nuy

1.Obtain an SSL Certificate (Let's Encrypt)PreparationEnable mod_ssl# a2enmod ssl1.1 Certificate Installation# zypper -n install certbot# certbot certonly --webroot -w /srv/www/htdocs/[Website Public Directory] -d 2. Web server SSL conversion2.1 SSL Configuration# a2enmod ssl# a2enmod -lactions alias auth_basic authn_core authn_file authz_host authz_groupfile authz_

1. TripwireTripwire is a host-based intrusion detection system (IDS) that monitors files and directories and notifies you when changes are made.1.1 Install and configuration① install2. chkrootkit インストールInstall a rootkit detection tool called chkrootkit to check whether a rootkit has been installed on the Linux server.①chkrootkit download,install3. Logwatchlogwatch is a software program that automatically analyzes logs and reports the results to support operations.

1. Server Backup1.1 Backup under /srv/www/①Create backup script file1.2. MariaDB Database Backup①Create backup script file2.1 Restore backup files under www① Save backup files used for restore to the "/ (root)" directory of the server2.2 Restore MariaDB data① Save the database backup file to any directoryExtract data

OpenSUSEとはOpenSUSE is a Linux distribution that is community-based, free to the public, and active in adopting the latest technologies. It is sponsored by Novell and developed by the community. Originally, SUSE Linux was developed by SUSE, but after the acquisition of SUSE by Novell in 2003, Novell shifted the development structure to community-based by the OpenSUSE project as a distribution aiming for 100% open source, and changed the name from SUSE Linux to OpenSUSE Linux The name was changed to the current name.openSUSE is available as Leap, the stable version, and Tumbleweed, which uses a rolling-release model and is also the basis for the paid-for version of SUSE Linux Enterprise.

1.Using su commandNot required if root password is set at the time of installationIf you set a root password, set it as followsLog in as a general user2. Modernize the systemTo modernize the system, enter the following command3.locate InstallThe find command is used to search for a specific file on the entire Linux system, but find's options are somewhat confusing.In such cases, it is useful to have the locate command available, which can extract all files with a given filename

1. Setting up remote connection by SSHSSH is a service for connecting remotely to a server and is basically running immediately after the OS is installed, but the default settings are somewhat insecure.Here we will configure the default settings to increase the security of ssh connections.1.1 SSH service configuration file changesModify the configuration file to change the SSH service settings.The SSH service configuration file is "/etc/ssh/sshd_config".

Create a private key for the client and a public key for the server to allow login with key pair authentication1.key pair creationCreate a public/private key pair for a user connecting to the Linux server using OpenSSH.Use ssh-keygen to create key pairs.Creation of public/private key pairs is performed with remote login user privileges.If you do not specify the creation destination and file name, id_ecdsa and id_ecdsa.pub will be created in /home/(user name)/.ssh/.On the way, also enter the password for the key.

1. Vsftpd1.1vsftpd InstallIt is already installed at the time of openSUSE installation.If not, you can install it with the following command

1. Web Server (Apache)1.1 apache2 Install2. Apache2 : Using Perl Scripts Configure Perl scripts to be used as CGI3. Apache2 : Virtual Host SettingsConfigure both domains sample1.korodes.com sample2.korodes.com to be displayed on one server4. Apache2 : Using PHP ScriptsInstall and configure PHP so that PHP scripts are available

1. Clamav ( anti-virus software )1.1 Clamav Install2.  Mail server Install2.1 Postfix Install①Install Postfix and build an SMTP server3. Mail Server: Postfix + Clamav + AmavisdSet up Postfix and Clamav to work together to scan incoming and outgoing mail in real time.

1. MariaDB InstallUpdate the server package1.2 phpMyAdmin InstallInstalled phpMyAdmin and configured it to operate MariaDB via web browser2. Wordpress Install2.1 Required library installation

1.Obtain an SSL Certificate (Let's Encrypt)PreparationEnable mod_ssl1.1Certificate Installation2. Web server SSL conversion2.1 SSL Configuration

1.SNORT2Snort is a network-based IDS (Intrusion Detection System). It captures packets flowing over a network and detects suspicious packets.The source file is used directly from https://snort.org/.1.1 Advance preparationInstall required libraries

1. TripwireTripwire is a host-based intrusion detection system (IDS) that monitors files and directories and notifies you when changes are made.1.1 Install and configuration①Install2. Logwatch①Logwatch install

1. Server Backup1.1 Backup under /srv/www/①Create backup script file1.2. MariaDB Database Backup①Create backup script file2.Data Restore2.1 Restore backup files under www① Save backup files used for restore to the "/ (root)" directory of the server2.2 Restore MariaDB data① Save the database backup file to any directoryExtract data