SVN (Subversion) Commands

subversion by apache

What is SVN (Subversion)?

Apache Subversion (often abbreviated SVN, after the command name svn) is a software versioning and revision control system distributed under an open source license. Developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS).

The open source community has used Subversion widely: for example in projects such as Apache Software Foundation, Free Pascal, FreeBSD, GCC, Mono and SourceForge. Google Code also provides Subversion hosting for their open source projects. BountySource systems use it exclusively. CodePlex offers access to Subversion as well as to other types of clients.

The corporate world has also started to adopt Subversion. A 2007 report by Forrester Research recognized Subversion as the sole leader in the Standalone Software Configuration Management (SCM) category and as a strong performer in the Software Configuration and Change Management (SCCM) category.[1]

Subversion was created by CollabNet Inc. in 2000 and is now a top-level Apache project being built and used by a global community of contributors.

Some of the commands frequently used related to SVN is listed below.

* Create Svn Repository

Syntax: svnadmin create <svn data directory><$repository_name>


  $ svnadmin create /var/www/svn/repotest

-Command to create a repository using the default configuration.

$ chown apache.apache /var/www/svn/repotest 

- Command to use after creating the repository to assign ownership of the repository root directory to apache.


Syntax: svnadmin create –fs-type fsfs <svn data directory><$repository_name>

  $ svnadmin create --fs-type fsfs /var/www/svn/repotest

-Command to create a repository using specifying the repository type.

$ chown apache.apache /var/www/svn/repotest 

- Command to use after creating the repository to assign ownership of the repository root directory to apache.

  * Initially input repo data to repository

$ svn import -m "Initial import." /var/www/svn/repotest/ file:///var/www/svn/myrepo

- where /var/www/svn/repotest is the root directory of the repository and file:///var/www/svn/repotest will be the online repository directory

  * list and view contents of a repo in tree view

Syntax: svnlook tree <repository absolute path>

  $ svnlook tree /var/www/svn/repotest/ 

  * View SVN Information

$ svn info

  * List down all repo

$ svn st

  * Add to svn a file or folder

$ svn add <file>

  * Create a Directory for svn

$ svn mkdir <directory>

 * Log svn

$ svn log

  *To revert to original file

$  svn revert <path>

  - revert a whole directory of files, use the --depth=infinity option:

$ svn revert --depth=infinity <path>


  *Delete a file or directory from svn

$ svn delete <directory>

  *Commit all changes made to file (Note: must be inside the repository path

$ svn ci -m "adding directories"

- Where ci is the commit command and -m is the parameter for the additional message and “adding directories” would be the notes included for the commit .

If you want to use a file that’s under version control for your commit message with --file, you need to pass the --force-log s witch:

$ svn commit --file file_under_vc.txt foo.c
svn: The log message file is under version control
svn: Log message file is a versioned file; use '--force-log' to override

$ svn commit --force-log --file file_under_vc.txt foo.c
Sending        foo.c
Transmitting file data .
Committed revision 6.

  *Checkout contents of Repository/get files and details

Syntax: svn co <repository_site> <path>

$ svn co  /var/www/svn/repotest/ 

For more commands on SVN Click here.

Happy versioning.

How to set-up Mail server in Linux using Postfix with SquirrelMail as web-based client

Visit reference site for more info:


   Figure 1:  Shows an example of a web based mail client using squirrel mail.

The following are the step-by-step instructions on how to Install and Configure a mail server with squirrel mail as a Client tool

1. Postfix SMTP Server Setup Howto for RHEL/CentOS 5

Reference site:

Installing and setting up Postfix SMTP Server in Red Hat Enterprise Linux 5 or CentOS 5 is easy. Postfix has secure default settings so we just need to open it up a bit.

Install Postfix

# yum install postfix

Stop sendmail service if its already running to avoid conflict with postfix.

#/etc/init.d/sendmail stop

Configure Postfix

  1. Open a terminal and configure postfix by typing the following command.

#vi /etc/postfix/

Make sure to add/uncomment(if the lines are existing) the following lines.

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

home_mailbox = Maildir/

In, lines starting with # are comments. Save the file after completing your changes.

Make sure that all mail_spool_directory lines are commented out. Otherwise, it will override the setting in the home_mailbox line above.

