Notice: Function register_sidebar was called incorrectly. No id was set in the arguments array for the "north_sidebar" sidebar. Defaulting to "sidebar-1". Manually set the id to "sidebar-1" to silence this notice and keep existing sidebar content. Please see Debugging in WordPress for more information. (This message was added in version 4.2.0.) in /var/www/vhosts/nvq.nl/wp-includes/functions.php on line 6170

Notice: Function register_sidebar was called incorrectly. No id was set in the arguments array for the "south_sidebar" sidebar. Defaulting to "sidebar-2". Manually set the id to "sidebar-2" to silence this notice and keep existing sidebar content. Please see Debugging in WordPress for more information. (This message was added in version 4.2.0.) in /var/www/vhosts/nvq.nl/wp-includes/functions.php on line 6170

Notice: Function register_sidebar was called incorrectly. No id was set in the arguments array for the "west_sidebar" sidebar. Defaulting to "sidebar-3". Manually set the id to "sidebar-3" to silence this notice and keep existing sidebar content. Please see Debugging in WordPress for more information. (This message was added in version 4.2.0.) in /var/www/vhosts/nvq.nl/wp-includes/functions.php on line 6170

Notice: Function register_sidebar was called incorrectly. No id was set in the arguments array for the "east_sidebar" sidebar. Defaulting to "sidebar-4". Manually set the id to "sidebar-4" to silence this notice and keep existing sidebar content. Please see Debugging in WordPress for more information. (This message was added in version 4.2.0.) in /var/www/vhosts/nvq.nl/wp-includes/functions.php on line 6170
nvq.nl » Extra beveiligings opties voor Ubuntu 16.04 VPS

Extra beveiligings opties voor Ubuntu 16.04 VPS

June 19th, 2016
Warning: Undefined variable $comments in /var/www/vhosts/nvq.nl/wp-content/themes/inove/page.php on line 10

Postfix:

Aanpassen banner. Zo min mogelijk versie info ed. vrijgeven:

sudo nano /etc/postfix/main.cf

Verander:

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)

in:

smtpd_banner = $myhostname ESMTP

 

Apache 2.4:

Zo min mogelijk versie info vrijgeven:

sudo nano /etc/apache2/conf-available/security.conf

Zorg dat de volgende instellingen goed staan:

ServerTokens Prod

ServerSignature Off

TraceEnable Off

Header unset ETag

Header always unset X-Powered-By

FileETag None

ModSecurity:

sudo apt install libapache2-mod-security2

sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf

sudo nano /etc/modsecurity/modsecurity.conf

SecRuleEngine On

SecRequestBodyLimit 16384000                      (File upload limit 16mb, zet hoger als je dat nodig hebt.)

SecRequestBodyInMemoryLimit 16384000

Mod-evasive:

sudo apt install libapache2-mod-evasive

Maak een log directory:

sudo mkdir /var/log/mod_evasive

sudo chown www-data:www-data /var/log/mod_evasive/

sudo nano /etc/apache2/mods-available/evasive.conf

Pas deze aan tot:

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10

DOSEmailNotify jouw@email.nl
#DOSSystemCommand “su – someuser -c ‘/sbin/… %s …'”
DOSLogDir “/var/log/mod_evasive”
DOSWhitelist 127.0.0.1
</IfModule>

Controleer of de mods is enabled:

sudo a2enmod evasive

herstart apache:

sudo apache2ctl restart

 

Comments are closed.