Category Archives: Security

Harden the SSL configuration of your mailserver

I described in one of my earlier post how to Setup Postfix with SMTP-AUTH and TLS on CentOS. I will follow up on this article describing how to harden the configuration of your mail server related to SSL. Continue reading

Posted in Mailserver, Security | Tagged , , | Comments Off on Harden the SSL configuration of your mailserver

SSH-Key authentication is not working – SELinux

When configuring SSH passwordless login with ssh-key the ssh-key generated and transfered to the server seems to not work when I try to login. Whay is the ssh-key authentication failing? Continue reading

Posted in Linux Administration, Security | Tagged , , | 1 Comment

SELinux allow webserver to send email

When Wordpress tries to send email and you see “your host may have disabled the mail() function” it might be that SELinux is blocking it. Here is how to enable it. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on SELinux allow webserver to send email

Migrate WordPress site with minimal downtime

Migrating a Wordpress installation from one server to the other sounds like a simple task. Just move the files, copy the database for Wordpress and lets go. But when you start dealing with the DNS entries the whole story gets tricky. Continue reading

Posted in DNS, Security | Tagged , , , | Comments Off on Migrate WordPress site with minimal downtime

Set up apache and the log path with SELinux

Depending on your backup strategy you might run into troubles of backup the entire /etc directory. Running a default installed Apache on CentOS will have the log directory of Apache linked from within the /etc/httpd/ directory. If you backup solution would backup those as well, the backups would contain the logs and get huge. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Set up apache and the log path with SELinux

Restrict SSH login using SSH keys to a particular IP address

Because most passwords are quite short so you can remember them as well as it is annoying to type the password all the time, You might have already considered creating SSH-keys and configured the SSH passwordless login with SSH-key for your server. But how to secure the access with SSH-key? Continue reading

Posted in Linux Administration, Security | Tagged , , , | Comments Off on Restrict SSH login using SSH keys to a particular IP address

Secure SSH server access

With a server running, SSH is one of the services nearly instantly gets checked out. Only after a couple of hours of going live with your server, you might already notice someone trying to login with passwords from a dictionary. There are some things you can do to reduce those hacking attempts to your SSH server. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Secure SSH server access

Change SSH port in CentOS with SELinux

Since version 4 of CentOS, SELinux is providing an additional layer of security to the Linux distribution. As of SELinux in combination with sshd, changing the port or even listening on 2 ports is not as easy as just changing the sshd configuration file. Continue reading

Posted in Linux Administration, Security | Tagged , , | Comments Off on Change SSH port in CentOS with SELinux

yum – install package that contains a specific file

When i realised that the program to manage the SELinux rules is called “semanage” i tried to find a package of the same name in the yum repositories. But i could not find it. So i had to find it inside the yum repository. I am happy that yum provides an easy way to find a file that is provided within a package. Continue reading

Posted in Linux Administration, Security | Tagged , , , | Comments Off on yum – install package that contains a specific file

Restrict Linux User to SCP to his home directory

You wanna give access to your server? But you want to restrict access to SCP/SFTP and to the user’s home directory. Here is how i configured an account restricted to SCP/SFTP only using jailkit on CentOS. Continue reading

Posted in Linux Administration, Security | Tagged , , , , , | Comments Off on Restrict Linux User to SCP to his home directory