  1. Restart the postfix service.

#/etc/init.d/postfix restart

Test Postfix

  1. Open a terminal and type the following commands.

Sample postfix session. Replace johndoe with any valid user account. The dot after the line test is a command that should be typed in.

[root@mail ~]# telnet localhost smtp


Connected to localhost.localdomain (

Escape character is ‘^]’.

220 mail.acme.local ESMTP Postfix

ehlo localhost



250-SIZE 10240000





250 DSN

mail from:<johndoe>

250 2.1.0 Ok

rcpt to:<johndoe>

250 2.1.5 Ok


354 End data with <CR><LF>.<CR><LF>



250 2.0.0 Ok: queued as 9729067C17


221 2.0.0 Bye

Connection closed by foreign host.

[root@mail ~]#


To check if the mail indeed exists

[root@mail ~]# cd /home/johndoe/Maildir/new

[root@mail new]# ls


[root@mail new]# cat 1185669817.Vfd00I18012M795756.mail.acme.local

Don’t worry, you don’t have to type in the whole filename above. Just type in the first few characters say 118 then press Tab to activate automatic completion.

From johndoe@mail.acme.local  Thu Feb 22 21:48:28 2007

Return-Path: <johndoe@mail.acme.local>

X-Original-To: johndoe

Delivered-To: johndoe@mail.acme.local

Received: from localhost.localdomain (localhost.localdomain [])

        by mail.acme.local (Postfix) with SMTP id 9729067C17

        for <johndoe>; Thu, 22 Feb 2007 21:48:26 -0500 (EST)

Message-Id: <20070222134827.9729067C17@mail.acme.local>

Date: Thu, 22 Feb 2007 21:48:26 -0500 (EST)

From: johndoe@mail.acme.local

To: undisclosed-recipients:;




[root@mail mail]#

If you encounter any problems, check the log file at /var/log/maillog.

Review your Postfix aliases configuration file. There are some predefined email aliases that might conflict with your existing mail accounts like sales, marketing, info, etc.


2. Dovecot POP3/IMAP Server Setup Howto for RHEL/CentOS 5

Reference site:

Installing and setting up Dovecot in Red Hat Enterprise Linux 5 or CentOS 5 is easy. All we have to do is to enable the services we would like to provide and we are good to go.

Install Dovecot

# yum install dovecot

Configure Dovecot

  1. Edit the configuration file of dovecot

# vi /etc/dovecot.conf

Make sure to add/uncomment(if existing) the lines below.


protocols = pop3 pop3s imap imaps

mail_location = maildir:~/Maildir/

pop3_uidl_format = %08Xu%08Xv

imap_client_workarounds = delay-newmail outlook-idle netscape-eoh

pop3_client_workarounds = outlook-no-nuls oe-ns-eoh

For 64-bit users: Add the line login_process_size = 64 in the file /etc/dovecot.conf.

Lines starting with # are comments. The last two line enables workarounds for various client bugs. Save the file after completing your changes.

  1. Start the dovecot service

# /etc/init.d/dovecot start

Test Dovecot

  1. 1.       Open a terminal. In the Terminal window, type in the highlighted commands below.

Sample dovecot session. Replace johndoe and password with any valid user name and password.

[root@mail ~]# telnet localhost pop3

+OK dovecot ready.

user johndoe


pass password

+OK Logged in.


+OK 1 messages:

1 622


retr 1

+OK 622 octets

Return-Path: <johndoe@mail.acme.local>

X-Original-To: johndoe

Delivered-To: johndoe@mail.acme.local

Received: from localhost.localdomain (localhost.localdomain [])

        by mail.acme.local (Postfix) with SMTP id 9729067C17

        for <johndoe>; Thu, 22 Feb 2007 09:06:37 -0500 (EST)

Message-Id: <20070222140640.9729067C17@mail.acme.local>

Date: Thu, 22 Feb 2007 09:06:37 -0500 (EST)

From: johndoe@mail.acme.local

To: undisclosed-recipients:;

X-IMAPbase: 1172153557 1

Status: O

X-UID: 1

Content-Length: 5







+OK Logging out.

Connection closed by foreign host.

[root@mail ~]#

3. Postfix SMTP Authentication and Dovecot SASL

SMTP Authentication (SMTP Auth) provides an access control mechanism that can be used to allow legitimate users to relay mail while denying relay service to unauthorized users, such as spammers.

Thanks to the new SASL support in Dovecot 1.0 and the new Dovecot SASL support in Postfix 2.3, setting up SMTP authentication is now easier. Instead of setting up two separate authentication for Postfix and Dovecot, we can now just setup the authentication in Dovecot and just let Postfix talk to Dovecot.

Configure Postfix and Dovecot

1. Edit the file /etc/dovecot.conf and make sure your auth default section has the lines below.

auth default {

  socket listen {

    client {

          path = /var/spool/postfix/private/auth

          mode = 0660

          user = postfix

          group = postfix



  mechanisms = plain login



2. Edit /etc/postfix/, find the keys below and change its values as follows or add it at the bottom of the file if the key (the word before the = sign) cannot be found.

mynetworks =

smtpd_sasl_type = dovecot

smtpd_sasl_path = private/auth

smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions =  permit_mynetworks,

    permit_sasl_authenticated, reject_unauth_destination

broken_sasl_auth_clients = yes


The first line says trust only localhost, meaning only localhost can send email outside the network (relay). The last line is there to support old clients like Microsoft Outlook Express 4.0 and Microsoft Exchange 5.0 just in case someone is still using it.


Lines starting with # are comments. Save the file after completing your changes.


3. Restart the Dovecot and Postfix service. But if you installed MailScanner, restart MailScanner instead of Postfix.


Test Postfix

In a Terminal window, type in the highlighted commands below.

Sample postfix session

[root@mail ~]# telnet mail smtp

Replace mail with the name of your server. We should not use localhost since localhost is a trusted client ip address. And make sure the domain name you specified does not resolve to which is the IP address of localhost.


Connected to mail.acme.local (

Escape character is ‘^]’.

220 mail.acme.local ESMTP Postfix

ehlo localhost



250-SIZE 10240000







250 DSN

Note the new 250-AUTH lines. See the old SMTP Telnet Test.

mail from:<johndoe>

250 2.1.0 Ok

rcpt to:<>

554 5.7.1 <>: Relay access denied

It works, now to check if we can send it after authenticating.

auth plain AGpvaG5kb2UAcGFzc3dvcmQ=

235 2.0.0 Authentication successful

rcpt to:<>

250 2.1.5 Ok


221 2.0.0 Bye

Connection closed by foreign host.

[root@mail ~]#

You can send to email addresses belonging to your domain without authentication. This is normal as it enables you to receive mail from the outside.

The gibberish text after AUTH PLAIN is the base64 encoded value of the user name johndoe and password password. You can generate your own base64 text using the form below.

Top of Form

User Name:


Bottom of Form

If you encounter any problems, check the log file at /var/log/maillog.

4. SquirrelMail Webmail Setup Howto for RHEL/CentOS 5



SquirrelMail is an open source standards-based webmail package written in PHP. When installed, SquirrelMail is ready out of the box. All it needs is an installed web server like Apache, SMTP server like Postfix, and IMAP server like Dovecot.

Here are the installation guides for Postfix and Dovecot.

Installing Web server

#yum install httpd

Starting the Web Server(make sure its running)

#/etc/init.d/httpd start

Installing Squirrelmail

#yum install squirrelmail

Configuring SquirrelMail

1. From a Terminal window, type in /usr/share/squirrelmail/config/ and press Enter. This will launch the SquirrelMail Configuration utility.

If your Terminal window has a white background, make sure that the colors are off by looking for the command Turn color on. If the command is Turn color off, type in C and press Enter to turn the colors off. This will ensure that you will be able to read all of the text.

2. Type in 2 and press Enter to select the Server Settings menu.

3. Type in 1 and press Enter to select the Domain menu. Type in your domain name and press Enter. Save your changes when you are done.

I recommend installing the Retrieve User Data plugin so the user’s name will appear whenever he or she sends an email in SquirrelMail.

Testing SquirrelMail

1. Click the globe icon at the top near the System menu to launch the Firefox web browser.


If an error occurs, you probably did not install the Graphical Internet package. You can add it now using the Package Manager tool.

2. In the address box, type in http://localhost/webmail and press Enter. Type in a valid username and password and click Login.

3. That’s it, it’s working.

If you encounter any problems, check the log file at /var/log/maillog.


Relocating SquirrelMail into the domain root

By default, SquirrelMail is located in the /webmail of your domain. If you prefer to access SquirrelMail from the root of your domain, follow the steps below.

