Hello,update script not part from directadmin.com**** USE IT YOUR OWN RISKS *********
*****
*****
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 2006,2007 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Update script made by Wael Isa
H188, R4008, Arad 240, Kingdom of Bahrain
http://www.web4host.netVersion: 1.4
Release Date: 1 / 9 / 2006
*****
*****
*****
If you find update script useful, please consider to make a donation to support this freeware.
Please keep in mind that donations are welcome, but in no way required to use and distribute update.script.You can donate using 2checkout.com & paypal accepted - CLICK HEREupdate.script Version: 1.4update script tested in this OS 32bit and 64bit.
- RedHat Linux
- RedHat Fedora
- RedHat Enterprise
- CentOS
- Please report about other OS to add here
and update to
- OpenSSL (You need to build ssh, apache, php, etc after upgrade)
- Exim
- OpenSSH
- ProFTP
- ProFTP with mod_clamav
- phpMyAdmin
- AVG
- ClamAV
- MODclamAV
- MRTG
- SquirrelMail
- SquirrelMail full language pack
- SpamAssassin
- IMAP (You need to build php after upgrade)
- MODsecurity 2.5.x (Apache 2.x Only)
- MODsecurity 2.5.x Rules
- MODsecurity 1.x (Apache 1.x Only)
- MODsecurity 1.x Rules
- MODevasive
- KISS My Firewall
- eAccelerator
- Freetype
- Webmin control panel (You need to open one port 10000 in your firewall)
- MailScanner
- Suhosin
Just download/chmod
Code:
mkdir /usr/local/updatescript
cd /usr/local/updatescript
wget http://tools.web4host.net/update.script
chmod 755 update.script
Run this to read how to use.Code:
./update.script
Run this to update update.script
Code:
./update.script UPDATEME
Run this to see release date and version
Code:
./update.script DATE
Run this to clean update script folder
Code:
./update.script CLEAN
Note:-
1- Run this to clean or update update script before you use
2- Select best mirror for your server mirror.conf , if you want new mirror.conf file just delete old one in update script folder.
*****
*****
*****
ClamAVCode:
nano -w /etc/exim.conf
before
Code:
primary_hostname =
add
Code:
av_scanner = clamd:127.0.0.1 3310
after
Code:
check_message:
add
Code:
deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *
deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com:pif:prf:scr:vbs
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
save then restart exim
Code:
/sbin/service exim restart
*****
*****
*****
ProFTP with mod_clamav Edit
Code:
nano /etc/proftpd.conf
add this before
</Global>Code:
<IfModule mod_clamav.c>
ClamAV on
ClamServer 127.0.0.1
ClamPort 3310
</IfModule>
save and restart proftp
Code:
/sbin/service proftpd restart
*****
*****
*****
MODsecurity 2.x Code:
nano -w /etc/httpd/conf/extra/httpd-includes.conf
and add this
32bit
Code:
LoadFile /usr/lib/libxml2.so
LoadModule security2_module /usr/lib/apache/mod_security2.so
<IfModule mod_security2.c>
# ModSecurity2 ONLY
# Do not change anything in included files
#
Include /etc/modsecurity2/*.conf
</IfModule>
64bit
Code:
LoadFile /usr/lib64/libxml2.so
LoadModule security2_module /usr/lib/apache/mod_security2.so
<IfModule mod_security2.c>
# ModSecurity2 ONLY
# Do not change anything in included files
#
Include /etc/modsecurity2/*.conf
</IfModule>
Code:
/sbin/service httpd restart
*****
*****
*****
MODsecurity 1.x Code:
nano -w /etc/httpd/conf/httpd.conf
add
Code:
<IfModule mod_security.c>
# Only inspect dynamic requests
# (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
#SecFilterEngine DynamicOnly
SecFilterEngine On
# Reject requests with status 500
SecFilterDefaultAction "deny,log,status:500"
# Some sane defaults
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies On
# enable version 1 (RFC 2965) cookies
SecFilterCookieFormat 1
#SecServerResponseToken Off
#If you want to scan the output, uncomment these
#SecFilterScanOutput On
#SecFilterOutputMimeTypes "(null) text/html text/plain"
# Accept almost all byte values
SecFilterForceByteRange 1 255
# Server masking is optional
#fake server banner - NOYB used - no one needs to know what we are using
SecServerSignature "Power MOD by web4host.net"
