Postfix dkim and spf filtering

Installing OpenDKIM:
yum install opendkim

Create private and public key:

mkdir /etc/opendkim/keys/myhostname.lt
/usr/sbin/opendkim-genkey -D /etc/opendkim/keys/myhostname.lt/ -d myhostname.lt -s default
chown -R root:opendkim /etc/opendkim/keys/myhostname.lt
chmod 640 /etc/opendkim/keys/myhostname.lt/default.private
chmod 644 /etc/opendkim/keys/myhostname.lt/default.txt

(more…)

Read More

Setting static IP in CentOS 7 Minimal Installation

In order to set the network adapter and get get CentOS to communicate on the network the Ethernet adapter will need to be configured. In this lesson I will set a static IP address for the network adapter. To view a list of your network adapters use the command ip addr.

The configuration file for the network adapter should be located at /etc/sysconfig/network-scripts/ifcfg-enp0s3. With the minimal installation of CentOS there are not many options available to configure the network adapter. One option is to use the vi editor or nano to configure ifcfg-enp0s3. Another option is to use the nmtui utility to edit the network adapter. (more…)

Read More

Prevent DOS with iptables

Of course there are several types of DOS attacks , in this post I will demonstrating the use if iptables to limit the traffic on port 80.

The goal is to keep your web server “responsive” to legitimate traffic, but to throttle back on excessive (potential DOS) traffic.

In this demonstration iptables is configured :

  1. The default policy is ACCEPT (to prevent lockout in the event of flushing the rules with iptables -F).
  2. “Legitimate” traffic is then allowed. In this example I am allowing traffic only on port 80.
  3. All other traffic is then blocked at the end of the INPUT chain (the final rule in the INPUT chain is to DROP all traffic).

(more…)

Read More

CentOS timezone config

CentOS timezone config files and directories

  • /usr/share/zoneinfo/ – The system timezone directory contains the files as per timezone name. For example, the file /usr/share/zoneinfo/America/New_York represents time zone for New York.
  • /etc/localtime – It is a symlink to the file localtime or to the correct timezone file in the system located in /usr/share/zoneinfo/ directory.

(more…)

Read More

.htaccess Error Documents

Apache allows you to customize the server at the directory level, using .htaccess files. This tutorial explains how to use them to serve custom 404 error (page not found), and other common error pages, to your users.

Server response codes

A server reponse code is a three digit number sent by a server to a user in response to a request for a web page or document. They tell the user whether the request can be completed, or if the server needs more information, or if the server cannot complete the request. Usually, these codes are sent ‘silently’ – so you never see them, as a user – however, there are some common ones that you may wish to set up error pages for, and they are listed below. Most people will only ever need to set up error pages for server codes 400, 401, 403, 404 and 500, and you would be wise to always have an error document for 404 errors at the very least.

It is also relatively important to ensure that any error page is over 512 bytes in size. Internet Explorer 5, when sent an error page of less than 512 bytes, will display its own default error document instead of your one. Feel free to use padding if this is an issue – personally, I’m not going to increase the size of a page because Internet Explorer 5 doesn’t behave well.

In order to set up an error page for any other error codes, you simply add more lines to your .htaccess file. If you wanted to have error pages for the above five errors, your .htaccess file might look something like this:
ErrorDocument 400 /400.html
ErrorDocument 401 /401.html
ErrorDocument 403 /403.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html (more…)

Read More