Hardening Tutorials

Disable user login to SSH

In this tutorial, you will learn how to disable user logins via SSH. By default on newer Ubuntu systems and some other Linuxes with SSH installed, all users who have an account on the system are permitted to login via SSH. This is undesirable in certain situations.

Use htaccess to Block IP Address

In this tutorial we will show how to use an .htaccess file to block an IP address. This is one of several methods of blocking incoming requests to a web server. Other methods include blocking the IP address at the firewall or in PHP code, etc.

There are many reasons why you would want to block an IP address. It may be someone or something wasting or stealing your resources by making multiple requests to files on your server. It could be someone trying to spam your site. Whatever the reason for wanting to block an IP address, the htaccess file comes to the rescue.

Check open ports on Ubuntu Linux

One may want to check open ports on Ubuntu to ensure that there are no services listening that shouldn't be. If we remember, a port is what an application will use to communicate with another application, provide a service, etc. To get an idea of what services are running on a system, we would need to check the open ports on the system.

Check Apache version on Ubuntu linux

To ensure that we have the latest version of the Apache web server running, we need to perform a check on our current version. In the tutorial below, we will demonstrate how easy it is to check our Apache version on Ubuntu or other similar modern flavour of Linux.

To check what version of Apache we have running, we can open a terminal and execute the following command:

apache2 -v

We invoke the apache2 binary which is located at /usr/sbin/apache2 (by default in Ubuntu 10.04 LTS) and tell it that we want to know the current version.

Update Ubuntu using the Command line

Updating your Ubuntu Linux distribution using the command line is very simple two-step process. Using the package manager, you can easily update your system as it automatically finds newer versions of your installed software. To perform the update, you will need to:

  • Refresh the apt system to ensure it contains all the newest information about packages
  • Download then install any packages that have newer versions

Pretty simple isn't it? The details of updating are below.

Disable PHP Functions Using disable_functions in php.ini

PHP is a feature rich scripting language, but when used improperly, whether intentionally or unintentionally, it can cause damage to be done. This damage can be total compromise of the web server and/or its data. Using the php.ini file, we can easily disable PHP functions which we deem to be dangerous.

Hide Apache and PHP Version and Signatures in Ubuntu Linux

By default, your Apache web server (and PHP if it is installed) will indicate to clients the exact version of the Apache software which is running. This version information can be seen in the HTTP response header.