Admins eHow SysAdmin Tips & Tricks

May 12, 2014

SPF Policy Tester & Syntax Validator

Filed under: dns — Tags: , , , , — admin @ 1:54 pm

This website is super useful for verifying and testing SPF records :

SPF Syntax Validator : http://vamsoft.com/support/tools/spf-syntax-validator
SPF Policy Tester : http://vamsoft.com/support/tools/spf-policy-tester

May 11, 2014

How to enable mod_deflate on Apache 2.4

Filed under: Apache — Tags: , , , — admin @ 7:02 am

Well, I am writing this guide because enabling mod_deflate on Apache 2.4 has become more complex than enabling a single module like it was on Apache 2.2
Now you have to enable 3 modules in httpd.conf for mod_deflate to work properly :

LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule filter_module modules/mod_filter.so

Also you have to enable compression by this config :

AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
DeflateCompressionLevel 9

May 9, 2014

Auto update Atomicorp mod_security rules script

Filed under: cPanel,linux — Tags: , , , , — admin @ 6:31 pm

Here is a very simple script, I have written for my own use to auto update mod_security rules from Atomicorp server. You can use cronjobs to automate the process.
Dont forget to put your Atomicorp subscription username and password in the script.

#!/bin/sh

USER=
PASS=
DIR=/var/cpanel

VER=`wget -q --user=$USER --password=$PASS http://updates.atomicorp.com/channels/rules/subscription/VERSION -O - | grep MODSEC_VERSION | sed -r 's/^.{15}//'`
FILE_NAME=modsec-$VER.tar.bz2
wget -q --user=$USER --password=$PASS http://updates.atomicorp.com/channels/rules/subscription/$FILE_NAME -O - | tar jxf - -C $DIR
/etc/init.d/httpd -k graceful

In this case, the script will install the rules in /var/cpanel/modsec directory and reload the server gracefully.
Apparently you should have the following in your modsec2.user.conf

Include "/var/cpanel/modsec/000000_asl_modreqtimeout.conf"
Include "/var/cpanel/modsec/00_asl_0_global.conf"
Include "/var/cpanel/modsec/00_asl_rbl.conf"
Include "/var/cpanel/modsec/00_asl_z_antievasion.conf"
Include "/var/cpanel/modsec/00_asl_zz_strict.conf"
Include "/var/cpanel/modsec/01_asl_content.conf"
Include "/var/cpanel/modsec/01_asl_rules_special.conf"
Include "/var/cpanel/modsec/03_asl_dos.conf"
Include "/var/cpanel/modsec/05_asl_exclude.conf"
Include "/var/cpanel/modsec/05_asl_scanner.conf"
Include "/var/cpanel/modsec/09_asl_rules.conf"
Include "/var/cpanel/modsec/09_asl_rules_antievasion.conf"
Include "/var/cpanel/modsec/10_asl_antimalware.conf"
Include "/var/cpanel/modsec/10_asl_antimalware_output.conf"
Include "/var/cpanel/modsec/10_asl_rules.conf"
Include "/var/cpanel/modsec/11_asl_adv_rules.conf"
Include "/var/cpanel/modsec/11_asl_data_loss.conf"
Include "/var/cpanel/modsec/11_asl_rules.conf"
Include "/var/cpanel/modsec/12_asl_brute.conf"
Include "/var/cpanel/modsec/20_asl_useragents.conf"
Include "/var/cpanel/modsec/30_asl_antimalware.conf"
Include "/var/cpanel/modsec/30_asl_antispam.conf"
Include "/var/cpanel/modsec/30_asl_antispam_referrer.conf"
Include "/var/cpanel/modsec/31_asl_urispam.conf"
Include "/var/cpanel/modsec/40_asl_apache2-rules.conf"
Include "/var/cpanel/modsec/50_asl_rootkits.conf"
Include "/var/cpanel/modsec/51_asl_rootkits.conf"
Include "/var/cpanel/modsec/60_asl_recons.conf"
Include "/var/cpanel/modsec/61_asl_recons_dlp.conf"
Include "/var/cpanel/modsec/98_asl_adv_redactor.conf"
Include "/var/cpanel/modsec/98_asl_jitp.conf"
Include "/var/cpanel/modsec/99_asl_a_redactor.conf"
Include "/var/cpanel/modsec/99_asl_exclude.conf"
Include "/var/cpanel/modsec/99_asl_jitp.conf"
Include "/var/cpanel/modsec/99_asl_redactor.conf"
Include "/var/cpanel/modsec/99_asl_redactor_post.conf"

Powered by WordPress