#SecUploadDir /tmp
#SecUploadKeepFiles Off
# Only record the interesting stuff
SecAuditEngine RelevantOnly
#SecAuditLog logs/audit_log
# You normally won't need debug logging
#SecFilterDebugLevel 0
#SecFilterDebugLog logs/modsec_debug_log
# Mini Rules
Include /etc/modsecurity/mini.conf
</IfModule>
Code:
/sbin/service httpd restart
*****
*****
*****
MODevasive Apache 1Code:
nano -w /etc/httpd/conf/httpd.conf
add
Code:
<IfModule mod_evasive.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSEmailNotify your-email@your-domain.tld
</IfModule>
Code:
/sbin/service httpd restart
if did not work try
Code:
/usr/local/directadmin/customapache/
then edit httpd.conf
Code:
nano -w /etc/httpd/conf/httpd.conf
after this
Code:
LoadModule perl_module /usr/lib/apache/libperl.so
add
Code:
LoadModule evasive_module /usr/lib/apache/mod_evasive.so
after this
Code:
<IfDefine HAVE_PYTHON>
AddModule mod_python.c
</IfDefine>
add
Code:
AddModule mod_evasive.c
Code:
/sbin/service httpd restart
Apache 2Code:
nano -w /etc/httpd/conf/extra/httpd-includes.conf
add
Code:
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSEmailNotify your-email@your-domain.tld
</IfModule>
Code:
/sbin/service httpd restart
if you want do test you need to remove (DOSWhitelist) from httpd.conf
Code:
wget http://tools.web4host.net/modevasive/test.txt
mv test.txt test.pl
chmod 755 test.pl
./test.pl
*****
*****
*****
KISS My FirewallReady for
Direct Admin & Plesk & Webmin & cPanel.
if you want use other SSH port just add in TCP_IN & TCP_OUT
Running anywhere on the command line, you simply type:
Code:
kiss start
To stop the firewall, type:
Code:
kiss stop
To get status information, type:
Code:
kiss status
If you want to block an offenders IP address/subnet, simply edit the BLOCK_LIST variable in the /usr/bin/kiss file. You can separate IP addresses and subnet's with a space. Once you are finished, simply restart KISS by typing:
Code:
kiss restart
Last, but not least, it is recommended that you configure the firewall to allow only for needed ports. Using trusted IP addresses/subnets is also recommended. These variables are located near the beginning of the /usr/bin/kiss file and are self-explanatory. Once you make changes, you should always restart KISS for the changes to take effect:
kiss restart
edit kiss and set what os you use
# Enabled this for Pre Fedora Core 2 or Red Hat
Code:
EXTN="o"
# Enabled this for Fedore Core 2 or later
Code:
EXTN="ko"
like CentOS use EXTN="ko" just remove # before EXTN="ko" then kiss start
*****
*****
*****
eAcceleratorwhen done you see link look like
Code:
/usr/local/lib/php/extensions/no-debug-non-zts-20020429/eaccelerator.so
copy your like to add in php.ini
edit php.ini
Code:
nano -w /usr/local/lib/php.ini
add this after
Windows Extensions , in the list down.
Code:
zend_extension="/usr/local/lib/php/extensions/no-debug-non-zts-20020429/eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
save and restart apache
Code:
/sbin/service httpd restart
*****
*****
*****
FreetypeNote: no need to use if if you use custombuild, only how use customapache.
Code:
cd /usr/local/directadmin/customapache/
Apache 1Code:
nano -w configure.php
Apache 2Code:
nano -w configure2.php
replace
Code:
--with-gd \
--with-gd-dir=/usr/local \
by
Code:
--with-gd \
--with-gd-dir=/usr/local/lib \
--with-freetype \
--with-freetype-dir=/usr/local/lib \
save then run
Code:
./build clean
./build gd
Apache 1Code:
./build clean
./build gd
./build php d
service httpd restart
Apache 2Code:
./build clean
./build gd
./build php_ap2 d
service httpd restart
*****
*****
*****
IMAPApache 1Code:
nano -w configure.php
Apache 2Code:
nano -w configure2.php
add
Code:
--with-imap=/usr/local/imap-2004c1 \
after
Code:
--with-zip \
save then build php and restart apache
Code:
service httpd restart
*****
*****
*****
AVG Anti-VirusClean folder HOME (full)
Code:
avgscan -clean -ext=* -rt -arc /home
clean folder HOME (without archives)
Code:
avgscan -clean -ext=* -rt /home
Update AVG DB
Code:
avgupdate --path="/opt/avg/avg8/update/download"
ill add more soon.
