579
edits
Changes
Jump to navigation
Jump to search
Line 62:
Line 62: − + − + + + + + − + Line 252:
Line 256: + + + + + + + + + + + − * locking down ssh
Raspberry Pi IPv6 firewall tester installation (view source)
Revision as of 10:21, 17 September 2012
, 10:21, 17 September 2012no edit summary
Read and follow the Apache section - one word of warning - I suggest you adjust the default DocumentRoot directory by inserting an additional directory (e.g. htdocs) under /srv/http
Read and follow the Apache section - I suggest that you adjust the default DocumentRoot directory by inserting an additional directory level (e.g. htdocs) under /srv/http so that you can place other directories at this same level without them all being under the Document root:
Having followed the php installation guide then you'll also need to update php's basedir to match Apache:
/srv/http/
htdocs - for storage of your served web pages (e.g. index.php discussed below)
cgi-bin6 - for the ipscan cgi executables
If you follow this suggestion then don't forget to modify the DocumentRoot setting in the apache configuration file! Having followed the php installation guide then you'll also need to update php's base directory to match Apache inside '''/etc/php/php.ini''':
open_basedir = /srv/http/htdocs:/home/:/tmp/:/usr/share/pear/
open_basedir = /srv/http/htdocs:/home/:/tmp/:/usr/share/pear/
And also define the timezone:
And also define the timezone appropriately for your system:
<nowiki>
<nowiki>
e.g. towards '''http://[2001:470:971f:3:ba27:ebff:fecc:dc7c]/cgi-bin6/ipscan-txt.cgi'''
e.g. towards '''http://[2001:470:971f:3:ba27:ebff:fecc:dc7c]/cgi-bin6/ipscan-txt.cgi'''
=== Restrict SSH Logins ===
In general it is recommended that you apply all the standard SSH hardening approaches. You can also restrict logins to your newly created plain user (above) with the addition of the following line to your ssh configuration file ('''/etc/ssh/sshd_config'''). I'd also recommend that you choose an username which isn't a simple shortening of your own name:
AllowUsers plnusr456
=== Simplistic IPv6 Firewall ===
As a general starting point please read the [https://wiki.archlinux.org/index.php/Iptables ArchLinux IPtables documentation].
Complete details coming soon ...
Complete details coming soon ...
Needs to include:
Needs to include:
* firewall
* firewall
* php landing page example
* php landing page example