Build a secure E-Commerce server

xiaoxiao2021-03-06  110

Build a secure E-Commerce server

Creation time: 2001-06-01

Article properties: reprint

Article Source:

http://sinbad.dhs.org

Article submission:

Quack (QUACK_AT_XFOCUS.ORG)

By sinbad

May 25, 2001

http://sinbad.dhs.org

One. BACKGROUND

Internet-based network economy has always attracted people's eye, with the situation of the portal, now emerged

A group of online companies named "e-commerce". In contrast, they are calm and cautious. In enterprise applications,

They are not only satisfied with assisting SMEs Internet access, but more about providing some e-commerce, the main products: CRM, ERP

, SCM, etc., or provide a dragon service from IDC to ASP.

However, as far as I have experienced, the company that really can bury the product is minimal. First, because of too big investment, two

It is because it is difficult to find a suitable market positioning. Doing the plan and integration, nothing more than Dongzhu, confusing the primary customer, completely

Have your own things. Then, in addition to making some website construction and application projects, e-commerce companies have any profit points.

? I have seen, because the domestic e-commerce environment is still immature, there is no complete credit system and payment method, in this

On the basis, many e-commerce activities are difficult to carry out. There are also many customers' concerns, only from safety, such as

You do ASP (Application Service Provider), the customer is difficult to accept a hard drive with others, hand over the data over to you.

Worried; Xin Xi has developed a system, put it online, and it is easy to steal the source code by hackers.

The rack is in an unbearable system, and the hacker tampered with the page and data, it is difficult to rely on the customer, affecting oneself

Self-reputation and further business cooperation.

This reflects the importance of safety. Yes, safety and hacking technology is relatively biased, some people who engage in software development are even

This is the nose, but we can't deny the role of security in e-commerce, do not consider safe and unaffected system

Analyzer to design and develop an e-commerce system, and finally failed to fail.

Safety is a very complex system engineering, from the initial system strategy, to the last system of IMPLEMENT,

Many links. This article only introduces the construction of an E-Commerce server, which will be placed on the Internet.

The e-commerce web server that is fully run is not so simple.

two. Apache

Why choose Apache? SMEs are more enjoyable to receive lower system quotes, UNIX's network management can also be from technology

I explain this problem for me. Yes, the Apache has a good sound in the security interface compared to the IIS of the vulnerability.

Reputation, but a default installed Apache is still not enough.

1) Operating system

Although the version of Windows, Linux, BSD families and other operating systems is released, unii is unii

X is the best choice. The first is the convenience of remote management, while SSH provides an encrypted channel for remote management maintenance. At the department

In terms of system, UNIX class systems are easier to optimize configuration.

2) Self-vulnerability

Although apache's kernel does not have much Buffer overflows and Exploits, there is a version before 1.3.19.

MOD_REWRITE vulnerability. It is recommended to install the latest version 1.3.20.

3) External hidden dangers

The content of the current e-commerce website is not static, but dynamically generated, so some modules are required, such as Java (JServ), Perl (MOD_PERL), PHP (MOD_PHP). These modules introduce a security hazard to apache. If w

Apache PHP on the Indows platform exists traversal vulnerability, UNIX platform, some versions of Tomcat Engine (Java

Servlets and JSPs also exist in directory traversal, and even leakage. Vulnerability of JSP source code.

Apache is the same as other software products, there are fewer security issues. We don't laugh at the IIS full of gums,

Apache is holding 100% assured. Under normal circumstances, there are two factors that lead to unsafeness of software: technology and configuration. Such as

There are very good configuration servers, compared to some of the bugs in software, compared to some bugs.

three. SSL

Internet is an open system. Most of the network communications is unsafe, just a postcard in traditional postals.

Mailing, malicious users can steal the content, tampering, and forgery.

SSL,, Secure Socket Layer, is a protocol between work on the network layer and the charter, which is in TCP / IP and HTTP.