*****
*****
*****
Nobody Check Security ToolThe Nobody Check tool is a new and unique security tool that can detect malicious processes that are running on your Linux server and report them to you in real time or by email. The tool can be configured to run at selected times and doesn’t eat up resources or interfere with server operations.
edit and set your email then save
Code:
nano -w /usr/local/nobody_check/nc.conf
edit
Code:
nano -w /etc/crontab
add
Code:
# nobody_check
*/15 * * * * root /usr/local/nobody_check/nobody_check >/dev/null 2>&1
save
*****
*****
*****
MailScannerEdit
Code:
nano -w /etc/exim.conf
find
Code:
primary_hostname
add before
Code:
spool_directory = /var/spool/exim.in
queue_only = true
queue_only_override = false
EDIT
Code:
nano -w /etc/init.d/exim
find
Code:
QUEUE=
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"
replace to
Code:
QUEUE="15m"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -C /etc/exim_outgoing.conf"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"
EDIT
Code:
nano -w /opt/MailScanner/etc/MailScanner.conf
and update this to your information
Code:
%org-name% = yoursite
%org-long-name% = Your Organisation Name Here
%web-site% = www.your-organisation.com
Search & set this
Code:
Run As User = mail
Run As Group = mail
Incoming Queue Dir = /var/spool/exim.in/input
Outgoing Queue Dir = /var/spool/exim/input
MTA = exim
Sendmail = /usr/sbin/exim -C /etc/exim.conf
Sendmail2 = /usr/sbin/exim -C /etc/exim_outgoing.conf
Virus Scanners = none
Use SpamAssassin = yes
Always Include SpamAssassin Report = yes
now MailScanner work without anti virus :)
you can scan all mail using AVG, ClamAV or BOTH :) same time
just install AVG and ClamAV then edit
Code:
nano -w /opt/MailScanner/etc/MailScanner.conf
find
Code:
Virus Scanners = none
replace to
Code:
Virus Scanners = avg
and restart MailScanner
Code:
killall -9 MailScanner
/opt/MailScanner/bin/check_mailscanner
Edit
Code:
nano -w /etc/crontab
Add
Code:
37 5 * * * /opt/MailScanner/bin/update_phishing_sites
07 * * * * /opt/MailScanner/bin/update_bad_phishing_sites
58 23 * * * /opt/MailScanner/bin/clean.quarantine
3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner
# Remove # if you want MailScanner to update anti virus
#42 * * * * /opt/MailScanner/bin/update_virus_scanners
now MailScanner use AVG to scan all mail and exim (exim.conf) scan all mail use ClamAV
*****
*****
*****
MODclamAV Code:
nano -w /etc/httpd/conf/extra/httpd-includes.conf
and add this
Code:
# mod ClamAV
Include conf/extra/mod_clamav.conf
save then restart apache
Code:
/sbin/service httpd restart
*****
*****
*****
Suhosin Code:
nano -w /usr/local/lib/php.ini
and add this at then end
Code:
;************************************************************************
; suhosin Parameters
; For a full list of parameters and their documentation go to:
; (http://www.hardened-php.net/suhosin/configuration.html)
;************************************************************************
[suhosin]
extension="/usr/local/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so"
; Logging Configuration
# Use your link in place of web4host.net
suhosin.filter.action = [302,]http://www.web4host.net/index.php
suhosin.log.syslog.facility = 9
suhosin.log.syslog.priority = 1
suhosin.log.use-x-forwarded-for = Off
; Executor Options
suhosin.executor.max_depth = 0
suhosin.executor.include.max_traversal = 4
suhosin.executor.include.whitelist =
#suhosin.executor.include.blacklist = "php://, http://, ftp://, gzip://,https://, ftps://, compress.zlib://"
suhosin.executor.include.blacklist = "php://, http://, ftp://, gzip://,https://, ftps://"
suhosin.executor.func.whitelist =
suhosin.executor.func.blacklist = system, shell_exec, exec, passthru, php_uname, popen, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setgid, posix_uname, proc_close, proc_nice, proc_open, proc_terminate