1. Create the file /etc/httpd/conf.d/sqroot.conf containing the lines below.

<VirtualHost *:80>

DocumentRoot /usr/share/squirrelmail


If you are using SSL and you want to force users to use SSL, add the Redirect directive inside the VirtualHost section to redirect browsers to the secured version. See the example below.

redirect permanent / https://mail.acme.local

2. Restart the httpd service.

3. Now try browsing http://localhost


Related Pages

How to customize the login page.

How to secure SquirrelMail using SSL.

How to add a password change utility.

How to add Active Directory/LDAP into the SquirrelMail Addressbook.

5. MailScanner, Postfix, ClamAV and SpamAssassin Setup Howto for RHEL/CentOS 5



This page will guide you in configuring MailScanner, ClamAV and SpamAssassin to work in Postfix. Before proceeding, please make sure that all of the above components are already installed.

SpamAssassin is included in Red Hat Enterprise Linux 5 and CentOS 5 and it’s ready to go out of the box. Just add it using the Package Manager tool if you haven’t done so during installation.

Configuring MailScanner

1. Edit the file /etc/MailScanner/MailScanner.conf

Find the following keys and change the values as follows

%org-name% = your organization name

%org-long-name% = your full organization name

Run As User = postfix

Run As Group = postfix

Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/postfix/incoming

Incoming Work Group = clamav

Incoming Work Permissions = 0640

MTA = postfix

Virus Scanners = clamd

Clamd Socket = /var/run/clamav/clamd.sock

Use SpamAssassin = yes

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin


2.Go to the directory of mailspool for mailscanner

#cd /var/spool/MailScanner

  1. Create  spamassassin folder

#mkdir –p spamassassin

  1. 4.       Change user and group owners of the folders inside /var/spool/MailScanner

#chown postfix incoming; chgroup clamav incoming;chmod ug+rwx  incoming

# chown postfix spamassassin; chgroup clamav spamassassin;chmod ug+rwx spamassassin

# chown postfix quarantine; chgroup clamav quarantinen;chmod ug+rwx quarantine


5.       From a terminal window, type in

#ln -s /usr/bin/freshclam /usr/local/bin/freshclam


MailScanner will be looking for freshclam in the /usr/local/bin directory so we’ll create a symbolic link to it in that directory.

Integrating MailScanner into Postfix

1. Edit the file /etc/postfix/ and remove the # in front of the line below

header_checks = regexp:/etc/postfix/header_checks

2. Edit the file /etc/postfix/header_checks and add the line below to the bottom of the file

/^Received:/ HOLD

This will now place all incoming mail into the holding area until released by MailScanner.

3. MailScanner should now be the one to start the Postfix service. Stop the Postfix service and start the Clamd and MailScanner service in that order. Learn how to stop and start services here.

4. Test if Postfix is still working. See Test Postfix using Telnet.

If you encounter any problems, check the log file at /var/log/maillog.


Congratulations, your mails are now checked for spam and viruses. Each mail you send or receive will now contain the lines below to indicate that MailScanner is doing its job.

This message has been scanned for viruses and

dangerous content by MailScanner, and is

believed to be clean.

The English language message templates used in MailScanner is stored in /etc/MailScanner/reports/en and can even be configured to add a disclaimer message to outgoing mails.


A.  Install spamassassin

[root@localhost ~]#  yum -y install spamassassin

B.  Edit /etc/MailScanner/spam.assassin.prefs.conf


#bayes_path /etc/MailScanner/bayes/bayes

# bayes_file_mode 0770


bayes_path /var/spool/MailScanner/spamassassin/

bayes_file_mode 0770

And modify the directory permissions:

[root@localhost ~]# chown postfix:apache /var/spool/MailScanner/spamassassin/

[root@localhost ~]# chown postfix:apache /var/spool/MailScanner/spamassassin/bayes_*

[root@localhost ~]# chmod g+rws /var/spool/MailScanner/spamassassin/

[root@localhost ~]# chmod g+rw /var/spool/MailScanner/spamassassin/bayes_*

[root@localhost ~]# spamassassin -D -p /etc/MailScanner/spam.assassin.prefs.conf –lint

You should see lines like the following in the output:

dbg: config: using “/etc/MailScanner/spam.assassin.prefs.conf” for user prefs file

dbg: bayes: tie-ing to DB file R/O /var/spool/MailScanner/spamassassin/bayes_toks

dbg: bayes: tie-ing to DB file R/O /var/spool/MailScanner/spamassassin/bayes_seen

dbg: bayes: found bayes db version 3

dbg: config: score set 0 chosen.

