Thursday, June 16, 2016

Securing Wordpress

Wordpress is a highly popular blog/content management tool. Because of it’s popularity it makes it a prime target for online attacks. Although you should secure all your applications you should be more deligent with highly popular applications since these seem to be more highly targeted by attackers because of there stronger knowledge and easy to find security holes.

The first and most critical thing to be aware of when running any online application is making sure the os, web server and database are being patched and upgraded on a regular basis. In addition the wordpress application should be patched modules and core application often.

After basic security practices the next focuses should be this file system permissions and accesses should be secured.

Notes to referrer to:

Basic steps are as follows:

Make sure file are secured as outlined in the hardening guide.

Thursday, March 17, 2016

Standard Post Linux Install Steps

After installing a new test server for home use. The following steps should be performed.

  1. Check Network
    Issue the command “ip addr” from a shell prompt to verify that a valid ip address is being set by your dhcp or you have set a valid ip manually.
    To restart your network service “systemctl restart network.service”
  2. Install Additional base network tools
    yum install net-tools -y
    Issue command “ifconfig” to verify tools and ip.
  3. Create a personal user account. During the minimal install you may have created a personal user account which will replace this step. If you did not you should always create a personal user account and sign into the system with this account.
    ssh in as the root user and run.
    useradd <username>
    Example: useradd jenkinss
    passwd <username>
    Enter a strong password.
  4. Set your user to have sudoers rights on the linux servers so that you can perform administrative commnads.
    Issue Command “visudo”
    ”Ctrl +G” “Ctrl +A” will bring you to the end of the screen and put you in insert mode.
    Add the following lines. Make sure your modify the <username> to your valid username.
    User_Alias ROOT_GROUP=<username> 
    Cmnd_Alias ROOT_SUDO=/usr/bin/sudo su - root
    Cmnd_Alias SU=/bin/su
    root    ALL=(ALL) ALL   
  5. Login as your user
    ssh in to the server with your user account.
  6. Shutdown local firewall – “Home Test Systems”
    sudo su - root
    systemctl disable  firewalld.service
    systemctl stop  firewalld.service
  7. Disable selinux – “Home Test Systems”
    vi /etc/selinux/config
    Change enabled to disabled
  8. Edit the hostname record to have server name included
    vi /etc/hostname
    ”Ctrl + I” to insert
    Change the name to your new server name.
  9. Install networking tools
    yum install pciutils -y
    To view network card info
    lspci | grep Ether
    ll /sys/class/net/*/device
    ethtool <device> to find the active card if multiple card exist
    To see current network card configuration
    cat /etc/sysconfig/network-scripts/ifcfg-<your device>
  10. Set the hosts record to find this server by it’s ip. (Not all tools require this but some tools will read this to find the hostname and may append localhost if it does not exist.)
    To see the server ip.
    To see the server hostname
    To edit the hosts record so the hostname resolves and is found by applications
    vi /etc/hosts
    <ip> <hostname>
  11. Patch OS
    yum update -y
  12. Restart the server

Install Railo on Oracle Linux 7

Railo is an open source software that allows you to run cfml (ColdFusion) applications. Railo allows you to use the features you use when developing cold fusion applications without running the Adobe ColdFusion Server. There are multiple reasons you may use Railo, two common reasons are reduced licensing costs and open source support. Railo was reversed engineered from the existing Cfml language so almost all mark up language avaiable in cfml run on Adobe CF is available on Railo.

Install Oracle Linux 7 or comparable linux.
Standard Post Linux Install Steps.

Download Railo (Current Version

Tools Required:
sftp client – Recommended Fillezilla
ssh client – Recommended SecureCrt($99 per year), Optional Putty (Free)

1. Create a directory to stage the railo software
As the root user create a location to store the software files
sudo su – root
mkdir /home/stage
chmod 777 /home/stage
2. Secure ftp the files to the server
Move the railo file downloaded to the /home/stage directory
3. Grant execute privileges on railo executeable
cd /home/stage
chmod 777
4. Install apache http server
sudo su - root
yum install mod_ssl openssl httpd -y
5. Install mod_perl – mod_perl does not come with the lastest release of Linux
cd /home/stage
yum install wget -y
yum install epel-release-7-5.noarch.rpm -y
yum install mod_perl -y
6. Configure apache to autostart
systemctl enable httpd.service
systemctl start  httpd.service
systemctl -l | grep httpd
7. Install railo
cd /home/stage
sudo ./
4 - English
Enter,Enter License Agreement, y
Install Dir: /opt/railo
Password: <password>
Tomcat Server Port: 8888
Tomcat Shutdown Port: 8005
Tomcat AJP: 8009
System User: cfml
Start Railo Boot: Y
Install Apache Connector: Y
Apachectl: /usr/sbin/apachectl
http Modules: /usr/lib64/httpd/modules
apache config: /etc/httpd/conf/httpd.conf
Apache logs: /var/log/httpd
Install: Y
8. Create users, groups and directories for apps
useradd webapps
mkdir /home/webapps/public_html/WEB-INF -p
sudo chmod 755 /home/webapps
sudo chmod 755 /home/webapps/public_html
sudo chown cfml:cfml /home/webapps/public_html/WEB-INF/
gpasswd -a cfml webapps
gpasswd -a webapps cfml
9. Configure apache
vi /etc/httpd/conf/httpd.conf
<VirtualHost *:80>
  ServerAdmin <AdminEmail>
  DocumentRoot /home/webapps/public_html/
  ServerName <ServerName>
10. Configure tomcat to allow access
Search for the hosts section in the server file and add a host entry for your app directory and your admin app
cd /opt/railo/tomcat/config
vi server.xml
<Host name="<ServerName>" appBase="webapps">
  <Context path="" docBase="/home/webapps/public_html/WEB-INF/" />
<Host name="<AdminServerName>" appBase="webapps">
  <Context path="" docBase="/opt/railo/tomcat/webapps/ROOT/" />
11. Restart railo and restart apache
service railo_ctl restart
systemctl restart httpd.service

Verifying Set Up
1. Set hostnames on local machine
Open Notepad as “Run as Administrator”
cd c:\windows\system32\drivers\etc
Edit hosts file
add to entries
<ip> <AppDomain>
<ip> <AdminDomain>
2. Check Apache
3. Check Railo/tomcat
4. Check Railo Server Admin and Web Admin pages
5. Create a cfml test page
cd /home/webapps/public_html/WEB-INF
vi test.cfm
<title>Testing your CF MX Application Server</title>
Today's Date: <CFOUTPUT>#DateFormat(Now(),"dddd, m/d/yy")#</CFOUTPUT>
6. Test your test page