{"id":82,"date":"2011-09-25T15:30:18","date_gmt":"2011-09-25T05:30:18","guid":{"rendered":"http:\/\/sijnstra.name\/blog\/?p=82"},"modified":"2011-09-25T15:30:18","modified_gmt":"2011-09-25T05:30:18","slug":"stats-and-security","status":"publish","type":"post","link":"http:\/\/sijnstra.name\/blog\/2011\/09\/25\/stats-and-security\/","title":{"rendered":"Stats and security"},"content":{"rendered":"

While developing this blog, I’ve been working on the background on security and other curiosities. I wanted to use a log processor to look at where some of the hits on this site were coming from, so of course I turned to AWstats<\/a>. I also wanted to make this viewable by myself, and didn’t want another password to either type in or store. There were great instructions available for basic installation<\/a>, but I had to look a little harder for secuirity. I only really want to view the stats from home, and luckily I have a fixed IP address. This is certainly a lazy way to do security, and I haven’t yet pushed it to be SSL-only, but to bolt down the AWstats pages by IP address all that was required in the Apache2 conf file was:<\/p>\n

[sourcecode language=”xml”]
\n Alias \/awstatsclasses "\/usr\/share\/awstats\/lib\/"
\n Alias \/awstats-icon\/ "\/usr\/share\/awstats\/icon\/"
\n Alias \/awstatscss "\/usr\/share\/doc\/awstats\/examples\/css"
\n ScriptAlias \/awstats\/ \/usr\/lib\/cgi-bin\/
\n<Location \/awstats>
\n Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
\n Order Deny,Allow
\n Deny from all
\n Allow from 1.2.3.4
\n Allow from 127
\n<\/Location>
\n[\/sourcecode]<\/p>\n

Where of course the 1.2.3.4 is replaced with your desired access address – IP address or DNS address<\/p>\n

In other security related news, somebody else ran a script against this site but at least it was a better attempt. They looked for 151 vulnerabilities in a single sitting rather than the 6 the last guys did. There’s been some other feeble one or two since then, but it’s nice to be tested thoroughly.<\/p>\n

Newsflash: I’ve now had my first spam comment submitted. Hooray!<\/p>\n","protected":false},"excerpt":{"rendered":"

While developing this blog, I’ve been working on the background on security and other curiosities. I wanted to use a log processor to look at where some of the hits on this site were coming from, so of course I turned to AWstats. I also wanted to make this viewable by myself, and didn’t want … <\/p>\n

Continue reading “Stats and security”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[8,10],"_links":{"self":[{"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/posts\/82"}],"collection":[{"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/comments?post=82"}],"version-history":[{"count":0,"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/posts\/82\/revisions"}],"wp:attachment":[{"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/media?parent=82"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/categories?post=82"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/sijnstra.name\/blog\/wp-json\/wp\/v2\/tags?post=82"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}