Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Kevin Boyd:
Retrofitted Login Throttling
Jul 26, 2013 @ 16:56:29

In this new post to his site Kevin Boyd introduces a tool that you can use to scan your logs for login abuse, Fail2ban, and how to use it with your application's login attempts to ban IPs as needed.

Fail2Ban is a Python-based utility that hooks directly into the system's firewall to ban malicious IP addresses, and I'm going to show a few easy steps to make your site safer by blacklisting brute-force attackers. If you maintain a web application that doesn't have built-in authentication throttling, this might be the how-to you're looking for - alternatively, this would work as an additional way to punish pesky rogue connections.

His example uses the Fail2Ban ability to read files on the local system, as written by PHP and containing the failure message and an IP address, and adds IP blocks accordingly. He includes some sample code for the format you'll need to follow and a bit about setup and configuration of the Fail2ban tool.

tagged: login throttling fail2ban tutorial filesystem log tutorial

Link: http://whateverthing.com/blog/2013/07/24/fail2ban-login-throttling

VXTIndia Blog:
How to setup your new VPS Ubuntu server
Aug 30, 2011 @ 15:02:47

On the VXTIndia blog there's a recent post that gives you a very complete guide to setting up a VPS server running Ubunut with all of the software you'd need to get a (more than) complete server up and running.

Every time you purchase a new Linux VPS, you need to go ahead and set it up for use. Even though we manage to do one server a month, we always seem to forget one thing or the other. So we decided to write down the things that we do. I thought it would be a good thing to share it with everybody as well, so that we could get a few comments about what we’re doing wrong, and people who do it the first time can probably pick up a few things from here.

Steps and software involved in their process include:

  • Updating to the latest Ubuntu packages
  • Creating other users for the system
  • Installing the web environment (including PHP, MySQL, phpmyadmin and Apache2)
  • Minin for monitoring
  • Configuring IPTables
  • Installing Fail2Ban

All of this comes complete with the additions you'll need to make to configuration files and the commands to get everything installed (via aptitude).

tagged: vps server setup tutorial software configure minin fail2ban

Link:


Trending Topics: