Tuesday, April 02, 2013

Multiple Desktop Screen 2 Monitor + 1 Ipad

Today i can build multiple Dekstop Screen on My PC with 2 Monitor ( Laptop + Monitor Display ) and 1 Ipad Monitor

 What i need :

1. Laptop 2 Monitor

 - 1 Build in 1 Extended - Windows 7
 - Install Air Display http://avatron.com/apps/air-display
 - Ultramon http://uploaded.net/file/riww1p43/izajb.UltraMon.3.2.2.x86x64.rar

2. Ipad Jailbreak 6.0.1-6.1 :

 - www.evasi0n.com , evasi0n - iOS 6.0-6.1.2 Jailbreak ( Didnt work in iOS > 6.1.3 ) - Install Zeusmos or Vshare in Cydia ( Search ).
 - Install Air Display From Zeusmos or Vshare This My Screen Shoot



Monday, April 01, 2013

Defend Pushdo and Cutwail - Iptables - Proxy Reverse Server - Nginx + Naxsi


Why you are buy expensive device when all is opensource ? 



Topology 



Router ( 192.168.1.1 ) - Nginx Proxy Reverse + Naxsi ( 192.168.1.2 ) - Nginx Web Server ( 192.168.1.3 )


Nginx Proxy Reverse + Naxsi ( 192.168.1.2 ) 

This step how to defend Pushdo/Cutwail where i put naxsi in proxy reverse 

Configure Iptables : 


This block in 4 layer "POST /?ptrxcz" on this situation block pattern string "ptrxcz"




[root@proxy ~]# vi /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [12204116:2175223599]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [13308164:1687844257]
-A INPUT -p tcp -m string --string "ptrxcz" --algo bm --to 65535 -j DROP
COMMIT


Install Nginx + Naxsi


[root@proxy ~]# cd /usr/local/src/
[root@proxy ~]# wget http://nginx.org/download/nginx-x.x.xx.tar.gz 
[root@proxy ~]# wget http://naxsi.googlecode.com/files/naxsi-x.xx.tar.gz 
[root@proxy ~]# tar xvzf nginx-x.x.xx.tar.gz 
[root@proxy ~]# tar xvzf naxsi-x.xx.tar.gz 
[root@proxy ~]# cd nginx-x.x.xx/
[root@proxy ~]# ./configure --conf-path=/etc/nginx/nginx.conf  
--add-module=../naxsi-x.xx/naxsi_src/ --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body     --http-fastcgi-temp-path=/var/lib/nginx/fastcgi     --http-log-path=/var/log/nginx/access.log     --http-proxy-temp-path=/var/lib/nginx/proxy  --lock-path=/var/lock/nginx.lock     --pid-path=/var/run/nginx.pid     --with-http_ssl_module     --without-mail_pop3_module     --without-mail_smtp_module     --without-mail_imap_module     --without-http_uwsgi_module     --without-http_scgi_module     --with-ipv6  --prefix=/usr
[root@proxy ~]# make;make install 
[root@proxy ~]# cp /usr/local/src/naxsi-x.xx/naxsi_config/default_location_config.example /etc/nginx/test.rules

[root@proxy ~]# vi /etc/nginx/test.rules; #LearningMode;
SecRulesEnabled;
#SecRulesDisabled;
DeniedUrl "/RequestDenied";
include "/tmp/naxsi_rules.tmp";
## check rules
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;

[root@proxy ~]# cp /usr/local/src/naxsi-x.xx/naxsi_config/naxsi_core.rules /etc/nginx/naxsi_core.rules


Configure Nginx.conf


[root@nginx ~]# vi /etc/nginx/nginx.conf user nginx;
worker_processes  4;
error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include /etc/nginx/naxsi_core.rules;
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    access_log /var/log/nginx/access.log;
    server_names_hash_bucket_size 64;
    sendfile        on;
    tcp_nopush     on;
    keepalive_timeout  65;
    tcp_nodelay        on;
        gzip              on;
  ignore_invalid_headers   on;
  gzip_comp_level   5;
  gzip_http_version 1.0;
  gzip_min_length   0;
  gzip_types        text/plain text/css image/x-icon application/x-javascript;
  gzip_vary         on;
  include /etc/nginx/conf.d/*.conf;
}

