Catatan Kecilku

Today one of my website which hosted in a shared hosting environment got suspended because it’s running many malicious script and attacking the server.

My website name is www.webhostingkudus.com, and maybe many Moslem Hacker miss represented this as a Non-Moslem website. As all of you should know, it’s created under the name www.webhostingkudus.com, because I’m living in Kudus, a nice Moslem City in Central Java, Indonesia.

The City founder, Sunan Kudus or Syeikh Raden Ja’far Shodiq, decided to name the City as Kudus, because he want to create the City as beautifull as the Al-Quds or Baitul Maqdis, a City where Masjidil Aqso located in Jerussallem / Palestina .

It’s hacked by w0LF Gh4m3D. And altough the hacker have been removing the log files, they still left some logs for me.

In the error_log, I found the latest IP of the visitor :

87.109.59.213
188.51.121.30
188.52.52.191

If you want to add more security, just add those three IP’s to your blocklist. Or you can banned the whole Middle East from accessing your website.

Today I am using SSL to add more securities in this Blog, and the SSL is the Free one, provided by StartCom / StartSSL.

And now, let’s go trough the tutorial for installing SSL in a Lighttpd VPS

How to get Free SSL :

1. Go to StartSSL
2. Click the StartSSL Free
3. Choose the Express Lane, fill the required data, and also make sure you are using valid phone number. We use the phone number for verification.

Preparing the Lighttpd VPS for SSL installation :

1. Generate a CSR ( Certificate Signing Request ), and in this example we are using domain www.erawanarifnugroho.com

   # mkdir -p /etc/lighttpd/ssl
   # cd /etc/lighttpd/ssl/Create the Private Key :
   # openssl genrsa -des3 -out ssl.key 2048

   Create the CSR :

   # openssl req -new -key ssl.key -out ssl.csr

   You will be prompted to enter domain name and another data. At the “Common Name”, use your domain name, for example www.erawanarifnugroho.com

   Next you will need to submit the csr key to the Certificate Authority, in this case StartCom/StartSSL. Once your order have been validated, you can download the certificate to be used for the Lighttpd VPS.

   Save the Certificate as “certificate.crt” and upload the Certificate to the /etc/lighttpd/ssl

2. Preparing the CertificateIf we use the encrypted Private Key, Lighttpd will ask the password when restarted. Therefore, we need to decrypt the key so the Lighttpd will not ask the password.

   # openssl rsa -in ssl.key -out no.pwd.key

   You will be prompted to enter the password for the Private Key.

   Create the .pem file :

   # cat no.pwd.key certificate.crt > ssl.pem

3. Configuring the Lighttpd.conf

   # nano /etc/lighttpd/lighttpd.conf

   Add config section :

   $SERVER["socket"] == "vps.ip.address:443" {
   ssl.engine = "enable"
   ssl.pemfile = "/etc/lighttpd/ssl/ssl.pem"
   ssl.ca-file = "/etc/lighttpd/ssl/certificate.crt"
   server.name = "www.erawanarifnugroho.com"
   server.document-root = "/var/www/www.erawanarifnugroho.com/"
   server.errorlog = "/var/log/lighttpd/serror.log"
   accesslog.filename = "/var/log/lighttpd/saccess.log"
   # The following code is used to secure the SSL from attack
   ssl.use-sslv2 = "disable"
   ssl.cipher-list = "TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH"

   }

4. Restart the Lighttpd, and all done

   # service lighttpd restart