Using Apache mod_security and .htaccess to block comment spam on the web

Comment spam is the most annoying thing to web operators. Besides eating up bandwidth, comment spam can pollute web discussions area and which gives bad impression to visitors.

Apache HTTPD mod_security module can be configured to reduce web spam by filtering common keyword, content and referrer used by spam bots around the internet.

Here’s an example of .htaccess file to block common comment spam :

<IfModule mod_security.c>
SecFilterEngine On
SecFilterScanPOST On
SecFilterDefaultAction "deny,nolog,auditlog,status:503"
SecFilterSelective POST_PAYLOAD "(mortgage|viagra|poker|traffic|discount|medical|casino|lyrics|loan)"

</IfModule>

Please ensure that your Apache installation has mod_security module enabled. The method is suitable to be used on websites that receive a lot of user comments like forums, blogs (including WordPress and Drupal) and photo gallery.

Note: This is not a full-proof solution as it depends on the use of keywords.

How to solve Apache – Could not reliably determine the server’s fully qualified name – error in Ubuntu

Apache2 web server will almost always display this information message :
"Could not reliably determine the server's fully qualified name"
when it is first started in Ubuntu and Debian server.

The reason behind this message is because the web server fails to find the suitable domain name in the system.

How to remove the message
First, you need to edit “/etc/hosts” file and put your server name of choice in the file. For example:

127.0.0.1 server.mylocal

Then you need to add “ServerName” directive in the “/etc/apache2/apache2.conf” file.

ServerName server.mylocal

Finally, restart the web server for the changes to take effect. You will notice that the information message is gone now.

$ sudo service apache2 restart

How to setup Secure Webserver HTTPS (SSL) on Apache in Ubuntu

Secure HTTP (SSL/TLS) has become a must if you are planning to setup a website which includes user authentication (ie. login box) or sensitive data. HTTPS prevents the sensitive data from being transfered across the network in clear text where it is susceptible to being sniffed or altered. Here is the tutorial on how to setup a secure HTTP on Apache web server in Ubuntu 10.04 (Lucid Lynx).

What do you need?

  • apache2 (Web Server)
  • openssl
  • A bit patient, because it will take some time to learn

Step 1: Create a self-signed certificate
You need to create a self-signed certificate with openssl. To do that you will need to generate the server key.


openssl genrsa -des3 -out server-sec.key 4096

…and certificate signing request (CSR)


openssl req -new -key server-sec.key -out server.csr

After that, generate the server certificate by signing it with the server key.

openssl x509 -req -days 365 -in server.csr -signkey server-sec.key -out server.crt

Keep the server-sec.key in a secure location, with read/write permission assigned only to root. Then generate a password-less copy of the key for Apache use.

openssl rsa -in server-sec.key -out server.key

By this time, you should have :

  • server.key (passwordless key for Apache)
  • server.csr (certificate signing request)
  • server.crt (certificate)
  • server-sec.key (server key)

Continue reading “How to setup Secure Webserver HTTPS (SSL) on Apache in Ubuntu”

Quick and Dirty Network File sharing with Python

Ever find yourself in need to share file over the network quickly, but find yourself lacking time to setup a proper NFS or samba share? Here’s a way to do this with the good old Python CLI.

  • First, go to the directory that you want to share, for example ~/Desktop
  • Then run this command "python -m SimpleHTTPServer"
  • You may access the folder from a remote computer using any webrowser using the url – http://192.168.1.20:8000, change the ip address accordingly
Simple HTTP Server
file sharing with python

You may find this technique offers limited options to share files, but its a real time saver!

How to Import export MySQL database from command line

This tip would be useful for those who are either making backup of their remote mysql database or moving their web hosting to their provider.

Here’s how to export mysql DB to SQL file using command-line utility :
mysqldump –user=username –password=1234 –databases your_database –opt –quote-names –complete-insert > example.sql

Here’s how to import the SQL back into mysql database :
mysql –user=username –password=1234 –databases your_database –host=mysql_server host

Don’t forget to add your ip address to the list of allowable host on the remote MySQL server!