An encrypted layer is added, mainly to use the public key system and X.509 digital certificate technology to protect information transmission confidentiality

And integrity, it does not guarantee the unrecobability of information, mainly suitable for information transmission between point-to-peer points, commonly used for web

Server mode.

In e-commerce systems, the most commonly used encryption protocol is SSL and SET. Set is the application layer, while SSL is in the session layer,

For users above the HTTP protocol, encryption is transparent. For comparisons for SSL and SET, please refer to other articles. thing

In fact, the most easy implementation is to use SSL, and new TLS has not been widely used.

four. Apache SSL

Ok, some practices will be given below, describing how to install a secure Apache SSL Server. First, it is necessary to protect

Safety of the network and operating system: The firewall and router are installed and the configuration is correct, the operating system has patted and do

Safe optimization, individual storage of system logs, etc.

The Apache server itself does not support SSL, we have many options that can complete the merge of Apache / SSL: (1) Apache-S

SL plan (

http://www.apache-ssl.org, it integrates Apache Server and SSL; (2) Third Party SSL

Patch, such as Covalent SSL of Covalent NetWorks (

http://www.covalent.com); (3) MOD_SS

L, it is a modular MOD_SSL (

http://www.modssl.org to support SSL; (4) Based on A

Pache and integrates an SSL capability business web server, however, using these commercial web servers is mainly North America, this is because

The algorithm for the public key used there to SSL has patent, such as Redhat Secure Server.

http: // stor

E.Redhat.com/commerce/).

We choose the third method so that we use the latest version of Apache. Go to three sites to download the following software package: Apache:

http://www.apache.org

OpenSSL:

http://www.openssl.org

MOD_SSL:

http://www.modssl.org

Here is the installation steps:

A. ready

Unlock Apache, OpenSSL, and Mod_ssl to / usr / local / src directory.

B. Compile OpenSSL

Switch to the directory /usr/local/src/openssl-0.9.6:

(1) ./ Configure Linux-Elf threads -fpic -prefix = / usr / local / ssl

(2) Make

(3) Make Test

(4) Make Install

C. Configure mod_ssl

Go to Directory /usR/local/src/mod_ssl-2.8.0-1.3.17 Execute the following command:

./configure --with-apache = .. / apache_1.3.17

D. Configuring Apache

Enter the directory /usR/local/src/apache_1.3.17:

1. Export SSL_BASE = .. / OpenSSL-0.9.6

2. ./configure /

--Prefix = / usr / local / apache /

--enable-module = SSL /

--disable-rule = SSL_COMPAT /

--enable-module = REWRITE /

--enable-module = auth-digest / # used MD5 Hashes for http

# Basic Authentication

--enable-module = vhost_alias / # enable Virtual Hosts

--enable-module = log_referer / # enhance logging

--Disable-module = userdir / # not buy in e-Commerce Apps

--Disable-module = autoducturedex / # do not list directories

3. Make

4. make certificate type = dummy

5. make install

6. / src / httpd -l

Now Apache is already installed, you can view the installed modules via httpd -l.

Here are some security settings to check:

SSL:

Open SSL in httpd.conf

Port 80

Listen 80

Listen 443

SSLSessionCache dbm: / usr / local / apache / logs / ssl_scache

SSLSESSIONCACHETIMEOUT 1200

# For increased Performance Use "SSLMutex Sem" instead of the line below

SSLMUTEX FILE: / USR / local / apache / logs / ssl_mutex

SSLLOG / USR / LOCAL / APACHE / LOGS / SSL_ENGINE_LOG

# Change the log level default from "info" to "warn"

SSLLoglevel Warn

SSLOPTIONS OPTRENEGOTIATE

Open the SSL support for the virtual host:

# Within the ...

SSLENGINE ON

# Replace with certificate File Name

SSLCERTIFICATEFILE / USR / local / apache / conf / ssl.

