keytool, follow these steps to generate a keystore and CSR on your server. To Generate a Keystore and CSR in Tomcat Enter the following command into keytool to create a keystore:keytool -keysize 2048 -genkey -alias tomcat -keyalg RSA -keystore tomcat.keystoreEnter a Password. For more information about completing the online request form, see Request an SSL certificate. After you submit the application, we begin vetting your request. Installing Your SSL in Tomcat
Troubleshooting Memory and Networking Issues Many common issues with Linodes are caused by excessive memory consumption or networking configuration errors. This guide provides suggestions for alleviating these problems. When your VPS is running low on physical memory, it may start to "swap thrash." Determining Free Memory and Swap Activity You can use the following command to display memory use on your Linode: free -m You can use the following snippet to see a list of your running processes sorted by memory use: ps -eo pmem,pcpu,rss,vsize,args | sort -k 1 -r | less To see IO activity on your VPS, you may use the following command (you may need to install the sysstat package under Debian or Ubuntu first): iostat -d -x 2 5 This will give an extended device utilization report five times at two second intervals. MySQL Low-Memory Settings In your MySQL configuration file (typically found in /etc/mysql/my.cnf), change your entries for the various settings shown below to match the recommended values: skip-innodb Warning Apache 2 Low-Memory Settings