Click here for "Error Codes for Commercial Air Conditioners".

Ubuntu Server 18.04 ; Web server and antivirus installed.

1. WEB server installation

1. 1 Apache2 installation

① Install

# apt -y install apache2

② Edit configuration file

# vi /etc/apache2/conf-enabled/security.conf
# Line 25: Change
ServerTokens  Prod

# vi /etc/apache2/mods-enabled/dir.con
# Line 2: Set the file name that can be accessed only by the directory name.
DirectoryIndex  index.html index.htm index.php

# vi /etc/apache2/apache2.conf
# Line 70: Server name added.
ServerName <Domain Name>

# vi /etc/apache2/sites-available/000-default.conf
# Line 11: Change administrator address
ServerAdmin  <Email address>

Restart
# systemctl restart apache2

1.2. Using Perl Scripts with Apache2

Enable CGI and configure it to use Perl scripts.
① Install Perl

# apt -y install perl

② Enable the CGI module.

# a2enmod cgid

Enabling module cgid.
To activate the new configuration, you need to run:
  systemctl restart apache2

③ Test Script Creation
When the CGI module is enabled, the [/usr/lib/cgi-bin] directory will be allowed to execute CGI by default.
For example, by creating and deploying the script [/usr/lib/cgi-bin/index.cgi], you can access [http://(Apache2 server)/cgi-bin/index.cgi].
Note that this setting treats all files under [/usr/lib/cgi-bin] as CGI, so non-CGI files cannot be displayed.

# Test Script Creation

# cat > /usr/lib/cgi-bin/test_script <<‘EOF’
#!/usr/bin/perl
print “Content-type: text/html\n\n”;
print “Hello CGI\n”;
EOF

chmod 705 /usr/lib/cgi-bin/test_script

# operation check
# curl http://localhost/cgi-bin/test_script
Hello CGI

1.3 Using PHP Scripts with Apache2

① Install PHP

apt -y install php php-cgi libapache2-mod-php php-common php-pear php-mbstring

② Configuring Apache2

# a2enconf php7.2-cgi
Enabling conf php7.2-cgi.
To activate the new configuration, you need to run:
  systemctl reload apache2# vi /etc/php/7.2/apache2/php.ini
# Line 822.: upload_max_filesize = 2M
upload_max_filesize = 200M
# Line 936:Uncomment and set time zone
date.timezone = “Asia/Tokyo# systemctl restart apache2

③ Create a test page to see how it works.

# vi /var/www/html/index.php
<html>
<body>
<div style=”width: 100%; font-size: 40px; font-weight: bold; text-align: center;”>
<?php
    print “PHP Test Page”;
?>
</div>
</body>
</html>

1.4 Virtual Host Configuration

① Preparing the configuration file
Copy the default configuration file and configure the virtual host settings(For example, let’s say the file name is <vhost-sample.conf>.)

# cd /etc/apache2/sites-available/
# cp sites-available/000-default.conf vhost-sample.conf

② Edit the configuration file

# vi vhost-sample.conf

<VirtualHost *:80>
~Abbreviation~
ServerName <Domain Name>
ServerAdmin <Email address>
DocumentRoot /var/www/html/<Domain Name>
    ~Abbreviation~
ErrorLog ${APACHE_LOG_DIR}/<Domain Name>-error.log
CustomLog ${APACHE_LOG_DIR}/<Domain Name>-access.log combined

    ~Abbreviation~

</VirtualHost>

③ Activate the configuration file
Disable the default configuration file by putting a symbolic link to it

# cd /etc/apache2/sites-available/
# a2ensite vhost-sample.conf
# a2dissite 000-default.conf  ← Default disable

④ Restarting Apache

# systemctl restart apache2

⑤ Edit the hosts file

# vi /etc/hosts

127.0.0.1   <Domain Name>

2. Installed anti-virus software Clamaav

① Install
clamav related configuration files will be installed in /etc/clamav/ folder

# apt install clamav clamav-daemon

② Update virus definitions

# freshclam

If you get the following error, change the log settings and run again.

ERROR: /var/log/clamav/freshclam.log is locked by another process

ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).

Change the log settings as follows

# rm /var/log/clamav/freshclam.log

# touch /var/log/clamav/freshclam.log

# chown clamav:clamav /var/log/clamav/freshclam.log

③ Edit configuration file

# vi /etc/logrotate.d/clamav-freshclam

create 640 clamav adm → create 640 clamav clamav

④ Automatic updating of virus definitions
Check if the service that automatically updates virus definitions is registered.

# service clamav-freshclam status

●clamav-freshclam.service – ClamAV virus database updater

Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: e

   Active: active (running) since Fri 2019-08-16 02:00:32 JST; 2 days ago

     Docs: man:freshclam(1)

           man:freshclam.conf(5)

           https://www.clamav.net/documents

 Main PID: 888 (freshclam)

    Tasks: 1 (limit: 4915)

   CGroup: /system.slice/clamav-freshclam.service

           └─888 /usr/bin/freshclam -d –foreground=true

August 18 07:25:02 server freshclam[888]: Sun Aug 18 07:25:02 2019 -> daily.cld is up to d

August 18 07:25:02 server freshclam[888]: Sun Aug 18 07:25:02 2019 -> bytecode.cld is up t

August 18 08:25:02 server freshclam[888]: Sun Aug 18 08:25:02 2019 -> Received signal: wak

August 18 08:25:02 server freshclam[888]: Sun Aug 18 08:25:02 2019 -> ClamAV update proces

Logging will be done in /var/log/clamav/freshclam.log file
⑤ Run a virus check

# clamscan –infected –remove –recursive /home

⑥ Create a script file to do a full scan

#vi /opt/script/clam-full.sh

#!/bin/sh

echo =========================================

date

hostname

clamscan / \

     –infected \

     –recursive \

     –log=/var/log/clamav/clamscan.log \

     –move=/var/log/clamav/virus \

     –exclude-dir=^/boot \

     –exclude-dir=^/sys \

     –exclude-dir=^/proc \

     –exclude-dir=^/dev \

     –exclude-dir=^/var/log/clamav/virus

 

# –infected Output results only for files that have been detected as infected

# –recursive Checks recursively under the specified directory Compressed files should be decompressed and inspected.

# –log=FILE logfile

# –move=DIR Quarantine location for files detected as infected

# –remove Delete the file that detected the infection.

# –exclude=FILE   exception file(Specify by pattern)

# –exclude-dir=DIR inspection-excluded directory(Specify by pattern)

 

if [ $? = 0 ]; then

  echo “virus undetected.”

else

  echo “virus detection!!”

fi

Give the script file execute permission.

# chmod +x /opt/script/clam-full.sh

Create a virus quarantine folder

# mkdir /var/log/clamav/virus

Run it.

# /opt/script/clam-full.sh

Regularly run virus scans with cron

# crontab -e

# m h  dom mon dow   command

0 2 * * mon /opt/script/clam-full.sh >> /var/log/clamav/clamav_scan.log  ← add

 

タイトルとURLをコピーしました