- Web Server
- Control Panels
- Site Map/RSS Feeds
Install and Configure Auth Shadow on Debian/Ubuntu
Auth Shadow or mod-auth-shadow is a module for apache (and apache2, sort of) that enables authentication against /etc/shadow. The benefits being that any system user with a password can be authenticated for web_dav, subversion or simply an https server. The only other way to do this is with PAM. That method is dangerous because the apache user (www-data in my case) must be able to read /etc/shadow. Obviously, not a good idea. Auth Shadow accomplishes this safely by using a intermediate program called validate. This works because validate can be owned by root but executable by everyone. In the event that your server is compromised through apache, your password file will not be readable.
Virtual Users With Postfix, PostfixAdmin, Courier, Mailscanner, ClamAV On CentOS
In this how to I will explain how to setup a Postfix virtual mailserver with Courier-IMAP, Maildrop and Postfix Admin GUI. We will secure our mailserver with Mailscanner and Clamav as anti-virus and Spamassassin as anti-spam.
Secure your SSH deployment with WiKID two-factor authentication
In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution. The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution.
How To Automatically Scan Uploaded Files For Viruses With php-clamavlib
This guide describes how you can automatically scan files uploaded by users through a web form on your server using PHP and ClamAV. That way you can make sure that your upload form will not be abused to distribute malware. To glue PHP and ClamAV, we install the package php5-clamavlib/php4-clamavlib which is rather undocumented at this time. That package is available for Debian Etch and Sid and also for Ubuntu Dapper Drake and Edgy Eft, so make sure you use one of these platforms.
How to configure OpenVPN to use WiKID Strong Authentication
The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution. This guide demonstrates how to OpenVPN and SSH to use one-time passwords from WiKID. While both solutions support private key authentication, that may not be sufficient for your requirements; you may need one-time passwords for webmail or extranet access; or centralized authentication management and logging.
Securing the connection between MySQL and MySQL Administrator using an SSH tunnel
This is a description of how to set up a secure tunnel between your MySQL Server and a locally running MySQL Administrator using Putty. By creating a secure tunnel to your MySQL server using Putty, you can grant localhost access to powerful applications like MySQL Administrator while at the same time, make your server appear as if it isn't even there. In effect, make your MySQL server disappear from the outside world.
Key-Based SSH Logins With PuTTY
This guide describes how to generate and use a private/public key pair to log in to a remote system with SSH using PuTTY. PuTTY is an SSH client that is available for Windows and Linux (although it is more common on Windows systems). Using key-based SSH logins, you can disable the normal username/password login procedure which means that only people with a valid private/public key pair can log in. That way, there is no way for brute-force attacks to be successful, so your system is more secure.
Set Up Ubuntu-Server 6.06 LTS As A Firewall/Gateway For Your Small Business EnvironmentThis tutorial shows how to set up a Ubuntu 6.06 LTS server ("Dapper Drake") as a firewall and gateway for small/medium networks. The article covers the installation/configuration of services such as Shorewall, NAT, caching nameserver, DHCP server, VPN server, Webmin, Munin, Apache, Squirrelmail, Postfix, Courier IMAP and POP3, SpamAssassin, ClamAV, and many more.
Postfix with dkfilter (DomainKeys Implementation)
DomainKeys is an anti-spam software application in development at Yahoo that uses a form of public key cryptography to authenticate the sender's domain. dkfilter is an SMTP-proxy designed for Postfix. It implements DomainKeys message signing and verification. It comprises two separate filters, an "outbound" filter for signing outgoing email on port 587, and an "inbound" filter for verifying signatures of incoming email on port 25. This document is to describe step by step how to install dkfilter for postfix to deploy domainkeys signing and verification.
Set Up Ubuntu-Server 6.10 As A Firewall/Gateway For Your Small Business Environment
This tutorial shows how to set up a Ubuntu 6.10 server ("Edgy Eft") as a firewall and gateway for small/medium networks. The article covers the installation/configuration of services such as Shorewall, NAT, caching nameserver, DHCP server, VPN server, Webmin, Munin, Apache, Squirrelmail, Postfix, Courier IMAP and POP3, SpamAssassin, ClamAV, and many more.