[root@proxy ~]# vi /etc/nginx/conf.d/default.conf
server {
 listen   80;
 server_name  domain.com;
 access_log  /var/log/nginx/access.log;
 error_log  /var/log/nginx/error.log notice;

 #set your default location



 location / {

   include            /etc/nginx/test.rules;
   proxy_pass         http://192.168.1.3;
   proxy_read_timeout 60s;

  # May not need or want to set Host. Should default to the above hostname.

  proxy_set_header          Host            $host;
  proxy_set_header          X-Real-IP       $remote_addr;
  proxy_set_header          X-Forwarded-For $proxy_add_x_forwarded_for;
  }

   location /RequestDenied {

     error_page  404  /404.html;
  }



 #set your static folder location without the proxy pass so Nginx

 #will server those files. We also set expires max to add an
 #expires to have the client cache the files.  You will
 #have to  #set a version on your css and js files to prevent
 #the user who has cached files from not receiving new versions.
 location /static {
  root   /home/domain/www/media;
  expires     max;
  }
  #error_page  404  /404.html;
  # redirect server error pages to the static page /50x.html
 #
 error_page   500 502 503 504  /50x.html;
 location = /50x.html {
  root   /var/www/html;
}
}



[root@proxy naxsi]# vi /etc/nginx/conf.d/proxy.conf
proxy_redirect          off;
proxy_set_header        Host            $host;
proxy_set_header        X-Real-IP       $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size    10m;
client_body_buffer_size 128k;
client_header_buffer_size 64k;
proxy_connect_timeout   90;
proxy_send_timeout      90;
proxy_read_timeout      90;
proxy_buffer_size   16k;
proxy_buffers       32   16k;
proxy_busy_buffers_size 64k;


nginx ssl configure, enable or disable in ssl keep on your situation ....


[root@proxy src]# cat /etc/nginx/conf.d/ssl.conf
#
# HTTPS server configuration
#

server {

        ### server port and name ###
        listen          443;
        ssl             on;
        server_name     domain.com;

        ### SSL log files ###

        access_log      /var/log/nginx/ssl-access.log;
        error_log       /var/log/nginx/ssl-error.log;

        ### SSL cert files ###


        ssl_certificate      "/etc/ssl/certs/domain/domain.crt";

        ssl_certificate_key  "/etc/ssl/certs/domain/domain.key";



         ssl_protocols SSLv3 TLSv1;

         ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH;

        ssl_prefer_server_ciphers on;

        keepalive_timeout    60;
        ssl_session_cache    shared:SSL:10m;
        ssl_session_timeout  10m;





 set $my_https "off";

  if ($http_x_forwarded_proto = "https") {
      set $my_https "on";
  }

#  passenger_enabled on;

#  passenger_set_cgi_param HTTPS $my_https;

   server_name_in_redirect off;




location / {

       # include    /etc/nginx/test.rules;
        proxy_pass  https://192.168.1.3;

        proxy_redirect off;

        proxy_set_header Host $host ;
        proxy_set_header X-Real-IP $remote_addr ;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
        proxy_set_header X-Forwarded-Proto https;
}
}

[root@proxy src]# tail -f /var/log/nginx/error.log

2013/04/01 15:41:49 [error] 11322#0: *323567 NAXSI_FMT: 

ip=123.50.36.241&server=domain.com&uri=/&learning=0&total_processed=9072&total_blocked=8135&zone0=HEADERS&id0=1402&var_nam


e0=content-type, client: 123.50.36.241, server: domain.com, request: "POST / HTTP/1.1", host: "domain.com"

