Articles by Till Brehm

About Till Brehm

Over 20 years of experience as a software developer and Linux system administrator. Till Brehm is the founder and lead developer of the ISPConfig hosting control panel software (since 2000) and he founded HowtoForge in 2005 as a place to share Linux knowledge with other Linux enthusiasts.

• HTTPOXY Vulnerability: How to protect and test your web server

  Author: Till Brehm • Tags: centos, debian, linux, ubuntu • Comments: 6

  This tutorial will show you how to protect your web server from HTTPOXY. It contains sections for the most used Linux Distributions CentOS + RHEL, Debian, and Ubuntu. The HTTPOXY vulnerability which has been found recently is a vulnerability that affects applications that run in cgi or cgi-like environments. This means that the issue affects almost all web servers including Apache and Nginx and also most PHP applications. Even the mod_php mode on apache is affected.

  read more... | view as pdf

• Chrooting Apache 2.4 with mod_unixd on Debian 8 (Jessie)

  Author: Till Brehm • Tags: apache, debian, security, web server • Comments: 3

  This guide explains how to set up mod_unixd with Apache on a Debian 8 system. With mod_unixd, you can run Apache in a secure chroot environment (similar to the older mod_chroot) and make your server less vulnerable to break-in attempts that try to exploit vulnerabilities in Apache or your installed web applications.

  read more... | view as pdf

• Managing a Headless VirtualBox Installation with phpvirtualbox (Ubuntu 16.04 LTS)

  Author: Till Brehm • Tags: linux, ubuntu, virtualbox, virtualization • Comments: 15

  Phpvirtualbox is a web-based VirtualBox front-end written in PHP that allows you to access and control remote VirtualBox instances. It tries to resemble the VirtualBox GUI as much as possible to make work with it as easy as possible. It is a nice replacement for the VirtualBox GUI if you run VirtualBox in headless servers (like in the tutorial VBoxHeadless - Running Virtual Machines with VirtualBox 5.1 on a headless Ubuntu 16.04 LTS Server). This tutorial explains how to install phpvirtualbox on an Ubuntu 16.04 server to manage a locally installed, headless VirtualBox.

  read more... | view as pdf

• VBoxHeadless - Running Virtual Machines with VirtualBox 5.1 on a headless Ubuntu 16.04 LTS Server

  Author: Till Brehm • Tags: linux, ubuntu, virtualbox, virtualization • Comments: 20

  This guide explains how you can run virtual machines with VirtualBox 5.1 on a headless Ubuntu 16.04 server. Normally you use the VirtualBox GUI to manage your virtual machines, but a server does not have a desktop environment. Fortunately, VirtualBox comes with a tool called VBoxHeadless that allows you to connect to the virtual machines over a remote desktop connection, so there's no need for the VirtualBox GUI.

  read more... | view as pdf

• How to Encrypt Directories with eCryptfs on Ubuntu 16.04

  Author: Till Brehm • Tags: security, storage, ubuntu • Comments: 7

  This tutorial shows how to use eCryptfs to encrypt a directory on Ubuntu 16.04. eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux. You can use it to encrypt partitions and also directories that don't use a partition of their own, no matter the underlying filesystem, partition type, etc.

  read more... | view as pdf

• How to configure PureFTPd and FileZilla to use TLS sessions on CentOS 7.2

  Author: Till Brehm • Tags: centos, ftp, linux, security • Comments: 4

  This article explains how to configure PureFTPd to use TLS sessions on a CentOS 7.2 server. Plain FTP is an insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure.

  read more... | view as pdf

• High-Availability Storage with GlusterFS on CentOS 7 - Mirror across two storage servers

  Author: Till Brehm • Tags: centos, high-availability, linux, storage • Comments: 16

  This tutorial shows how to set up a high-availability storage with two storage servers (CentOS 7.2) that use GlusterFS. Each storage server will be a mirror of the other storage server, and files will be replicated automatically across both storage servers. The client system (CentOS 7.2 as well) will be able to access the storage as if it was a local filesystem. GlusterFS is a clustered file-system capable of scaling to several peta-bytes.

  read more... | view as pdf

• Using ATA Over Ethernet (AoE) on CentOS 7 (Initiator and Target)

  Author: Till Brehm • Tags: centos, linux, storage • Comments: 0

  This guide explains how you can set up an AoE target and an AoE initiator (client), both running CentOS 7. AoE stands for "ATA over Ethernet" and is a storage area network (SAN) protocol which allows AoE initiators to use storage devices on the (remote) AoE target using normal ethernet cabling. "Remote" in this case means "inside the same LAN" because AoE is not routable outside a LAN (this is a major difference compared to iSCSI). To the AoE initiator, the remote storage looks like a normal, locally-attached hard drive.

  read more... | view as pdf

• Setting Up an NFS Server and Client on CentOS 7.2

  Author: Till Brehm • Tags: centos, linux, server, storage • Comments: 12

  This guide explains how to set up an NFS server and an NFS client on CentOS 7. NFS stands for Network File System; through NFS, a client can access (read, write) a remote share on an NFS server as if it was on the local hard disk.

  read more... | view as pdf

• How to install SuPHP on CentOS 7.2

  Author: Till Brehm • Tags: centos, linux, server, web server • Comments: 8

  This tutorial describes the installation of SuPHP on centOS 7.2 from source as there are no SuPHP packages available for CentOS 7.2. SuPHP is an apache module that allows PHP to under a different Linux user than the apache user. This improves the security of hosted websites as you can run the PHP scripts of each website under a different user.

  read more... | view as pdf