Apache Access Logs to MySQL Database

Apache Access Logs

Centralising Apache logs can be useful in many scenarios. Let’s get the basics 1st. So Apache logs can be defined as

In order to effectively manage a web server, it is necessary to get feedback about the activity and performance of the server as well as any problems that may be occuring. The Apache HTTP Server provides very comprehensive and flexible logging capabilities.
Today we’ll setup Apache to log each access request to MySQL database rather than storing it in a flat file. Unlike logging to a flat text file, a SQL-based log exhibits tremendous flexibility and power of data extraction. Let’s dive in.

and Apache access logs can be defined as

The server access log records all requests processed by the server. The location and content of the access log are controlled by the CustomLog directive.

Today let’s see how to setup Apache to use MySQL to store the all the logs. Apache access logs will be sent to MySQL database through the Apache log module.

Apache Access Logs to MySQL

Apache Access Logs to MySQL

– Read More –

Web Shell – WSO – Security – #ImAWhiteHat

So WSO!!!

By attempting any of the things listed in this blog post you accept full responsibility for your actions and I will not be held responsible whatsoever. This tutorial is strictly for penetration testers only. 

Today we are going to talk about a slightly different topic. I’m pretty sure you are going to love it if you are techie like me. This post is strictly dedicated to security personals out there who are white hats(neither black hats nor grey hats). Hacking or in other terms exploiting a vulnerability is an interesting topic that is also a massive area to be studied. The topic comes under computer security. This blog post will focus on controlling a remote server via a small script which is called a web shell. A popular one has a variation and is known as the ‘WSO Web Shell’. Today we’ll see what we can do with it and how.

So a web shell can also be defined as a type of Remote Administration Tool (RAT) or Backdoor. The web shell can be a full featured administrative GUI which has all the features you need to own/run/destroy a server or as simple as a single line of code that simply takes commands through a browser’s URL and execute it in the server. Beauty is web shells can be written in any language that a server supports. As an example WSO, the one we are going to look at today is written in PHP. So let’s assume that you are running Apache with PHP you will be vulnerable for PHP web shells such as this mighty WSO if you don’t have proper security in place. Most dangerous part is when the shell is installed, it will have the same permissions and abilities as the user who put it on the server. Now you know what’s a web shell is. If you are looking for a list of web shells that are being used in the tech world you can find them right here. Also makes sure that you have harden the Apache server as given this this blog post. – Read More –

Nikto Tutorial – Security – #ImAWhiteHat

So Nikto!!!

By attempting any of the things listed in this blog post you accept full responsibility for your actions and I will not be held responsible whatsoever. This tutorial is strictly for penetration testers only. 

Is your site safe on the internet? Are you sure? Let’s make sure you are safe from hackers. Today we’ll divine into a tool which will help us to stay safe. The name is Nikto. It is a web vulnerability scanner else can be called as a security testing tool that scans web servers for vulnerabilities and other known issues. It’s written in Perl means it will run on most operating systems with the necessary Perl installed. In this nikto tutorial I will guide you through using it on Ubuntu given that Perl comes already installed in Ubuntu. Beauty of open source right? It is very straight forward to use Nikto meaning that from a single command you get whether there are vulnerabilities or not. As they say

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

There are two ways to get started. Let me show you both ways. You can select whichever way you like.

– Read More –

class diagram

Class Diagram From PHP Code Using phUML

Today we are going to talk about UML Generator called phUML which is written in PHP. phUML is one of the best tools I have encountered to generate a class diagram from the existing PHP code. This is a common need when it comes to agile methodology. At some point we all have to write code 1st then do the documentation such as draw class diagrams for future references which is crucial for project success. There are tons of tools but most of them are paid or else not working properly but this tool is golden. Okay now if you ask me what’s phUML is, the answer is right below.

phUML is fully automatic UML class diagramm generator written PHP. It is capable of parsing any PHP5 object oriented source code and create an appropriate image representation of the oo structure based on the UML specification.

The image below here is the generated class diagram which phUML created when run on a particular codebase.

phuml generated class diagram

phUML generated class diagram

Okay let’s get down to business. – Read More –

How to setup HAProxy with Keepalived

Back once again it’s Linux time. This post also can be named as how to set up a floating IP between load balancers or how to set up a shared IP for between load balancers or how to configure a high available load-balancers. what happens here we are using keepalived, which allows us to setup HAProxy nodes to create active/passive cluster so that load can be divided amount node members. If the main HAProxy node goes down, the second one(slave node) will be elected as master node. We are getting it done using VRRP.

What & How VRRP Works

The VRRP protocol provides automatic assignment of available IP to participating hosts which ensures that one of participating nodes is master. The master and slave node acts as a group where the backup node listens for multicast packets from a node with a higher priority which could the master node. If the backup node fails to receive VRRP advertisements for a period of time longer than three times of the advertisement timer, the backup node takes the master state and assigns the configured shared/floating IP to itself. In case there are more than one backup nodes with the same priority, the one with the highest IP wins the election.

Keepalived is a routing software written in C. The main goal of this project is to provide simple and robust facilities for loadbalancing and high-availability to Linux system and Linux based infrastructures.

 

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world’s most visited ones.

Today what we are trying to implement the load balancer cluster as follows. It’ll be an active/passive load balancer cluster

Keepalived & HAProxy Load Balancing

Keepalived & HAProxy Load Balancing

– Read More –

Older Posts
Newer Posts