2013/04/01 15:41:49 [error] 11322#0: *323582 NAXSI_FMT: 

ip=222.254.120.159&server=domain.com&uri=/&learning=0&total_processed=9073&total_blocked=8136&zone0=HEADERS&id0=1402&var_n


ame0=content-type, client: 222.254.120.159, server: domain.com, request: "POST / HTTP/1.1", host: "domain.com"

2013/04/01 15:41:49 [error] 11322#0: *323586 NAXSI_FMT: 

ip=105.228.161.78&server=domain.com&uri=/&learning=0&total_processed=9075&total_blocked=8137&zone0=HEADERS&id0=1402&var_na


me0=content-type, client: 105.228.161.78, server: domain.com, request: "POST / HTTP/1.1", host: "domain.com"

2013/04/01 15:41:49 [error] 11322#0: *323587 NAXSI_FMT: 

ip=76.67.72.71&server=domain.com&uri=/&learning=0&total_processed=9076&total_blocked=8138&zone0=HEADERS&id0=1402&var_name0


=content-type, client: 76.67.72.71, server: domain.com, request: "POST / HTTP/1.1", host: "domain.com"

2013/04/01 15:41:49 [error] 11322#0: *323588 NAXSI_FMT: 

ip=37.79.119.192&server=domain.com&uri=/&learning=0&total_processed=9077&total_blocked=8139&zone0=HEADERS&id0=1402&var_nam


e0=content-type, client: 37.79.119.192, server: domain.com, request: "POST / HTTP/1.1", host: "domain.com"


Error Log id0=1402 


[root@proxy src] cat /etc/nginx/naxsi_core.rules


MainRule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-


form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4"

id:1402;

In Webserver nginx ( 192.168.1.3 )



[root@web root]# vi /etc/nginx/nginx.conf

 user       nginx;  

