HTTP Authentication is the easiest way to prevent anonymous user access to your website. If you are on Apache, you can refer to the following post.
.htaccess – Setting Password For Your Web Folder
After you have created the password file, you could add the following line in the .htaccess or in the Apache VirtualHost.
My server was hacked. ToT
One day i found that i couldn’t login the server thru SSH and the CPU usage jumped to 100% for more than 12 hours. Finally i could login as root and found that a new user R00T was created and the SSH service was restarted with all settings in the sshd config file commented out. =.=
So from now on i will use Key Authentication instead of simple Password Authentication. Here is a very useful guide on Linode.com which shows you how to secure your server.
Linode Library – Securing Your Server
In order to use the Key Authentication, you need to generate the private key and public key on your desktop/labtop computers. This is straight forward if you are a Mac or Linux user who could use the ssh-keygen command. But for Windows user, you have to use 3rd party program like PuTTYgen. I suggest using WinSCP + PuTTY.
For security reason, we’d better disable the root SSH access to server. Follow the steps below. (root privilege is needed)
1. Edit the SSH config file
- Ubuntu – vi /etc/ssh/sshd_config
- Fedora – vi /etc/sshd/sshd_config
If your website is marked as “This site may harm your computer” by Google, most likely your site is hacked. In that case, log in to Google Webmaster Tools and it will shows you which URLs are “infected”. This should help a lot to clean the malware.
So make sure you have configured Google Webmaster Tools for your live websites. Continue reading
Sometimes, when u search in Google, you may notice that some websites are marked as “This site may harm your computer”. This indicates that that specific websites contains malware either intentionally or hacked. Google provides an service to check if your website contains malware. Continue reading
Previously, i was working with an web application which allows me to upload a certificate into a keystore. Unfortunately, it only accept certificate in Base64/PEM format but not binary. So i have to convert the certificate into Base64/PEM and this could be done by Portecle.
Portecle is a very useful Java program with User Interface which make keystore and certificate management a piece of cake. The following screenshots show you how to get the Base64/PEM encoding from a binary certificate. Continue reading
You can add a .htaccess file to secure your web folder with password protection. Let’s assume the location web folder is /home/ykyuen/public_html
Keys can be used for Data Encryption and Digital Signing. They can be generated by OpenSSL which i have talked about in a previous article.
Actually, the Java JDK also provides API for creating key pair. Continue reading
I will show you how to generate the following files using OpenSSL.
- Private Key
- Certificate Signing Request
- X.509 Certificate/Public Key
- PKCS12 Keystore