{"id":1050,"date":"2014-08-04T18:07:37","date_gmt":"2014-08-04T16:07:37","guid":{"rendered":"http:\/\/blog.rabahi.net\/?page_id=1050"},"modified":"2014-10-06T14:42:45","modified_gmt":"2014-10-06T12:42:45","slug":"security-commons-survival-guides","status":"publish","type":"page","link":"https:\/\/blog.rabahi.net\/?page_id=1050","title":{"rendered":"Security-commons Survival Guide"},"content":{"rendered":"<blockquote><p>Security as a condition is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization. Establishing or maintaining a sufficient degree of security is the aim of the work, structures, and processes called &#8220;security.&#8221;<\/p><\/blockquote>\n<p style=\"text-align: right;\">Wikipedia<\/p>\n<div id=\"toc_container\" class=\"no_bullets\"><p class=\"toc_title\">Contents<\/p><ul class=\"toc_list\"><li><a href=\"#Here_are_some_best_practice\"><span class=\"toc_number toc_depth_1\">1<\/span> Here are some best practice<\/a><ul><li><a href=\"#For_you_server\"><span class=\"toc_number toc_depth_2\">1.1<\/span> For you server<\/a><\/li><li><a href=\"#For_your_applications\"><span class=\"toc_number toc_depth_2\">1.2<\/span> For your applications<\/a><\/li><\/ul><\/li><li><a href=\"#Backup_your_data\"><span class=\"toc_number toc_depth_1\">2<\/span> Backup your data<\/a><ul><li><a href=\"#Mysql\"><span class=\"toc_number toc_depth_2\">2.1<\/span> Mysql<\/a><\/li><li><a href=\"#Rsync\"><span class=\"toc_number toc_depth_2\">2.2<\/span> Rsync<\/a><\/li><li><a href=\"#lftp_sync_to_a_ftp_server\"><span class=\"toc_number toc_depth_2\">2.3<\/span> lftp (sync to a ftp server)<\/a><\/li><li><a href=\"#sql_server\"><span class=\"toc_number toc_depth_2\">2.4<\/span> sql server<\/a><\/li><\/ul><\/li><\/ul><\/div>\n<h1><span id=\"Here_are_some_best_practice\">Here are some best practice<\/span><\/h1>\n<h2><span id=\"For_you_server\">For you server<\/span><\/h2>\n<ul>\n<li><a href=\"?page_id=443\">Firewall<\/a> : You must close ALL ports except the ones you need. If possible restrict the access to a list of IP adress.<\/li>\n<li>ICMP : Configure your server to not answer to ping requests.<\/li>\n<li>Passwords\n<ul>\n<li>change default passwords for all your applications (specially some visible from outside!)<\/li>\n<li>use strongs passwords<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2><span id=\"For_your_applications\">For your applications<\/span><\/h2>\n<ul>\n<li><a href=\"?page_id=484\">Apache server<\/a> : user Proxypass to expose only url you choose.<\/li>\n<\/ul>\n<h1><span id=\"Backup_your_data\">Backup your data<\/span><\/h1>\n<h2><span id=\"Mysql\">Mysql<\/span><\/h2>\n<p>Look <a href=\"?page_id=476\">here<\/a><\/p>\n<h2><span id=\"Rsync\">Rsync<\/span><\/h2>\n<pre lang=\"bash\">\r\nrsync -r -t -p -v -h -b --progress --delete --force --filter \"- mydirectory1\" --filter \"- mydirectory2\" --filter \"- myFile1\" --suffix .rsync-backup \/etc\/directoryToBackup\/ \/opt\/backup\r\n<\/pre>\n<h2><span id=\"lftp_sync_to_a_ftp_server\">lftp (sync to a ftp server)<\/span><\/h2>\n<p>Create file.lftp:<\/p>\n<pre lang=\"bash\">\r\n# open connection:\r\nopen login:pwd@myftpserver\r\n\r\n# syncronize with remote:\r\n# directoryToSend : relative working directory path\r\n# www\/project : relative remote directory path to sync.\r\n# Options are : \r\n#    -v       : verbose\r\n#    -R       : Reverse (from working copy to remote)\r\n#    -e       : remove missing files in remote\r\n#  --no-perms : skip changing permissions\r\n#  --exclude  : exclude pattern to sync.\r\n#\r\nmirror \"\/mylocal\/directory\" my\/ftp\/directory -v -R -e --no-perms --exclude .tmp\r\n<\/pre>\n<pre lang=\"bash\">\r\nlftp -f .\/file.lftp\r\n<\/pre>\n<h2><span id=\"sql_server\">sql server<\/span><\/h2>\n<pre lang=\"bash\">\r\necho install Node.js package manager\r\nyum -y install npm\r\n\r\necho install Cross platform command line interface for SQL Server\r\nnpm install sql-cli\r\n<\/pre>\n<p>Now you can use it like this:<\/p>\n<pre lang=\"bash\">\r\nmssql --server myserver --user myuser --pass mypassword --database mydatabase\r\n<\/pre>\n<p>Read more <a href=\"https:\/\/www.npmjs.org\/package\/sql-cli\">https:\/\/www.npmjs.org\/package\/sql-cli<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security as a condition is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization. Establishing or maintaining a sufficient degree of security is the aim of the work, structures, and processes called &#8220;security.&#8221; Wikipedia Contents1 Here are some [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":492,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-1050","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/1050","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1050"}],"version-history":[{"count":4,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/1050\/revisions"}],"predecessor-version":[{"id":1252,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/1050\/revisions\/1252"}],"up":[{"embeddable":true,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/492"}],"wp:attachment":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1050"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}