 worker_processes 4;  
 pid    /var/run/nginx.pid;  
 events {  
   worker_connections 1024;  
 }  
 http {  
    open_file_cache max=1000 inactive=20s;  
    open_file_cache_valid  30s;  
    open_file_cache_min_uses 2;  
    open_file_cache_errors  on;  
    keepalive_timeout 20;  
   client_max_body_size 15m;  
   client_body_timeout 60;  
   client_header_timeout 60;  
   client_body_buffer_size 1K;  
   client_header_buffer_size 1k;  
   large_client_header_buffers 4 8k;  
   send_timeout 60;  
   error_log /var/log/nginx/error.log;  
   access_log /var/log/nginx/access.log;  
   include /etc/nginx/naxsi_core.rules;  
   include    /etc/nginx/mime.types;  
   default_type application/octet-stream;  
   log_format main '$remote_addr - $remote_user [$time_local] "$request" '  
            '$status $body_bytes_sent "$http_referer" '  
            '"$http_user_agent" "$http_x_forwarded_for"';  
 sendfile     on;  
 tcp_nopush    on;  
 tcp_nodelay    off;  
 autoindex     off;  
 keepalive_requests 100000;  
   error_log /var/log/nginx/error.log ;  
   access_log /var/log/nginx/access.log main;  
   server_tokens off;  
   fastcgi_buffers 8 16k;  
   fastcgi_buffer_size 32k;  
   limit_req_zone $binary_remote_addr zone=blitz:10m rate=10r/s;  
  gzip on;  
  include /etc/nginx/conf.d/*.conf;  
  server {  
     proxy_set_header Proxy-Connection "";  
     listen    80;  
     listen    443 ssl;  
     server_name domain.com;  
     root /home/domain/www;  
     ssl_certificate   "/etc/ssl/certs/server.crt";  
     ssl_certificate_key "/etc/ssl/certs/server.key";  
      ssl_session_timeout 5m;  
      ssl_protocols SSLv3 TLSv1;  
      ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH;  
   ssl_prefer_server_ciphers on;  
  client_body_timeout  10;  
  client_header_timeout 10;  
  keepalive_timeout   5 5;  
  send_timeout     10;  
  set $my_http "http";  
  set $my_ssl  "off";  
  set $my_port "80";  
 #Block this too   
  if ($http_user_agent ~ "curl") { return 403; }  
   if ($http_referer ~* (ptrxcz) ) {  
    return 404;  
   }  
   location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {  
   access_log    off;  
   log_not_found   off;  
   expires      360d;  
 }  
     location / {  
     proxy_set_header Host $host;  
     proxy_set_header X-Real-IP $remote_addr;  
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
     # Most web apps can be configured to read this header and understand that the current session is actually HTTPS.  
     proxy_set_header X-Forwarded-Proto https;  
     proxy_redirect   off;  
     index index.php;  
     try_files $uri $uri/ @handler;  
     }  
  error_page 403 /403.html;  
  location = /403.html {  
  root /home/domain/www;  
  internal;  
  }  
   # Deny access to specific directories no one  
   location /app/ { deny all; }  
   location /includes/ { deny all; }  
   location /lib/ { deny all; }  
   location /media/downloadable/ { deny all; }  
   location /pkginfo/ { deny all; }  
   location /report/config.xml { deny all; }  
   location /var/ { deny all; }  
   # Allow only those who have a login name and password  
   # to view the export folder. Refer to /etc/nginx/htpassword.  
   location /var/export/ {  
     auth_basic "Restricted";  
     auth_basic_user_file htpasswd;  
     autoindex on;  
   }  
   # Deny all attempts to access hidden files  
   # such as .htaccess, .htpasswd, etc...  
   location ~ /\. {  
      deny all;  
      access_log off;  
      log_not_found off;  
   }  
   if ($http_x_forwarded_proto = "https") {  
   set $my_http "https";  
   set $my_ssl "on";  
   set $my_port "443";  
   }  
   # This redirect is added so to use Magentos  
   # common front handler when handling incoming URLs.  
   location @handler {  
     rewrite / /index.php;  
   }  
   # Forward paths such as /js/index.php/x.js  
   # to their relevant handler.  
   location ~ .php/ {  
     rewrite ^(.*.php)/ $1 last;  
   }  
      if (!-e $request_filename) {  
      rewrite . /index.php last;  
      }  
      location ~ \.php$ {  
       fastcgi_param HTTPS on;  
       fastcgi_pass  127.0.0.1:9000;  
       fastcgi_index index.php;  
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;  
       include    fastcgi_params;  
     }  
       location ~* \.(htm|html|js|css|png|jpg|jpeg|gif|ico)$ {  
         expires max;  
         log_not_found off;  
        }  
     # deny access to .htaccess files, if Apache's document root  
     # concurs with nginx's one  
     #  
     location ~ /\.ht {  
       deny all;  
     }  
 error_page 404 /notfound.html;  
 }  
 }  

Thursday, March 28, 2013

Pushdo and CutWail - Iptables + Nginx + Naxsi

Firewall - Server ( Iptables ) - Nginx + Naxsi

Analysis of Impact to High Load CPU  - with spam and there is the largest botnet in terms of the amount of infected hosts. Im put this article where is ive got million parameter POST

67.248.43.182 - - [25/Mar/2013:23:23:31 +0700] "POST /?ptrxcz_EEEFFFFFFFFFFGGGGGGGGGGHHHHHHH HTTP/1.1" 404 564 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
190.25.79.166 - - [25/Mar/2013:23:23:31 +0700] "POST / HTTP/1.1" 302 5 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
190.118.16.50 - - [25/Mar/2013:23:23:31 +0700] "POST /?ptrxcz_effffffffgggggggghhhhhhhhhiiii HTTP/1.1" 404 564 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
189.164.7.205 - - [25/Mar/2013:23:23:31 +0700] "POST /?ptrxcz_tx147AEHLORVYbehkosvz259CFJNQT HTTP/1.1" 404 564 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
190.198.28.165 - - [25/Mar/2013:23:23:31 +0700] "POST /?ptrxcz_gggghhhhhhiiiiiijjjjjjkkkkkkll HTTP/1.1" 404 564 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

and im put this code in iptables  :

