SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
Apache
Primary tabs
Installation
Download the latest version of the Apache web server. At the time of writing, the current version was 2.4.53.
cd /extra/src
wget https://dlcdn.apache.org/httpd/httpd-2.4.53.tar.gz
tar zxf httpd-2.4.53.tar.gz
cd httpd-2.4.53
Download the latest versions of APR and APR-Util:
cd srclib
wget https://dlcdn.apache.org//apr/apr-1.7.0.tar.gz
tar zxf apr-1.7.0.tar.gz
mv apr-1.7.0 apr
wget https://dlcdn.apache.org//apr/apr-util-1.6.1.tar.gz
tar zxf apr-util-1.6.1.tar.gz
mv apr-util-1.6.1 apr-util
cd ..
In order to secure parts of our website, we'll enable mod_ssl. Compiling mod_rewrite is useful for rewriting URLs. Drupal, in particular, makes use of this.
./configure --enable-so --enable-ssl --enable-rewrite
If all configures correctly, make and install the binaries:
make
make install
Edit /usr/local/apache2/conf/httpd.conf
and change the user and group from daemon to nobody:
User nobody
Group nobody
CentOS 7 Firewall settings:
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --reload
Confirm that Apache starts up correctly, then stop it again:
/usr/local/apache2/bin/apachectl start
/usr/local/apache2/bin/apachectl stop
Automatic Startup
There's a number of different ways to get Apache to start automatically (rc.d/init.d script, rc.local, xinetd). We're going to use daemontools.
If you haven't already, install daemontools.
Create a directory for the Apache service:
mkdir -m 1755 /var/service/apache
cd /var/service/apache
Create the run script and make it executable:
echo '#!/bin/sh' > run
echo 'exec 2>&1' >> run
echo 'exec /usr/local/apache2/bin/httpd -DNO_DETACH 2>&1' >> run
chmod 755 run
Our log script comes from John Simpson's:
mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run
mv service-any-log-run run
chmod 755 run
Finally, add the service to daemontools by creating the symbolic link in /service
ln -s /var/service/apache /service/apache
Confirm that the service is running:
svstat /service/apache /service/apache/log
References
Securing Apache
- Log in to post comments