{"id":1787,"date":"2019-09-17T14:38:20","date_gmt":"2019-09-17T20:38:20","guid":{"rendered":"https:\/\/ugit.siua.ac.cr\/?p=1787"},"modified":"2019-09-17T14:38:20","modified_gmt":"2019-09-17T20:38:20","slug":"apache-comandos","status":"publish","type":"post","link":"https:\/\/sada.services\/?p=1787","title":{"rendered":"APACHE: Comandos"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Comandos de Inter\u00e9s<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Saber si apache esta corriendo<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>ps auxw | grep httpd<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>RESULTADO:<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>root 16127 0.0 0.0 12752 996 pts\/0 S+ 16:46 0:00 grep httpd<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Saber m\u00f3dulos instalados de apache<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>apache2ctl -M\no\napachectl -t -D DUMP_MODULES\n<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Saber el tama\u00f1o de los archivos de un sitio<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>find \/var\/www\/html\/Sitios\/403 -type f -name \"*.html\" -ls | \\\nawk 'BEGIN { FILECNT = 0; T_SIZE=0;}\\\n{T_SIZE += $7; FILECNT++}\\\nEND{print \"Total de archivos:\", FILECNT,\\\n        \"Tama\u00f1o Total:\", T_SIZE, \\\n        \"Promedio:\", T_SIZE\/ FILECNT;\n}'<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>RESULTADO:<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>Total de archivos: 1 Tama\u00f1o Total: 3982 Promedio: 3982<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Saber conexiones por IP<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo netstat -plan|grep :80 | awk {'print $5'} | cut -d: -f 1 | sort | uniq -c | sort -n<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Saber conexiones abiertas<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>netstat -tpn | grep -v \"127.0.0\" | grep \"apache\\|443\\|80\"<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Consultar reglas iptables<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables -L -niptables -L --line-numbers<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Ver bloqueaos activados en fail2ban<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>fail2ban-client status<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Reglas<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables -I INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 -j REJECT\niptables -I INPUT -p tcp --syn --dport 443 -m connlimit --connlimit-above 20 -j REJECT<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Eliminar regla<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables -D INPUT #numerooiptables -D fail2ban-HTTP 1<\/code><\/pre>\n\n\n\n<p>nano \/etc\/fail2ban\/jail.local<\/p>\n\n\n\n<p>[http-get-dos]<br>enabled = true<br>port = http,https<br>filter = http-get-dos<br>logpath = \/var\/log\/apache2\/siua.ac.cr-access.log<br># Cantidad maxima de GETS que se pueden encontrar en un periodo de tiempo establecido en findtime<br>maxretry = 100<br># findtime tiempo en segundos (60 segundos = 1 minutos)<br>findtime = 60<br># bantime bloquear ip por un dia<br>bantime = 86400<br>action = iptables[name=HTTP, port=http, protocol=tcp]<br> sendmail-whois[name=Nagios, dest=\u00bb%(destemail)s\u00bb, sender=\u00bb%(sender)s\u00bb, sendername=\u00bb%(sendername)s\u00bb]<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Ahora creamos un archivo nano \/etc\/fail2ban\/filter.d\/http-get-dos.conf<\/li><\/ul>\n\n\n\n<p># Fail2Ban bloqueo GET<br>#<br># Autor: UGIT<br>#<br>[Definition]<\/p>\n\n\n\n<p># Option: failregex<br>#\n Nota: Esta expresi\u00f3n regular coincidir\u00e1 con cualquier entrada GET en \nsus registros, por lo que b\u00e1sicamente todas las entradas v\u00e1lidas y no \nv\u00e1lidas son coincidentes.<br># Debe configurar cuidadosamente en el archivo jail.conf, maxretry y findtime para evitar falsos positivos.<\/p>\n\n\n\n<p>failregex = ^&lt;HOST&gt; -.*\u00bb(GET|POST).*<\/p>\n\n\n\n<p># Option: ignoreregex<br># Notes.: regex to ignore. If this regex matches, the line is ignored.<br># Values: TEXT<br>#<br>ignoreregex =<\/p>\n\n\n\n<p><br>\/etc\/init.d\/fail2ban restart<br>systemctl start fail2ban<br>systemctl enable fail2ban<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>En Mysql<\/li><\/ul>\n\n\n\n<p>show processlist;<\/p>\n\n\n\n<p>show status like &#8216;Threads%&#8217;;<\/p>\n\n\n\n<p><a href=\"http:\/\/www.galisteocantero.com\/ver-conexiones-abiertas-en-un-servidor-mysql\">http:\/\/www.galisteocantero.com\/ver-conexiones-abiertas-en-un-servidor-mysql<\/a><br><a href=\"https:\/\/dajul.com\/2013\/05\/24\/limitar-el-numero-de-conexiones-por-ip\/\">https:\/\/dajul.com\/2013\/05\/24\/limitar-el-numero-de-conexiones-por-ip\/<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/elbauldelprogramador.com\/20-ejemplos-de-iptables-para-sysadmins\">https:\/\/elbauldelprogramador.com\/20-ejemplos-de-iptables-para-sysadmins<\/a><br><a href=\"https:\/\/encodingthecode.wordpress.com\/2012\/12\/27\/numero-conexiones-apache-controlando-el-servidor\/\">https:\/\/encodingthecode.wordpress.com\/2012\/12\/27\/numero-conexiones-apache-controlando-el-servidor\/<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.linuxito.com\/gnu-linux\/nivel-alto\/625-como-saber-si-hay-usuarios-conectados-en-mi-servidor-apache\">https:\/\/www.linuxito.com\/gnu-linux\/nivel-alto\/625-como-saber-si-hay-usuarios-conectados-en-mi-servidor-apache<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Comandos de Inter\u00e9s Saber si apache esta corriendo RESULTADO: Saber m\u00f3dulos instalados de apache Saber el tama\u00f1o de los archivos de un sitio RESULTADO: Saber conexiones por IP Saber conexiones abiertas Consultar reglas iptables Ver bloqueaos activados en fail2ban Reglas Eliminar regla nano \/etc\/fail2ban\/jail.local [http-get-dos]enabled = trueport = http,httpsfilter = http-get-doslogpath = \/var\/log\/apache2\/siua.ac.cr-access.log# Cantidad maxima [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1764,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[109],"tags":[],"class_list":["post-1787","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-apache"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[],"version":6}},"_links":{"self":[{"href":"https:\/\/sada.services\/index.php?rest_route=\/wp\/v2\/posts\/1787","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sada.services\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sada.services\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sada.services\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sada.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1787"}],"version-history":[{"count":1,"href":"https:\/\/sada.services\/index.php?rest_route=\/wp\/v2\/posts\/1787\/revisions"}],"predecessor-version":[{"id":1793,"href":"https:\/\/sada.services\/index.php?rest_route=\/wp\/v2\/posts\/1787\/revisions\/1793"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sada.services\/index.php?rest_route=\/wp\/v2\/media\/1764"}],"wp:attachment":[{"href":"https:\/\/sada.services\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1787"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sada.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1787"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sada.services\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1787"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}