[root@tania ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.3.5 on Tue Mar 26 02:33:50 2013
*filter
:INPUT ACCEPT [81472:6298313]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [104280:11571047]
#-A INPUT -p tcp -m length --length 0 -m tcp --dport 80 -m string --string "POST" --algo bm --to 80 -j REJECT --reject-with tcp-reset
#-A INPUT -p tcp -m length --length 0 -m tcp --dport 80 -m string --string "POST" --algo bm --to 70 -j REJECT --reject-with tcp-reset
-A INPUT -p tcp -m length --length 8 -m tcp --dport 80 -m string --string "POST / HTTP/1.1" --algo bm --to 70 -j REJECT --reject-with tcp-reset
-A INPUT -p tcp -m length --length 0 -m tcp --dport 80 -m string --string "POST / HTTP/1.1" --algo bm --to 8 -j REJECT --reject-with tcp-reset
-A INPUT -p tcp -m tcp --dport 80 -m string --string "POST /?ptrxcz" --algo bm --to 70 -j REJECT --reject-with tcp-reset
COMMIT
# Completed on Tue Mar 26 02:33:50 2013
[root@tania ~]#


the next of this situation naxsi + nginx 

wget http://nginx.org/download/nginx-x.x.xx.tar.gz wget http://naxsi.googlecode.com/files/naxsi-x.xx.tar.gz tar xvzf nginx-x.x.xx.tar.gz tar xvzf naxsi-x.xx.tar.gz cd nginx-x.x.xx/

put your configure

./configure --add-module=../naxsix.xx/naxsi_src/ [your options for nginx] make make install