CERT /

# Replace with key file name

SSLKEYFILE /USR /LOCAL/APache/conf/ssl.key/

SSLVERIFYCLIENT NONE

Custom SSL's Log format:

Logformat CLFA "% H% L% U% T /"% r / "%> S% b /% {ssl_protocol} x% {ssl_cipher} x /"% {

SSL_CLIENT_S_DN_CN} X / "" "

Customlog / usr / local / apache / logs / access_log CLFA

Protected directory:

SSLCIPHERSUITE HIGH: Medium

Authtype Digest

Authname "Beta Code Testing"

AuthdigestDomain / TEST /

http://test.my.dom/beta/

AuthdigestFile / usr / local / apache / conf /

DiGest_PW

Require Valid-User

Last file check:

1. The SSL certificate and public key cannot be stored under DocumentRoot;

2. SSL certificate and public key must be owned by root, CHMOD 400 * .CRT;

3. Remove all sample files in / htdocs and / cgi-bin;

4. All files under HTDOCS are owned by Nobody.

If you are not afraid to configure trouble, it is best to put Apache in a chroot environment. :)

For how to generate a certificate request package and to the CA center to sign, please refer to another article. There are also many CA centers in China.

Such as China Telecom E-Commerce Safety Certification Center (

Http://www.sinocol.com/), you can issue a certificate.

Fives. Hardening E-Commerce Server

Although apache installation and configuration is safe, it is unsafe in a weak password or running like Wu-ftpd.

The service Linux is still very easy to be broken. Generally speaking, one web server only needs only SSH- far

Cheng Management. Don't install x-windows, compilers such as GCC should be deleted after the system is stable, so that you can avoid

Free Script-Kiddiez destruction.

At the same time, some package filtration rules (IPFW, IPChains, iptables) should be applied. Here we will discuss linux

Ipchains, assuming the following requirements:

1. Server has two network cards

2. INCOMING is allowed to allow 80 and 443 port data

3. Outgo network card only allows> 1023 port data Outgoing

4. The intranet card only allows the 22, 80, 443 ports of incoming5. The intranet card only allows> 1023 port data Outgoing. The general connection is a database, Oracle is 1524port,

SQL Server is 1443, and SSH can add -P option to specify user ports greater than 1023.

6. Net card allows ICMP response

The order is as follows (Eth0 network card, Eth1 intra network card):

Ipchains -a in-eth0 -p TCP - Dport 80 -J ACCEPT

Ipchains -a in-eth0 -p TCP - Dport 443 -J ACCEPT

Ipchains -a in-eth0 -p udp --dport 53 -j acid

Ipchains -a in-eth0 -j deny

Ipchains -a Out-Eth0 -P TCP - Dport 1024: 65535 -J ACCEPT

ipchains -a out-eth0 -p udp --dport 53 -j accept

Ipchains -a out-eth0 -j deny

Ipchains -a in-eth1 -p TCP - Dport 22 -J ACCEPT

ipchains -a in-eth1 -p tcp --dport 80 -j accept

Ipchains -a in-eth1 -p tcp --dport 443 -j accept

ipchains -a in-eth1 -p udp --dport 53 -j acceptpt

Ipchains -a in-eth1 -p Icmp -j accept

Ipchains -a in-eth1 -j deny

Ipchains -a Out-Eth1 -P TCP - Dport 22 -J ACCEPT

Ipchains -a out-eth1 -p tcp --dport 1024: 65535 -J ACCEPT

Ipchains -a Out-Eth1 -P UDP - Dport 53 -J ACCEPT

Ipchains -a out-eth1 -p ICMP -J ACCEPT

Ipchains -a out-eth1 -j deny

The rest of the work is to recompile the system kernel, disable unwanted modules, which can make some rootkits invalid.

Finally, check the security of the program running on the Web Server, there is a security issue such as buffer overflow.

six. Reference

Improving apache, by Gary Bahadur & Mike Shema

SSL: THEORY AND PRACTICE, ZEUS TECHNOLOGY

LASG, I.E. Linux Administrators Security Guide

(END)

转载请注明原文地址:https://www.9cbs.com/read-124663.html

New Post(0)