How to install PHP-APC on a Debian Server
The Alternative PHP Cache is - like the name says- a common php cache used by many websites. It accelerates the website delivery from the server to the user by caching often used code.
If you want to use the Alternative PHP Cache, you just need to install the php-apc.
Follow these stepps:
1. Log into your server by ssh
2. If you are ROOT run this code:
apt-get install php-apc
3. If you aren't ROOT run this code:
su apt-get install php-apc
That's all. Note: don't use this in a development system, because changes on the code can take some time before showing their effect.
How to secure a SSH / Secure Shell with denyhosts?
You don't know what SSH is? Look here: http://kamilski.com/2010/01/26/what-is-ssh-secure-shell/
Many server owners have a bad feeling when they think about SSH-access and the security of their server, because they are afraid that someone can break their password and abuse their server for warez or crash a big company site hosted on this server. There are many many bad things and scenarios which can happen to everyone of us. For some of us it would be a worst-case-scenario to lose the own server and as a result to lose money.
How do hackers/botnets attack?
The most attacks from hackers/bot nets are brute force attacks. First of all they try all words from a list of the most used passwords to guess the password for the root-account. If this fails they try to break your password by trying every combination from a specific dictionary. Some dictionaries have 1000 words, others 5 million. It depends on the hacker/botnet.
How can I secure my SSH-access?
Try DenyHosts
How does DenyHosts work?
Let's start with the auth.log file. The auth.log is a file that saves every (tried) access to your server. It looks something like this:
Nov 8 12:24:56 v229031102 sshd[2261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.106.70.69 user=root
Nov 8 12:24:58 v229031102 sshd[2261]: Failed password for root from 38.106.70.69 port 52170 ssh2
Nov 8 12:24:59 v229031102 sshd[2314]: error writing /proc/self/oom_adj: Permission denied
As you can see it saves the user name, the IP and the process. Denyhosts checks every 30 seconds if there have been some failed access attempts to your server. It counts the failed accesses from one IP. If the failed access attempts have reached a specific number (standard is 5) denyhosts inserts the IP into the /etc/hosts.deny file. This file contains all IPs which are forbidden to access your server in any way. The maximum failed access attempts for the root-account are/is 1. The IP will be banned for a specific time (more info's later).
How do I install Denyhosts?
I will write the install instructions for Debian/Ubuntu, because most people are using Debian or Debian based Linux distributions. Install Denyhosts with the following command:
sudo apt-get install denyhosts
If you are allready root, use this:
apt-get install denyhosts
Change the directory to /etc/. Now open the "denyhosts.conf" with your favorite editor, for example nano:
nano denyhosts.conf
Search for "DAEMON_SLEEP = 30s". Here you can set the interval how often Denyhosts should check the auth.log file. With "PURGE_DENY = 1d" you can set the duration of the ban. It's your choice: set it to 1 month if you want, but remember that your hosts.deny file will grow and grow every day. The last option I want to present you is "DAEMON_PURGE = 1d". It starts the cleaning process of the hosts.deny file and deletes the aged entries. It´s enough if you start this process once a day.
When you are done, save the file with "CTRL+O" and exit with "CTRL+X". Restart the Denyhosts-daemon: "/etc/init.d/denyhosts restart"
Note: Some older Ubuntu versions don't have the hosts.deny file. You have to create it on your own: "touch /etc/hosts.deny".
What is SSH / Secure Shell?
The SSH is a secured shell, which allows you to send commands to a server or exchange data between your server and your pc/Mac/whatever. It creates a secure channel between both points.
SSH is most frequently used to manage servers remotely and it is installed in nearly all popular distributions of Linux/Unix systems. The secure shell is popular because it establishes a secure connection between your pc and server using public-key cryptography BEFORE the user enters the username and password.
Clients for SSH under Windows:
- PuTTy
- WinSCP (based on PuTTy)
Click on the link to view more clients on wikipedia: http://en.wikipedia.org/wiki/Comparison_of_SSH_clients
Linux/Unix systems:
Most operating systems have allready a build-in client.
If you would like to know more read a book about SSH and the commands you can use.
What is "bad traffic"?
First of all we have to take a look on "good traffic":
"Good traffic" is Internet traffic to a website or a web service, which can be monetized by advertisement or in some other ways. In this case the webmaster earns enough to pay for the server/hosting and gets perhaps some extra money for himself.
"Bad traffic" is Internet traffic to a website or other web services, that create a huge amount of traffic and by this, costs to the webmaster. The difference between "good" and "bad traffic" is, that webmasters have big problems to monetize "bad traffic". Because they get really small money for the clicks on advertisement.
Bad traffic is often abusive. Lets take a look on an example: web proxies (http://mytwitterproxy.com) get much abusive traffic from the Islamic Republic of Iran, Iraq or Saudi Arabia. Users from this countries often visit pornographic content and create massive traffic. When they click on advertisement, there clicks are mostly less worth than one US-cent. As you can see, the income does not cover the expanses.
We assume, that you can categorize good and bad traffic by their origin. In fact you can say that good traffic (good to monetize) comes from North America and from countries in Europe. Really "bad traffic" comes from the Near-East-Countries and from some Asian countries.
This is only one possible definition of good and bad traffic.