Here is my configuration nginx.conf 



 
 user       nginx;  
 worker_processes 4;  
 pid    /var/run/nginx.pid;  
 events {  
   worker_connections 1024;  
 }  
 http {  
    open_file_cache max=1000 inactive=20s;  
    open_file_cache_valid  30s;  
    open_file_cache_min_uses 2;  
    open_file_cache_errors  on;  
    keepalive_timeout 20;  
   client_max_body_size 15m;  
   client_body_timeout 60;  
   client_header_timeout 60;  
   client_body_buffer_size 1K;  
   client_header_buffer_size 1k;  
   large_client_header_buffers 4 8k;  
    send_timeout 60;  
   error_log /var/log/nginx/error.log;  
   access_log /var/log/nginx/access.log;  
   include /etc/nginx/naxsi_core.rules;  
   include    /etc/nginx/mime.types;  
   default_type application/octet-stream;  
   log_format main '$remote_addr - $remote_user [$time_local] "$request" '  
            '$status $body_bytes_sent "$http_referer" '  
            '"$http_user_agent" "$http_x_forwarded_for"';  
 sendfile     on;  
 tcp_nopush    on;  
 tcp_nodelay    off;  
 autoindex     off;  
 keepalive_requests 100000;  
   error_log /var/log/nginx/error.log ;  
   access_log /var/log/nginx/access.log main;  
   server_tokens off;  
   fastcgi_buffers 8 16k;  
   fastcgi_buffer_size 32k;  
   limit_req_zone $binary_remote_addr zone=blitz:10m rate=10r/s;  
   #keepalive_timeout 65;  
   gzip on;  
   include /etc/nginx/naxsi_core.rules;  
   #include /etc/nginx/doxi-rules/rules.conf;  
   include /etc/nginx/conf.d/*.conf;  
  server {  
     proxy_set_header Proxy-Connection "";  
     listen    80;  
     listen    443 ssl;  
     server_name domain.com;  
     root /home/domain/www;  
     ssl_certificate   "/etc/ssl/certs/server.crt";  
     ssl_certificate_key "/etc/ssl/certs/server.key";  
      ssl_session_timeout 5m;  
      ssl_protocols SSLv3 TLSv1;  
      ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH;  
      ssl_prefer_server_ciphers on;  
  client_body_timeout  10;  
  client_header_timeout 10;  
  keepalive_timeout   5 5;  
  send_timeout     10;  
   set $my_http "http";  
  set $my_ssl "off";  
  set $my_port "80";  
 #Block this too   
  if ($http_user_agent ~ "curl") { return 403; }  
   if ($http_referer ~* (ptrxcz) ) {  
    return 404;  
   }  
   location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {  
   access_log    off;  
   log_not_found   off;  
   expires      360d;  
 }  
     location / {  
     proxy_set_header Host $host;  
     proxy_set_header X-Real-IP $remote_addr;  
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
     # Most web apps can be configured to read this header and understand that the current session is actually HTTPS.  
      proxy_set_header X-Forwarded-Proto https;  
     # We expect the downsteam servers to redirect to the right hostname, so don't do any rewrites here.  
      proxy_redirect   off;  
     #proxy_set_header Host ;  
     index index.php;  
     try_files $uri $uri/ @handler;  
     }  
  error_page 403 /403.html;  
  location = /403.html {  
  root /home/domain/www;  
  internal;  
  }  
   # Deny access to specific directories no one  
   location /app/ { deny all; }  
   location /includes/ { deny all; }  
   location /lib/ { deny all; }  
   location /media/downloadable/ { deny all; }  
   location /pkginfo/ { deny all; }  
   location /report/config.xml { deny all; }  
   location /var/ { deny all; }  
   # Allow only those who have a login name and password  
   # to view the export folder. Refer to /etc/nginx/htpassword.  
   location /var/export/ {  
     auth_basic "Restricted";  
     auth_basic_user_file htpasswd;  
     autoindex on;  
   }  
   # Deny all attempts to access hidden files  
   # such as .htaccess, .htpasswd, etc...  
   location ~ /\. {  
      deny all;  
      access_log off;  
      log_not_found off;  
   }  
   if ($http_x_forwarded_proto = "https") {  
   set $my_http "https";  
   set $my_ssl "on";  
   set $my_port "443";  
   }  
   # This redirect is added so to use Magentos  
   # common front handler when handling incoming URLs.  
   location @handler {  
     rewrite / /index.php;  
   }  
   # Forward paths such as /js/index.php/x.js  
   # to their relevant handler.  
   location ~ .php/ {  
     rewrite ^(.*.php)/ $1 last;  
   }  
      if (!-e $request_filename) {  
      rewrite . /index.php last;  
      }  
      location ~ \.php$ {  
      include  /etc/nginx/test.rules;  
       fastcgi_param HTTPS on;  
       fastcgi_pass  127.0.0.1:9000;  
       fastcgi_index index.php;  
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;  
       include    fastcgi_params;  
     }  
       location ~* \.(htm|html|js|css|png|jpg|jpeg|gif|ico)$ {  
         expires max;  
         log_not_found off;  
        }  
     # deny access to .htaccess files, if Apache's document root  
     # concurs with nginx's one  
     #  
     location ~ /\.ht {  
       deny all;  
     }  
 error_page 404 /notfound.html;



