Membiarkan default port ssh yaitu port 22 adalah sesuatu yang tidak dianjurkan dalam hal keamanan sebuah vps atau server. Banyak sekali orang yang tidak peduli atas hal ini dengan membiarkan port SSH tetap default.
Panduan singkat ini akan memberikan bagai mana cara mengubah default port SSH pada Debian, Ubuntu dan CentOS sehingga bisa lebih meningkatkan keamanan VPS atau server anda.
Tahapanan adalah sebagai berikut:
1. Install text editor NANO, supaya lebih memudahkan dala melakukan pengubahan konfigurasi server melalui ssh
2. Buka file konfigurasi SSH dengan menggunakan NANO
nano /etc/ssh/sshd_config
3. Setelah masuk kedalam file konfigurasi SSHD, cari port 22 lalu ubah angka 22 menjadi angka yang anda sukai dan mudah di ingat oleh anda. Misal kita ubah menjadi:
port 1734
4. Simpan konfigurasi SSHD yan baru dengan menekan CTRL + O
5. Keluar dari file konfigurasi SSHD dengan menekan CTRL + X
6. Restart SSH daemon agar konfigurasi SSHD yang baru bisa diterapkan.
Debian/Ubuntu : restart ssh
CentOS : service sshd restart
Setelah itu, maka ketika anda login ke server melalui SSH, anda harus memasukan port yang telah anda seting
How do I increase upload file limit from 2MB to 10MB under Apache 2 UNIX / Linux web server?
Your php installation putting limits on upload file size. The default will restrict you to a max 2 MB upload file size. You need to set the following two configuration options:
upload_max_filesize – The maximum size of an uploaded file.
memory_limit – This sets the maximum amount of memory in bytes that a script is allowed to allocate. This helps prevent poorly written scripts for eating up all available memory on a server. Note that to have no memory limit, set this directive to -1.
post_max_size – Sets max size of post data allowed. This setting also affects file upload. To upload large files, this value must be larger than upload_max_filesize. If memory limit is enabled by your configure script, memory_limit also affects file uploading. Generally speaking, memory_limit should be larger than post_max_size.
There are two methods two fix this problem.
Method # 1: Edit php.ini
Edit your php.ini file (usually stored in /etc/php.ini or /etc/php.d/cgi/php.ini or /usr/local/etc/php.ini): # vi /etc/php.ini
Sample outputs:
Edit .htaccess file in your root directory. This is useful when you do not have access to php.ini file. In this example, /home/httpd/html is considered as root directory (you can also create .htaccess file locally and than upload it using ftp / sftp / scp client): # vi /home/httpd/html/.htaccess
Append / modify setting as follows:
This is not installed by default on many servers (latest version of Debian, Ubuntu, and FreeBSD does install Suhosin by default). Use phpinfo() to find out if suhosin enabled or not (create test.php):
If you are using Suhosin which was designed to protect your servers against a number of well known problems in PHP applications and on the other hand against potential unknown vulnerabilities within these applications or the PHP core itself. You need to edit/etc/php.d/suhosin.ini to set correct memory and upload limit. As long scripts are not running within safe_mode they are free to change the memory_limit to whatever value they want. suhosin.memory_limit=32M
Sumber : http://www.cyberciti.biz/faq/linux-unix-apache-increase-php-upload-limit/
on my server, i tried to change host name by modifying the /etc/sysconfig/network; it did not take an effect of the modification. Even after multiple reboot of server, the host name remains localhost.localdomain. The procedure to change the host name in CentOS 7 is now totally different from the previous version, this guide will help you to setup the host name on CentOS 7 / RHEL 7.
CentOS 7 supports three class of Host Names:
Static – The static host name is traditional host which can be chosen by the user and is stored in /etc/hostname file.
Transient – The transient host name is maintained by kernel and can be changed by DHCP and mDNS.
Pretty – It is a free form UTF -8 host name for the presentation to the user.
How to Change:
Before changing the host name, lets check the current host name.
Login as a root user and type the following yum command: $ sudo yum erase httpd httpd-tools apr apr-util
OR # yum erase httpd httpd-tools apr apr-util
Sample outputs:
Loaded plugins: downloadonly, fastestmirror, security
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package apr.x86_64 0:1.3.9-5.el6_2 will be erased
---> Package apr-util.x86_64 0:1.3.9-3.el6_0.1 will be erased
--> Processing Dependency: apr-util = 1.3.9-3.el6_0.1 for package: apr-util-ldap-1.3.9-3.el6_0.1.x86_64
---> Package httpd.x86_64 0:2.2.15-29.el6.centos will be erased
---> Package httpd-tools.x86_64 0:2.2.15-29.el6.centos will be erased
--> Running transaction check
---> Package apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 will be erased
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Removing:
apr x86_64 1.3.9-5.el6_2 @base 296 k
apr-util x86_64 1.3.9-3.el6_0.1 @base 198 k
httpd x86_64 2.2.15-29.el6.centos @base 2.9 M
httpd-tools x86_64 2.2.15-29.el6.centos @base 137 k
Removing for dependencies:
apr-util-ldap x86_64 1.3.9-3.el6_0.1 @base 9.3 k
Transaction Summary
================================================================================
Remove 5 Package(s)
Installed size: 3.6 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Erasing : httpd-2.2.15-29.el6.centos.x86_64 1/5
Erasing : httpd-tools-2.2.15-29.el6.centos.x86_64 2/5
Erasing : apr-util-ldap-1.3.9-3.el6_0.1.x86_64 3/5
Erasing : apr-util-1.3.9-3.el6_0.1.x86_64 4/5
Erasing : apr-1.3.9-5.el6_2.x86_64 5/5
Verifying : httpd-2.2.15-29.el6.centos.x86_64 1/5
Verifying : apr-util-ldap-1.3.9-3.el6_0.1.x86_64 2/5
Verifying : httpd-tools-2.2.15-29.el6.centos.x86_64 3/5
Verifying : apr-util-1.3.9-3.el6_0.1.x86_64 4/5
Verifying : apr-1.3.9-5.el6_2.x86_64 5/5
Removed:
apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1
httpd.x86_64 0:2.2.15-29.el6.centos httpd-tools.x86_64 0:2.2.15-29.el6.centos
Dependency Removed:
apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1
Complete!
## open port 80 /443 ##
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
Save and close the file. Restart iptables: # service iptables restart
You need to repeat the same steps for ip6tables – IPv6 packet filter by editing/etc/sysconfig/ip6tables # vi /etc/sysconfig/ip6tables
Find and remove line as follows:
## open port 80 /443 for IPv6 ##
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
Save and close the file. Restart the ip6tables service: # service ip6tables restart
Related media
Sumber : http://www.cyberciti.biz/faq/uninstall-apache-redhat-centos-rhel-fedora-linux-command/