#starting clam antivirus for Mail


#Testing clam antivirus for Mail


#Updating clam antivirus for Mail


#Check mail scanner if there’s error


#Checking Mailscanner’s settings

MailScanner –lint

#Clam version

clamscan –version

#Starting Spam assassin

/etc/init.d/spamassassin restart

#testing spam assasssin

spamassassin -D -p /etc/MailScanner/spam.assassin.prefs.conf –lint

spamassassin -D /usr/share/doc/spamassassin-3.3.1/sample-spam.txt

#Example spam assassin directory


How-to: Setup a secure web proxy using SSL encryption, Squid Caching Proxy and PAM authentication

I’ve had quite a few folks ask me what’s required to setup PAM with squid and stunnel for secure remote proxy usage, so I’ve drafted this quick guide.

This doc shows the steps needed to setup secure and nearly seamless web browsing (with stunnel, squid and PAM) from potentially untrusted networks such as airports, coffee shops and other hostile environments.

The document assumes a CentOS 4 system as the OS for the actual proxy server, and does not make any assumptions about the client operating system. It also assumes you are able to download and install any of the software mentioned. This is a working document and steps for additional configurations and operating systems will be added as time goes on.




Optional but recommended:

Server setup:

1. Configure the firewall

Ensure /etc/sysconfig/iptables contains a line to allow traffic in to the stunnel service which we will setup later.


-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 8080 -j ACCEPT

2. Configure Squid for use with PAM

These are the settings that will differ from the default. It’s best to search through the file and modify as needed.


auth_param basic program /usr/lib/squid/pam_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 4 hours
acl password proxy_auth REQUIRED
http_access allow password

3. Configure PAM for use with Squid


auth required /lib/security/
account required /lib/security/
This configuration will allow you to authenticate to the proxy with a local account.

4. Configure stunnel for use with Squid

Create the stunnel private key (.pem) and put it in /etc/stunnel. The following FAQ will walk you through this:
If you don’t want to read the FAQ, simply do the following:

# openssl genrsa -out privkey.pem 2048
# openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
# cat privkey.pem cacert.pem >> /etc/stunnel/stunnel.pem

Set the proper permissions on the resulting private key:

# chmod 0400 /etc/stunnel/stunnel.pem

Set the proper ownership of the stunnel chroot dir

# chown nobody.nobody /var/run/stunnel

Edit the stunnel configuration.


cert = /etc/stunnel/stunnel.pem
chroot = /var/run/stunnel/
pid = /
setuid = nobody
setgid = nobody

# Ensure the ‘connect’ line matches your squid port. Default is 3128
accept = 8080
connect =

Client Setup:

1. Configure stunnel

The configuration and installation for stunnel on most operating systems is pretty trivial. Download the appropriate version for your operating system here: stunnel download

Ensure the following is in the stunnel.conf file:

client = yes

accept =
# Replace SERVER with the address of the server setup previously
connect = SERVER:8080

2. Configure web browser

Point your web browser proxy configuration to the local stunnel port as previously configured. This should be, port 8080.

Final steps:

Now that we’re all setup on both the client and server…


Restart the firewall

# service iptables restart

Start stunnel

# stunnel

Start squid

# service squid start


Start stunnel
This will vary based on your operating system.

Test your browsing!

Open the web browser and see what IP you’re coming from with a service similar to

If the IP address shown is that of your server, congrats. Everything works. You may now enjoy web browsing on a hostile network with less risk of sniffing.

Basic stunnel/squid Troubleshooting Based on Web Browser Results

Immediate Blank page – The client’s stunnel is speaking with the server’s stunnel, but the server’s stunnel cannot speak to the server’s squid. Ensure the ports are correctly set within the squid.conf file.

Delayed timeout – The client’s stunnel is unable to speak to the server’s stunnel. Ensure stunnel is running on the remote server and that it is reachable from your client machine.

Connection refused - The web browser is unable to speak to the client’s stunnel. Ensure stunnel is running on the client and has the proper ports configured in both the web server and the stunnel.conf.