  
 }  
 }  

tail -f /var/log/nginx/error.log


2013/03/25 04:03:22 [error] 30036#0: *10155787 NAXSI_FMT: ip=70.45.123.74&server=domain.com&uri=/&learning=1&total_processed=235&total_blocked=234&zone0=HEADERS&id0=1402&var_name0=content-type&zone1=BODY&id1=11&var_name1=, client: 70.45.123.74, server: www.domain.com, request: "POST / HTTP/1.1", host: "domain.com"
2013/03/25 04:03:22 [error] 30036#0: *10155791 NAXSI_FMT: ip=186.114.107.88&server=domain.com&uri=/&learning=1&total_processed=236&total_blocked=235&zone0=HEADERS&id0=1402&var_name0=content-type&zone1=BODY&id1=11&var_name1=, client: 186.114.107.88, server: www.domain.com, request: "POST / HTTP/1.1", host: "domain.com"
2013/03/25 04:03:22 [error] 30036#0: *10155794 NAXSI_FMT: ip=181.124.39.150&server=domain.com&uri=/&learning=1&total_processed=237&total_blocked=236&zone0=HEADERS&id0=1402&var_name0=content-type&zone1=BODY&id1=11&var_name1=, client: 181.124.39.150, server: www.domain.com, request: "POST / HTTP/1.1", host: "domain.com"
2013/03/25 04:03:22 [error] 30036#0: *10155799 NAXSI_FMT: ip=37.105.12.39&server=domain.com&uri=/&learning=1&total_processed=238&total_blocked=237&zone0=HEADERS&id0=1402&var_name0=content-type&zone1=BODY&id1=11&var_name1=, client: 37.105.12.39, server: www.domain.com, request: "POST / HTTP/1.1", host: "domain.com"
2013/03/25 04:03:23 [error] 30036#0: *10155801 NAXSI_FMT: ip=71.123.47.32&server=domain.com&uri=/&learning=1&total_processed=239&total_blocked=238&zone0=HEADERS&id0=1402&var_name0=content-type&zone1=BODY&id1=11&var_name1=, client: 71.123.47.32, server: www.domain.com, request: "POST / HTTP/1.1", host: "domain.com"
2013/03/25 04:03:23 [error] 30036#0: *10155804 NAXSI_FMT: ip=79.145.219.121&server=domain.com&uri=/&learning=1&total_processed=240&total_blocked=239&zone0=HEADERS&id0=1402&var_name0=content-type&zone1=BODY&id1=11&var_name1=, client: 79.145.219.121, server: www.domain.com, request: "POST / HTTP/1.1", host: "domain.com"
2013/03/25 04:03:23 [error] 30036#0: *10155803 NAXSI_FMT: ip=189.228.72.174&server=domain.com&uri=/&learning=1&total_processed=241&total_blocked=240&zone0=HEADERS&id0=1402&var_name0=content-type&zone1=BODY&id1=11&var_name1=, client: 189.228.72.174, server: www.domain.com, request: "POST / HTTP/1.1", host: "domain.com" 

Sunday, February 17, 2013

OJS and Nginx

Im decide to put web server nginx to OJS , make some rewrite there is problem with preety url with OJS

as you can see here :

http://pkp.sfu.ca/support/forum/viewtopic.php?f=8&t=9135

and  it must be : disable_path_info = On

but i dont want it ,  and then i try to search google and this the link usage for me :

http://coolpandaca.wordpress.com/2012/12/07/migrate-ojs-to-nginx-from-apache/

Great article and there is 2 point when value path_info and scriptname : null ...
  
how to made rewrite in full configuration nginx.conf ?

#----------------------------------------------------------------------
# Events Module
#
#   http://wiki.nginx.org/NginxHttpEventsModule
#
#----------------------------------------------------------------------

events {
    worker_connections  1024;
}


#----------------------------------------------------------------------
# HTTP Core Module
#
#   http://wiki.nginx.org/NginxHttpCoreModule
#
#----------------------------------------------------------------------

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

access_log  /var/log/nginx/access.log  main;

access_log on;
#tcp_nodelay on;
keepalive_requests 100000;


    gzip  on;
    gzip_static on;
    gzip_comp_level 9;
    gzip_min_length 1400;
    gzip_types  text/plain text/css image/png image/gif image/jpeg application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    gzip_vary  on;
    gzip_http_version 1.1;
    gzip_disable "MSIE [1-6]\.(?!.*SV1)";



    # Load config files from the /etc/nginx/conf.d directory
    include /etc/nginx/conf.d/*.conf;

    #
    # The default server
    #


server {
listen 80;
server_name yourservername.com;

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

 root /var/www/html/ojs;
index index.php index.html index.htm;

location / {
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php/$1 last;
}
}

location ~ .php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

include /etc/nginx/fastcgi_params;
}

location ~ .php($|/) {

set $script $uri;
set $path_info "";

if ($uri ~ "^(.+.php)(/.+)") {
set $script $1;
set $path_info $2;
}
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$script;
fastcgi_param SCRIPT_NAME $script;
fastcgi_param PATH_INFO $path_info;

fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;

fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;

fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REDIRECT_STATUS 200;
}
}
}