Apache Tutorial: Allow Directory While Restrict Certain Files

How to Restrict Specific Files in Apache?

In this tutorial i will show you how to enable a directory in Apache and yet restrict certain files browsing.

Enable Folder in Apache

To enable a folder in Apache you need to edit the HTTPD conf or create a new conf file like following:

vi /etc/httpd/conf.d/vhosts.conf

Continue reading

Apache SSL Error: Invalid command 'SSLPassPhraseDialog', perhaps misspelled or defined by a module not included in the server configuration

In this tutorial i will be going through tracing Invalid command 'SSLPassPhraseDialog' error and find a solution for it.

Apache SSL Error: Invalid command 'SSLPassPhraseDialog'

 

Most of the cases this means that mod_ssl is not loaded correctly, try to find or locate mod_ssl.so and be sure that it's there in your system.

If mod_ssl.so is not available then you need to install it. Continue reading

Apache Hardening Tutorial : Disable HTTP Trace

Disable HTTP Trace

 

What is HTTP Trace ? Apache Hardening Tutorial

This article is part of the Apache Hardening and Securing tutorial series. This time we will be taking a look on HTTP Trace find how to check if you are vulnerable and how to fix it.

 

If your webserver has the HTTP Trace enabled this going to put it into a risk of Cross-Site Tracing and use of Cross-site Scripting (XSS).

TRACE: This method simply echoes back to the client whatever string has been sent to the server, and is used mainly for debugging purposes.

The TRACE method, while it looks fine, it can be used in some scenarios to steal customers' credentials. It allows the client to see what is being received at the other end of the request.

This attack method was first discovered in 2003. Continue reading

Change Jenkins Port on Linux and Forward Jenkins to Port 80

Forward Jenkins to Port 80 from Jenkins 8080 port

Changing Jenkins Default Port

Jenkins Video Tutorial

Change Jenkins Port on Linux

In this tutorial i will be showing you how to change Jenkins 8080 to Jenkins 80 / 443 or any other port.

First you have to be sure that Apache HTTPD is installed and running and then open httpd.conf file and use below configuration. Continue reading

Run Jenkins on port 80 Using Direct URL

Run Jenkins on Port 80

Configure Jenkins on Port 80

Run Jenkins on Port 80
Configure Jenkins to run on port 80 can be done in different ways, today i will be sharing how i figured out running it using proxy reverse using apache.
This method was tested on below configuration:
Red Hat Enterprise Linux Server release 5.9
Apache/2.2.3
Jenkins 2.46

 

First you need to override reverse proxy authorization by adding below rules to either the main httpd.conf or a proxy.conf inside the conf.d folder. (ie /etc/apache2/mods-enabled/proxy.conf in Ubuntu)

<Proxy http://localhost:8080/jenkins*>
Order deny,allow
Allow from all
</Proxy>

Edit /etc/sysconfig/jenkins by adding the following arguments at the end of the file:

JENKINS_ARGS="--prefix=/jenkins

This will specify a folder name that can be accessed through the url in the browser and it's the same like the one we specified earlier in the apache configuration above.

Set the selinux booleans to the below values using following command:

setsebool httpd_can_network_connect true
setsebool httpd_can_network_connect 1

Restart now both jenkins server and httpd, and confirm that jenkins is running with desired configuration and port using below command

ps aux | grep -i jenkins

Test jenkins using the IP.IP.IP.IP:8080, first time you run jenkins it won't ask for any admin passwords.

Edit /etc/sysconfig/jenkins by adding the following arguments at the end of the file, this is what will give your jenkins system access running scripts over the box.

$JENKINS_USER="root"  or any other users which have user access

Below are optional and some user reported that they helped them running jenkins, for me it worked fine without running below permission modifications

chown -R root:root /var/lib/jenkins
chown -R root:root /var/cache/jenkins
chown -R root:root /var/log/jenkins

Restart jenkins service one more time.