The permanent link and title for this page is how to setup a secure web proxy using ssl encryption squid caching proxy and pam authentication

How to install APC (Alternative php cache)

Definition: The Alternative PHP Cache (APC) is a free and open opcode cache for PHP. Its goal is to provide a free, open, and robust framework for caching and optimizing PHP intermediate code.

I am posting a quick step-by-step guide to install APC on servers (dedicated or VPS) with cpanel/whm working. This is for those who have a hard time installing apc.

First login as a root to your server/vps and make a directory to work with this plugin,

#mkdir /home/APC-php

#cd /home/APC-php

now here we will first download the APC with following command


you can check for the latest version

now you can use gzip and tar separately or tar -xzvf to unzip this file

#tar -xzvf APC-3.0.14.tgz

now you will have a APC-3.0.14 folder.

#cd APC-3.0.14

now you have to make php configuration files by following command


after this use following three commands

# ./configure –enable-apc –enable-apc-mmap –with-apxs –with-php-config=/usr/bin/php-config

*if you do not know the php path then execute ( which php ) command it will display the path. on a typical cpanel vps it could be /usr/bin/php-config or /usr/local/bin/php-config but you better check it before executing the above command)


#make test

#make install

NOTE: if you are using suPHP then skip –with-apxs

*one more thing, if you use

#make test

command it shows 3 tests failed then do not worry, it showed at least to me but worked with the final steps.

the (make install) command will return the module path, note down that with you as you will have to feed it in the php.ini file in the next step.

check your php.ini location by

#php -i | grep php.ini

then open it with your favorite editor. mine was at

#vi /usr/local/lib/php.ini

and go to the last line and paste the following


now there is a catch in it, if you have other modules installed and their extension directory is different than the one MAKE INSTALL showed for APC so you have to move your to that directory so that all modules are in the same directory. in my case my APC directory was


but i moved from this location to my other location where my other files were.

you can check that path in php.ini sectiion of

extension_dir = “”

after this restart your apache, for different servers it may vary mine worked with

#service httpd restart

CentOS 5.2 ModSecurity Installation

CentOS 5.2 ModSecurity Installation

While this guide is CentOS specific, it contains enough detail to be adaptable to most other distributions.

ModSecurity is essentially a firewall for Apache, it checks all traffic against a set of rules which detect and prevent potentially malicious activity. There are three parts to this ModSec installation.

1. ModSecurity
2. mlogc
3. ModSecurity Console

Modsecurity is the ‘firewall’, mlogc is responsible for sending logs to the management console.

The console can be downloaded from, I used the Windows version for simplicity. Each console installation can support multiple sensors (ModSec installations), so it provides centralised monitoring. The console installation isn’t covered here, theres nothing to it – download, install, create sensors – done. Just make sure to install a valid license (free ones which support upto 3 sensors are currently available from

Versions used:

Apache: 2.2.3
ModSecurity: 2.5.7

Install Dependencies:

yum install httpd-devel libxml2 libxml2-devel curl-devel pcre-devel gcc-c++

note: curl-devel is only required for mlogc

Download and Installation


or, get the latest from

Stop Apache

service httpd stop

Untar it and install:

tar -xvzf modsecurity-apache_2.5.7.tar.gz

cd modsecurity-apache_2.5.7/apache2/

make mlogc
make install


Configure mlogc:

Copy the binary from mlogc-src/ to /usr/local/bin/

cp mlogc-src/mlogc /usr/local/bin/

Copy the default config to /etc/

cp mlogc-src/mlogc-default.conf /etc/mlogc.conf

Edit the configuration file: /etc/mlogc.conf:

Change the following:

ConsoleURI https://CONSOLE_IP_ADDRESS:8886/rpc/auditLogReceiver

SensorUsername “SENSOR_USERNAME”
SensorPassword “SENSOR_PASSWORD”

The above values need to reflect the Console installation and sensor configuration, also ensure the port is correct, it should be either 8886 or 8888. Save and exit

Configure ModSecurity:

Edit httpd.conf and add the following

# ModSecurity

Include conf/modsecurity/*.conf
LoadFile /usr/lib/
LoadModule unique_id_module modules/
LoadModule security2_module modules/

Still in the httpd.conf, go down to the main server configuration section and add:

# ModSecurity Configuration

# Turn the filtering engine On or Off
SecFilterEngine On

# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On

# Unicode encoding check
SecFilterCheckUnicodeEncoding Off

# Only allow bytes from this range
SecFilterForceByteRange 0 255

# Only log suspicious requests
SecAuditEngine RelevantOnly

# Debug level set to a minimum
SecFilterDebugLog logs/modsec_debug_log
SecFilterDebugLevel 0

# Should mod_security inspect POST payloads
SecFilterScanPOST On

# By default log and deny suspicious requests
# with HTTP status 500
SecFilterDefaultAction “deny,log,status:500″

# Use ReleventOnly auditing
SecAuditEngine RelevantOnly

# Must use concurrent logging
SecAuditLogType Concurrent

# Send all audit log parts
SecAuditLogParts ABIDEFGHZ

# Use the same /CollectorRoot/LogStorageDir as in mlogc.conf
SecAuditLogStorageDir /var/log/mlogc/data

# Pipe audit log to mlogc with your configuration
SecAuditLog “|/usr/local/bin/mlogc /etc/mlogc.conf”

Save and Exit.

Copy rules to Apache directory

mkdir /etc/httpd/conf/modsecurity

from the rules direcotry:

cp *.conf /etc/httpd/conf/modsecurity

make necessary changes to modsecurity_crs_10_config.conf (mainly the logging section – use values from httpd.conf)

# Log files structure

SecAuditLogType Concurrent
SecAuditLog “|/usr/local/bin/mlogc /etc/mlogc.conf”
SecAuditLogStorageDir /var/log/mlogc/data

SecAuditLogParts “ABIDEFGHZ”

Create mlogc logs direcotry and configure permissions

mkdir /var/log/mlogc
mkdir /var/log/mlogc/data

chown :apache /var/log/mlogc
chown :apache /var/log/mlogc/data

chmod g+w /var/log/mlogc
chmod g+w /var/log/mlogc/data

Restart Apache

service httpd start

Confirm ModSecurity is running:

tail /var/log/httpd/error_log

[Wed Oct 22 21:37:45 2008] [notice] ModSecurity for Apache/2.5.7 ( configured.
[Wed Oct 22 21:37:45 2008] [notice] Digest: generating secret for digest authentication …
[Wed Oct 22 21:37:45 2008] [notice] Digest: done
[Wed Oct 22 21:37:46 2008] [notice] Apache/2.2.3 (CentOS) configured — resuming normal operations

Done! Generate some suspicous traffic (ie. run an nmap scan against port 80) and check the console for alerts.

Files to check if things don’t work:


How to install json module of php in linux box


JSON, or JavaScript Object Notation, has been getting a large amount of attention recently in the IT world. This is mostly powered by its extremely lightweight implementation, its common usage in API responses, and its already native support in JavaScript. JSON isn’t simply a way to code objects in JavaScript, but it is the actual form that a JavaScript engine will map the object to in memory. In short, it is an extremely fast and powerful way of transporting data between two interfaces.


If you are encountering any weird stuff with your PHP-JSON module installation, you might want to reinstall JSON using this link, this might get rid of the bug that is pestering you and your application.

First, uninstall any previous JSON installation you have so as not to conflict with the new one. To make sure you got the old JSON out, check your list of PHP modules by running:

php -m

JSON should not be listed and make sure you do not see any errors either. Doing this will prevent further headaches, trust me.

Perform the following steps to install the bug-free version of JSON from source:

1. Download the JSON source from here. You can use wget to download the source if you are using CLI


2. Uncompress the archive and change directory.

tar jxf php-json-ext-1.2.1.tar.bz2
cd php-json-ext-1.2.1

3. Run phpize. Make sure that phpize is installed before proceeding to this step. phpize is included in the php-devel package.


4. Configure, make and make install

make install

JSON is now installed, but make sure that is loaded in your php.ini file.

1. Open php.ini file. If you are unsure about the location of your php.ini file, run

php -i | grep php.ini

You should see something like this:

Loaded Configuration File => /etc/php.ini

2. Add this at the last line of the configuration file:

3. You might want to restart Apache to make sure everything is still working.

To check if JSON is loaded as module, run php -m again, make sure JSON is in the list.

Now, to test JSON, open an editor and copy these lines:

Save the file (json-test.php is the filename in this case).

Execute the file by running php json-test.php

The result should be 12121211212121