本程序正式名称为httpgate，顾名思义http的大门，所有的http请求都要通过httpgate。httpgate为web server及后端的业务逻辑提供良好的保护功能，最大限度屏蔽恶意访问。同时，针对apache，httpgate能够与客户端保持大量的长连接，提高了系统的整体性能。 1.3      简介 httpgate是一个http 7层代理软件，专注于http代理及http防攻击，具备如下特点： 1.       采用事件驱动、异步、非阻塞的设计模式。性能优秀，开启http防攻击的情况下，性能接近nginx 2.       对客户端ip和客户端cookie的访问情况进行统计，支持基于客户端ip和客户端cookie的防攻击。 3.       代理层采用读取转发的方式，有效保护后端web server 4.       支持ip白名单，黑名单 5.       支持细致的客户端连接参数配置，可针对不同的应用类型、可能的攻击方式，配置不同的参数，提升攻击的代价。比如客户端连接超时、客户端写入超时、客户端读...

全新安装的LUM登陆提示：数据库lumanager不存在或是出现： access denied for user root @localhost解决方法： lu-repair -y 然后lu-restart 实在不行，就直接重新用zijidelu_install.sh装一下.极少这种情况。注意如果装了两个数据库，不能启动系统自带的数据库服务。否则会识别不了数据库。Q:系统发生错误    您可以选择 [ 重试 ] [ 返回 ] 或者 [ 回到首页 ][ 错误信息 ]Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)A:执行：ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock   用mysql-restart看是否有错误提示，或者检查改一下home/lum_safe_files/config.php  or /usr/local/LuManager/Conf/config.php中的数据库连接密,当然你可以选择命令一键初始（mysql-reset_password 初始化mysql密码命令）你也可以看看http://www.zijidelu.org/thread-2679-1-1.html

1.yum install -y epel-release wget unzip                   #安装EPEL源2.yum -y update && systemctl reboot                        #启动EPEL源3.yum install mongodb-server                               #安装mongodb服务4.firewall-cmd --permanent --add-port=27017/tcp            #开启防火墙端口5.firewall-cmd --reload                                    #重启防火墙 6.systemctl enable mongod   &nb...

Linux VPN服务器_CentOS/Ubuntu一键安装IPSEC/IKEV2 VPN服务器【安装】用法很简单：总结成一句话就是：除了类型要选对以外，其他的一路回车就好了具体如下：1.下载脚本: wget https://raw.githubusercontent.com/quericy/one-key-ikev2-vpn/master/one-key-ikev2.sh2.运行(如果有需要使用自己已有的根证书，请将私钥命名为ca.cert，将根证书命名为ca.cert.pem，放到脚本的相同目录下再运行该脚本，没有证书的话将自动生成自签名证书咯)： chmod +x one-key-ikev2.sh bash one-key-ikev2.sh3.等待自动配置部分内容后，选择vps类型（OpenVZ还是Xen、KVM），选错将无法成功连接，请务必核实服务器的类型。输入服务器ip或者绑定的域名(连接vpn时服务器地址将需要与此保持一致)，以及证书的相关信息(C,O,CN)，使用自己的根证书的话，C,O,CN的值需要与根证书一致，为空将使用默认值(default value)，确认无误后按任意键继续4.输入两次pkcs12证书的密码(可以为空)5.看到install success字样即表示安装成功。默认用户名密码将以黄字显示，可根据提示自行修改文件中的用户名密码。6.将提示信息中的证书文件ca.cert.pem拷贝到客户端，修改后缀名为.cer后导入。ios设备使...

Installing PHP 5.4 on RHEL 6 and CentOS 6Red Hat Enterprise Linux and CentOS 6 still ship with PHP 5.3. ownCloudrequires PHP 5.4 or better. There are several third-party repositories thatsupply PHP 5.4, but you must use the Software Collections (SCL) repository tobe in compliance with your RHEL support contract, and not any other third-partyrepository.RHEL 6Follow these steps to install PHP 5.4 from SCL. First you must useyour Subscription Manager to enable SCL:subscription-manager repos --enable rhel-server-rhscl-6-eus-rpms Then install PHP 5.4 and these modules:yum install php54 php54-php php54-php-gd php54-php-mbstring You must also install the updated database module for your database. Thisexample installs the new PHP 5.4 module for MySQL/MariaDB:yum install php54-php-mysqlnd Disable loading the old PHP 5.3 Apache module:mv /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php53.off You should now have a /etc/httpd/conf.d/php54-php.conf file, which loads thecorrect PHP 5.4 module f...

How To Install RabbitMQ in CentOS 7In this tutorial we will show you how to install and configuration of RabbitMQ on your CentOS 7 server. For those of you who didn’t know, RabbitMQ is open source message broker software (sometimes called message-oriented middleware) that implements the Advanced Message Queuing Protocol (AMQP). The RabbitMQ server is written in the Erlang programming language and is built on the Open Telecom Platform framework for clustering and failover. Client libraries to interface with the broker are available for all major programming languages.This article assumes you have at least basic knowledge of linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation RabbitMQ on a CentOS 7 server.Install RabbitMQ in CentOS 7...

How To Install Glances System Monitoring on CentOS 7In this tutorial we will show you how to install and configuration of Glances System Monitoring on your CentOS 7 server.  For those of you who didn’t know, Glances is a free software (licensed under LGPL) to monitor your GNU/Linux or BSD operating system from a text interface. Using it you can monitor CPU, Load Average, Memory, Network Interfaces, Disk I/O, File System spaces utilization, mounted devices, total number of active processes and top processes. There are many interesting options available in Glances. One of the main features is that you can set thresholds (careful, warning and critical) in a configuration file, and information will be shown in colors which indicates the bottleneck in the system. Glances uses the library libstatgrab to retrieve information from your system and it is developed in Python.This article assumes you have at least basic knowledge of linux, know how to use the shell, and most importantly, yo...

How To Install Zabbix on CentOS 7In this tutorial we will show you how to install and configuration of Zabbix on your CentOS 7 server. For those of you who didn’t know, Zabbix is an open source monitoring tool that is ideal for monitoring your cloud servers. Zabbix is very flexible, information can be retrieved using HTTP/SNMP or by installing a Zabbix agent on the machines to monitor, and allows a lot of customization.This article assumes you have at least basic knowledge of linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Zabbix on a CentOS 7 server.Install Zabbix on CentOS 7Step 1. First of all make sure that all packages are up to date.yum -y update1yum -y updateStep 2. Install LAMP server.A CentOS 7 LAMP server is required....

�����ڵ�����Ȩ�鿴����־

openssl又被爆出新漏洞（CVE-2016-2107）(升级脚本)OpenSSl 密码库的维护人员发布了一个高危安全漏洞的补丁（CVE-2016-2107），这个漏洞可以让攻击者在web服务器上解密登录证书或者执行恶意代码。当连接使用AES CBC加密并且服务器支持AES-NI的情况下，中间人攻击者可以使用padding oracle攻击来解密流量。填充检测被重写来确保读取的字节总是相同的，并且对MAC和填充字节进行比较。但它不再检查是否有足够的数据来包含MAC和填充字节。影响：高危修复方案：OpenSSL 1.0.2 用户请更新到1.0.2h版本OpenSSL 1.0.1 用户请更新到1.0.1t版本https://www.openssl.org/news/vulnerabilities.html#y2016----------------------------分割线登录SSH上操作wget http://down.wdlinux.cn/in/openssl201605.shsh openssl201605.sh如果能顺利执行完成，不出什么错，就升级完了