Topics

number

Nginx Error Log Reader

Nginx Error Log Reader is a php reader/parser/analyzer for Nginx error log file. the script is able to read error logs recursively then display them in a user friendly table. Script configuration includes the number of bytes to read per page and allow pagination through the error log . Additionally, table columns are sortable and full description of every error is displayed using MonnaTip.

For banning Ips, please refer to this post Using iptables to block ips that spam or attack your server

Limit requests per IP on Nginx using HttpLimitZoneModule and HttpLimitReqModule except whitelist

– Make sure to check Nginx, PHP posts for information on Nginx and PHP setup and configuration.

Nginx offers two modules, HttpLimitReqModule and HttpLimitZoneModule, to limit simultaneous connections for the assigned session and the number of requests for a given session from one IP address. Basically these modules are built to protect the web server from possible DDos attacks; For example, this configuration limits remote clients to no more than 20 concurrently “open” connections per remote ip address:

http{
    limit_conn_zone  $binary_remote_addr zone=concurrent:10m;
    limit_conn_log_level warn;
    limit_conn  concurrent  20;

increase linux file descriptors

Check Installing CentOS 6.2 on VMware and mounting partitions with noatime posts.

This is very important performance tuning for any web server more information here

#adduser www first http://gadelkareem.com/2012/02/26/adding-new-users-and-admins-to-linux-server/
ulimit -n unlimited - www
#check default number of concurrently open file descriptors 
cat /proc/sys/fs/file-max
#set the number to high value depending on server config
echo '1773914' > /proc/sys/fs/file-max
echo 'fs.file-max=1773914' >> /etc/sysctl.conf
/sbin/sysctl -w fs.file-max=1773914

Ban IP from logging in for 5 minutes after 10 failed logins


if( login_limit() )
   die( 'Your IP has been banned from logging in for the next 5 minutes' );



/*
 * Counts login times by same IP 
 * returns true if limit reached or false if not 
 */
function login_limit(){
    //get real IP if user behind proxy noted by Sebastian Enger
    $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
    
    //user still banned from login
    if( _cache( $ip . 'banned' ) )
        return true;

    //number of seconds 
    $sec = 30;
    //find ip info array in cache saved less than $sec ago
    if( ($ip_info=_cache( $ip ))  && $ip_info[0] > time()-$sec ){
        
        //user login 10 times during last $sec 
        if(  $ip_info[1] > 10 ){
            //ban user ip for the next 5 minutes
            _cache( $ip . 'banned', 1, 0, 60*5 );
            _cache( $ip, -1 );
            return true;
        }
        //increase login retries +1 
        _cache( $ip, array(  $ip_info[0],   ++$ip_info[1] ), 0, $sec );
        return false;
        
    }
        
    //add ip info to cache
    _cache( $ip, array( time(), 1 ), 0, $sec );
    return false;
}

function _cache( $name, $val=NULL, $ttl=false ){
        //memcached
	global $mcdb;
	if(empty($mcdb) ) 
		$mcdb = memcache_connect('unix:///etc/sockets/memcached.sock', 0);
	
	if($val === -1){
		return memcache_delete($mcdb,$name);
	}elseif( $val !== NULL ){
		return memcache_set($mcdb,$name,$val, false, $ttl);
	}else{
		$retval = memcache_get($mcdb,$name);
		return  $retval ? $retval : NULL;
	}

}

Sitemap Creator 0.2 beta

New Version is available. Click here

Sitemap Creator crawls/spiders your website creating XML sitemaps compatible with the standard sitemaps.org protocol supported by Google, Yahoo!, MSN and MoreOver. The script pings Google, Yahoo!, MSN and MoreOver bots to download the sitemap file, then tracks the bot and sends you an email on every scan to your Sitemap and gives you a full report of the Search Engine respond.
Sitemaps are created from a CSV file which could easily be edited using any text editor before creating the sitemap.