#suhosin.executor.func.blacklist = dl, system, passthru, pclose, proc_nice, proc_terminate, posix_getpwuid, posix_uname, pfosckopen, leak, posix_setuid, escapeshellcmd, escapeshellarg, hypot, pg_host, pos, posix_access, posix_getcwd, posix_getgid, posix_getservbyname,myshellexec,getpid, posix_getsid, posix_isatty, posix_kill, posix_mkfifo, posix_mknod, posix_setgid, posix_setsid, posix_setuid, posix_times, posix_uname, ps_fill, posix_getpwuid, ini_restore, symlink, ini_get_all, zip_open, zip_read, rar_open, bzopen, bzread, bzwrite, shellcode, backtick, cmd, virtual, pcntl_exec, ini_alter, show_source, apache_get_modules, apache_get_version, apache_note, openlog, tmpfile, crack_check, crack_closedict, php_ini_scanned_files, inurl, apache_setenv, closelog, debugger_off, debugger_on, define_syslog_variables, syslog, ftp_exec, posix_setpgid, posix_setsid, posix_setuid, get_current_user, getmyuid, getmygid, listen, netscript, ini_restore, php.ini, id, popen, shell_exec, php_uname, getPath, dir_writeable, read_dir, execute_command, diskfreespace, disk_total_space, proc_open, switch, mkdir
suhosin.executor.eval.whitelist =
suhosin.executor.eval.blacklist =
suhosin.executor.allow_symlink = Off
suhosin.executor.disable_emodifier = Off
suhosin.executor.disable_eval = Off
; Misc Options
suhosin.apc_bug_workaround = Off
suhosin.sql.bailout_on_error = Off
suhosin.sql.comment = 0
suhosin.sql.multiselect = 0
suhosin.sql.opencomment = 0
suhosin.sql.union = 0
suhosin.sql.user_postfix =
suhosin.sql.user_prefix =
suhosin.multiheader = Off
suhosin.memory_limit = 128
suhosin.mail.protect = 1
; Transparent Encryption Options
suhosin.session.encrypt = On
suhosin.session.cryptkey =
suhosin.session.cryptua = On
suhosin.session.cryptdocroot = On
suhosin.session.cryptraddr = 0
suhosin.session.checkraddr = 0
suhosin.session.max_id_length = 128
suhosin.cookie.checkraddr = 0
suhosin.cookie.cryptdocroot = On
suhosin.cookie.cryptkey =
suhosin.cookie.cryptlist =
suhosin.cookie.cryptraddr = 0
suhosin.cookie.cryptua = On
suhosin.cookie.disallow_nul = 1
suhosin.cookie.disallow_ws = 0
suhosin.cookie.encrypt = On
suhosin.cookie.plainlist =
; Filtering Optionins
suhosin.cookie.max_array_depth = 100
suhosin.cookie.max_array_index_length = 64
suhosin.cookie.max_name_length = 64
suhosin.cookie.max_totalname_length = 256
suhosin.cookie.max_value_length = 10000
suhosin.cookie.max_vars = 2048
suhosin.get.disallow_nul = On
suhosin.get.disallow_ws = 0
suhosin.get.max_array_depth = 50
suhosin.get.max_array_index_length = 64
suhosin.get.max_name_length = 64
suhosin.get.max_totalname_length = 256
suhosin.get.max_value_length = 512
suhosin.get.max_vars = 2048
suhosin.perdir = 0
suhosin.coredump = Off
suhosin.post.disallow_nul = On
suhosin.post.disallow_ws = 0
suhosin.post.max_array_depth = 100
suhosin.post.max_array_index_length = 64
suhosin.post.max_name_length = 64
suhosin.post.max_totalname_length = 256
suhosin.post.max_value_length = 65000
suhosin.post.max_vars = 2048
suhosin.protectkey = On
suhosin.request.disallow_nul = On
suhosin.request.disallow_ws = 0
suhosin.request.max_array_depth = 100
suhosin.request.max_array_index_length = 64
suhosin.request.max_totalname_length = 256
suhosin.request.max_value_length = 65000
suhosin.request.max_varname_length = 64
suhosin.request.max_vars = 2048
suhosin.stealth = On
suhosin.upload.max_uploads = 25
suhosin.upload.disallow_elf = 1
suhosin.upload.disallow_binary = Off
suhosin.upload.remove_binary =
suhosin.upload.verification_script =
suhosin.session.max_id_length = 128
suhosin.simulation = Off
;************************************************************************
; End suhosin Parameters
;************************************************************************
save then restart apache
Code:
/sbin/service httpd restart
*****
*****
*****
Best Regards,
Wael Isa
Login
Register
FAQ
Search
