How to Hide Apache2 and PHP version without using mod_security in Ubuntu Linux

Although security by obscurity is not the best policy to protect your IS assets, but it is still useful to thwarts simple network scanner or newbie crackers.

Note: This tip is written for Ubuntu Linux, the steps is similar to other GNU/Linux distro, albeit with a slight variant.

Hiding Apache2 version
Edit /etc/apache2/apache2.conf

Add these lines at the end of the file:
ServerSignature Off
ServerTokens Prod

Restart Apache2
[bash]
sudo /etc/init.d/apache2 restart
[/bash]

Hiding PHP version
Edit /etc/php5/apache2/php.ini file

Find these lines, and switch it off:
expose_php = Off
display_errors = Off

Additionally you may disable certain ‘risky’ functions in php by editing the disable_functions line:
disable_functions = phpinfo, system,show_source,

Finally, you may restart Apache2 web server.
[bash]
sudo /etc/init.d/apache2 restart
[/bash]

PPSPPA (Sisa Pepejal) goverment agency uses Ubuntu in its office branches

PPSPPA or Perbandanan Pengurusan Sisa Pepejal dan Pembersihan Awam is a government agency in Malaysia that uses Ubuntu in its offices. PPSPPA has branches in every state in the Peninsular, including the HQ and training center in Putrajaya, all of it runs Ubuntu 10.04 LTS operating system.

PPSPPA Logo Sisa Pepejal

As such, PPSPPA only uses hardware which runs in Ubuntu, including printers, scanners and drawing tablets. Which is a good sign for vendors to start releasing their hardware drivers for open source operating systems.

Hopefully other government agency would follow suit and use free and open source operating system instead the one that requires millions RM of site license. It is not the license that concerns us, but it is the grip of monopoly of a single corporation has over governments and economy that is most concerning.

I’m Getting The Art of Community: Building the New Age of Participation Book by Jono Bacon

Art of Community

I’m getting “The Art of Community: Building the New Age of Participation“, a book written by Jono Bacon, Ubuntu Community Manager (UCM).

In this book, Jono offers a collection of experiences and observations from his involvement in building and managing communities, including his current position as Ubuntu Community Manager, arguably the largest community in open source software.

The content of the book, will help you to:

  • Develop a strategy, with specific objectives and goals, for building your community
  • Build simple, non-bureaucratic processes to help your community perform tasks, work together, and share successes
  • Provide tools and infrastructure that let contributors work quickly
  • Create buzz around your community to get more people involved
  • Track the community’s work so it can be optimized and simplified
  • Explore a capable, representative governance strategy for your community
  • Identify and manage conflict, including dealing with divisive personalities

This book is useful to those who are in a position that manages and responsible towards online communities, including day-to-day management, governance, managing conflics and how to promotes the community effectively.

An online preview is this book is available from Amazon Bookstore
“, a book written by Jono Bacon, Ubuntu Community Manager (UCM). website.

Limiting the number of connections to SSH Server using Iptables

This is the quickest way to limit the number of connection to your SSH server with iptables.

[bash]
sudo /sbin/iptables -A INPUT -p tcp –syn –dport 22 -m connlimit –connlimit-above 5 -j REJECT
[/bash]

This will only allow up to 5 concurrent connections to the SSH server, subsequent connections will be rejected by iptables, thus this can thwarts Brute-force attempts to your server.

More Articles About Securing SSH Server