Stats and security

While developing this blog, I’ve been working on the background on security and other curiosities. I wanted to use a log processor to look at where some of the hits on this site were coming from, so of course I turned to AWstats. I also wanted to make this viewable by myself, and didn’t want another password to either type in or store. There were great instructions available for basic installation, but I had to look a little harder for secuirity. I only really want to view the stats from home, and luckily I have a fixed IP address. This is certainly a lazy way to do security, and I haven’t yet pushed it to be SSL-only, but to bolt down the AWstats pages by IP address all that was required in the Apache2 conf file was:

[sourcecode language=”xml”]
Alias /awstatsclasses "/usr/share/awstats/lib/"
Alias /awstats-icon/ "/usr/share/awstats/icon/"
Alias /awstatscss "/usr/share/doc/awstats/examples/css"
ScriptAlias /awstats/ /usr/lib/cgi-bin/
<Location /awstats>
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order Deny,Allow
Deny from all
Allow from 1.2.3.4
Allow from 127
</Location>
[/sourcecode]

Where of course the 1.2.3.4 is replaced with your desired access address – IP address or DNS address

In other security related news, somebody else ran a script against this site but at least it was a better attempt. They looked for 151 vulnerabilities in a single sitting rather than the 6 the last guys did. There’s been some other feeble one or two since then, but it’s nice to be tested thoroughly.

Newsflash: I’ve now had my first spam comment submitted. Hooray!

Leave a Reply

Your email address will not be published.