nuy

1. su コマンド利用 Not required if root password is set at the time of installation If you set a root password, set it as follows Log in as a general user 2. Modernize the system To modernize the system, enter the following command

1.Setting up remote connection by SSH SSH is a service for connecting remotely to a server and is basically running immediately after the OS is installed, but the default settings are somewhat insecure. Here we will configure the default settings to increase the security of ssh connections. 2.How to set up a firewall (firewalld) In openSUSE, the firewall is set to firewalld by default and is enabled during OS installation. To briefly explain firewalld, when setting up a communication control policy, communication permission/blocking rules are applied to predefined zones, and the zones are assigned to each NIC (network adapter).

1. vsftpd 1.1 vsftpd Install It is already installed at the time of openSUSE installation. If not, you can install it with the following command 2. vsftpd SSL/TLS Configure Vsftpd to use SSL/TLS 2.1 Create self-signed certificates This work is not required if you are using a trusted, legitimate certificate such as Let's Encrypt.

1. Web Server (Apache) 1.1 apache2 Install # zypper -n install apache2 1.2 Apache2 : Basic Settings 2. Apache2 : Using Perl Scripts Configure Perl scripts to be used as CGI 3. Apache2 : Virtual Host Settings Configure both domains sample1.korodes.com sample2.korodes.com to be displayed on one server # cd /srv/www/htdocs/ Create a directory named sample1.korodes.com under /srv/www/htdocs/ 4. Apache2 : Using PHP Scripts Install and configure PHP so that PHP scripts are available

1. MariaDB Update the server package # zypper ref # zypper up -y 1.1 MariaDB  install ①install 1.2 phpMyAdmin Install Installed phpMyAdmin and configured it to operate MariaDB via web browser 1.3 MariaDB Example of database and user creation I'll create a user, password, and database for wordpress to install next. 2. Wordpress Install 2.1 Required library installation # zypper install php-gd php-pdo php-mysql php-mbstring php-simplexml php-curl apache2-mod_php7 2.2 Wordpress Download and Installation

1.SNORT install Snort is a network-based IDS (Intrusion Detection System). It captures packets flowing over a network and detects suspicious packets. The source file is used directly from https://snort.org/. 1.1 Advance preparation Install required libraries

1.Obtain an SSL Certificate (Let's Encrypt) Preparation Enable mod_ssl # a2enmod ssl 1.1 Certificate Installation # zypper -n install certbot # certbot certonly --webroot -w /srv/www/htdocs/[Website Public Directory] -d 2. Web server SSL conversion 2.1 SSL Configuration # a2enmod ssl # a2enmod -l actions alias auth_basic authn_core authn_file authz_host authz_groupfile authz_

What is openSUSE? OpenSUSE is a community-based, free to the public, Linux distribution that is actively adopting the latest technologies. It is sponsored by Novell and developed by the community. Originally SUSE Linux was developed by SUSE, but after the acquisition of SUSE by Novell in 2003, Novell moved to a 100% open source distribution with a community-based development structure through the OpenSUSE project and changed the name from SUSE Linux to After the acquisition of SUSE by Novell in 2003, Novell moved to a community-based development structure with the OpenSUSE project as a 100% open source distribution and changed the name from SUSE Linux to the current name. openSUSE is available in two versions: Leap, the stable version, and Tumbleweed, which uses a rolling release model and is also the basis for the paid version of SUSE Linux Enterprise.

1. Install Mysql8 First, make sure the server is up to date. Update the server package # zypper ref # zypper up -y  1.2 Example of creating  Mysql8 database and user Try to create a user, password, and database for wordpress to install in the following database　:　 wp_db user　:　wp_user password　:　?WHxx333Yo 2. Install Wordpress 2.1 Install required libraries # zypper install php-gd php-pdo php-mysql php-mbstr

1. Server Backup 1.1 Backup under /srv/www/ ①Create a backup script file # cd /srv/www/system/ # vi backup_all.sh 1.2. MySQL database backup ①Create a backup script file # cd /srv/www/system # vi db_my_backup.sh Contents of db_my_backup.sh 2.Restoring Data 2.1 Restore the backup files under /srv/www/ ① Save the backup file used for the restore to the server's "/ (root)" directory. 2.2 Restore MySQL data ① Save the database backup file to a directory of your choice.、 （In the example, the directory is "/srv/www/backup/db_bak".）Unzip the data

1.Obtaining an SSL Certificate (Let's Encrypt) Pre-assignment Enable mod_ssl # a2enmod ssl 1.1 Install the certificate # zypper -n install certbot # certbot certonly --webroot -w /srv/www/htdocs/[Web site directory] -d  [Domain name] Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None # First time only, you need to register your email address and agree to the terms o

1.SNORT Install Snort is a network-type IDS (intrusion detection system). It captures packets flowing on the network and detects suspicious packets. The source file is used directly from https://snort.org/. 1.1 advance preparation Install the required libraries # zypper install wget bison flex libfl2 gcc libpcap-devel libpcap-devel-32bit libpcap1 automake libtool make glibc-devel-32bit zlib-devel zlib-devel-32bit libWN3 libdnet-devel libdnet1 efl efl-lang elua libXvMC1 libecore1 libector1 libedje1 libeet1 libpcrecpp0 libstdc++-devel libstdc++6-devel-gcc7 pcre-devel ethtool net-tools-deprecated net-tools net-tools-lang libopenssl-1_1-devel libtirpc-devel moonjit moonjit-devel 1.2 SNORT and daq download and installation

Create a private key for the client and a public key for the server so that the client can log in using the key pair authentication. 1.Key pair creation Create a pair of public and private keys for the user who will connect to the Linux server using OpenSSH. To create a key pair, use ssh-keygen. The creation of a public/private key pair should be performed as a user with remote login privileges. If you do not specify the destination and file name, id_ecdsa and id_ecdsa.pub will be created in /home/(user name)/.ssh/.    On the way, you will also enter the password for the key.

1. Install clamav (anti-virus software) 1.1 Install Clamav # zypper -n install clamav 1.2 Virus definition file update ①Virus definition file update setting # vi /etc/freshclam.conf ■Line 71. Insert "#" at the beginning of the line "DatabaseMirror database.clamav.net".し、 "DatabaseMirror db.jp.clamav.net" added. #DatabaseMirror database.clamav.net DatabaseMirror db.jp.clamav.net

1. Install Web server Apache 1.1Install apache2 ( httpd-2.4.43 ) # zypper -n install apache2 1.2 Apache2 : Basic Configuration 2. Apache2 : Use Perl scripts. Configure Perl scripts to be used as CGI 2.1 Install Perl ①Install # zypper -n install perl 3. Apache2 : Virtual Host Configuration Configure both domains sample1.korodes.com sample2.korodes.com to be displayed on a single server 4. Apache2 : Use PHP scripts Install PHP and configure it so that PHP scripts can be used