Joomla Security Tips Part 4
Here are a few more Joomla security tips to help you make sure your Joomla installation is rock-solid.
1. Create strong passwords. You should change your administration password often and use a combination of upper and lowercase letters and numbers. Avoid using dictionary words, and make sure your password is at least eight characters long.
2. Monitor crack attempts. If you have your own VPS or dedicated server, you can run TripWire or SAMHAIN to frequently check for attempts to comprise your server’s security.
3. Create scripts to automate security tasks. With a busy schedule, you may forget to check for new versions of Joomla and any extensions you have installed. Setup scripts to make the process automatic.
4.. Check logs often. Many times, simply looking over access and error logs can reveal thinly-veiled attempts to intrude on your server, particularly if the attacker is trying to do so through a web application like Joomla.
5. Run checks for SQL injection vulnerabilities. There are free tools on the web that will perform these checks for you.
The important thing to remember is to always be diligent. Create a security routine and stick to it. Do not let months go by before you decide to check on your Joomla installation. You may find your site has already been comprimised.
Source: Joomla Security Checklist
Tag: crack, joomla, logs, passwords, scripts, security, sql injection, website
Viewing hardware information in Linux
Question: How do I view hardware information about my Linux server?
Answer: If you are running your own dedicated server, you will be swamped with operating system and software management, network security, and a host of other responsibilities, but you should not neglect the server hardware itself. There are a few common ways that Linux system administrators check their hardware:
1. /proc – This is an entire directory filled with system information. For example, to view information about the server’s CPUs, type from the command line:
# cat /proc/cpuinfo
For RAM information type:
# cat /proc/meminfo
3. System logs – Many of the hardware events will be recorded by the kernel logs. To view hardware information, simply type:
# dmesg
4. lspci – When you need information about internal expansion cards, just type:
# lspci
5. lshw – Finally, for the motherload of all general hardware information, type:
# lshw
Monitoring a Linux server with Logwatch
On a Linux server, there are numerous separate logs that contain vital information about your web server, mail server, database servers, and other important systems and services. While you could periodically check each log, this is time consuming and will not always identify the problems as they occur.
Logwatch is a free and open source software package for Linux that provides customizable log analysis. It collects the data from all of the logs you specify for a given amount of time and then provides a report of those logs.
Logwatch is available for installation in most Linux distribution repositories. In CentOS, logwatch is installed by default and should be configured and ready to go. For more information about using logwatch, type “man logwatch” from the command line or see the online documentation.
Logging user agent data in Apache
Question: How do I tell Apache to log user agent information?
Answer: Normally, Apache logs information about site visitors to /var/logs/httpd/ and uses files like access_log, error_log, etc. While it does give some information about the users, it does not include user agent information by default. User agent information looks like this:
"Mozilla/5.0 (compatible; MSIE 7.05; Windows XP)"
This can provide you with useful information about your website’s visitors. Fortunately, Apache has the capability to log user agents and a load of other information built into it. You just have to enable it. Furthermore, you can tell Apache to put user agent information in a separate file.
Edit the Apache configuration file, often called httpd.conf on Redhat/CentOS/Fedora servers, and add this line:
CustomLog logs/user_agents "%{user-agent}i"
That is all you have to do. Now user agent information will be logged to your /var/logs/user_agents file.
Source: Apache Week
Photo: Flickr
Tag: apache, logs, server, user agent, web server, website
5 Server checks for the New Year
Hopefully, it has not been a year since you have given your server a good checkup, but just in case you need a reminder, here are a few things to check at the start of 2010:
1. Log rotation. Normally, Linux will rotate logs for the kernel, web server, and other applications, saving older ones under alternate names. You should check in /var/log and make sure it’s all working as expected.
2. Filesystem. Run a basic filesystem check (fsck) to see if there are any disk errors. It is important to find them before they lead to data loss.
3. Updates. If you have not installed the latest updates, particularly kernel patches, do it now. An off day is the perfect time to perform a mandatory reboot.
4. Security check. Do a system-wide check for rootkits, vulnerabilities, viruses, and rogue scripts.
5. Memory and CPU usage. Run “top” and monitor CPU and memory usage for a few minutes. Check your load averages. Make sure all of it is within your desired parameters.
Now that you are done with that, enjoy your New Year with a little more peace of mind.
Photo: Flickr
Tag: cpu, filesystem, linux, logs, security, web server
Watching Linux logs live
Question: How can I watch information come into my Linux server logs as they arrive?
Answer: Linux has a nifty little command called “tail” that allows you to see the latest log file messages, but that by itself will not show you the latest messages as they arrive in real time. For that, all you have to do is add the “-f” tag to the end of the tail command. For example, if you want to watch mail server messages as they arrive, enter as root:
tail -f /var/log/maillog
Similarly, for Apache web server access logs, you would enter something like:
tail -f /var/log/httpd/access
And for web server errors:
tail -f /var/log/httpd/errors
Generally speaking, it will occupy your command prompt, not allowing you to do anything else. If you want to keep working and do not mind being interrupted whenever a message comes in, you can add the &, and it will return you to the command line.
tail -f /var/log/maillog &
Photo Source: Flickr
Tag: apache, linux, logs, mail server, server, tail, web server
Linux Dedicated Server Logs
Question: Where do I view logs on my dedicated server?
Answer: Most of the logs on a Linux operating system are kept in the /var/log directory. There you will find logs for the main system, kernel, network, hardware, Apache, MySQL, and often times other third-party applications that you might happen to install.
There are several ways to view the logs. For example, if you want to view the “messages” log:
tail -f /var/log/messages
This will show you the last few lines of the log (i.e. the latest information).
less /var/log/messages
will give you a scrollable view of the log, controlled with the arrow keyes.
more -f /var/log/messages
will give you a paged view. Pressing enter or the space bar will show more of the text, which is all loaded at once.
Tag: apache, kernel, linux, logs, mysql, network, server