Deb 10:
apt-get install qemu-guest-agent openssh-server wget
nano /etc/ssh/sshd_config
apt-get install apt-transport-https lsb-release ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” >> /etc/apt/sources.list
apt-get update
apt-get install php5.6-mysql php5.6-cli php5.6-mbstring
apt-get install apache2
apt-get install apt-get install libapache2-mod-php5.6 fail2ban
apt-get install mariadb-server
mysql_secure_installation
mysql -u root -p
Create a user that can use phpMyAdmin (instead of root):
CREATE USER ‘phpmyadmin’@’%’ IDENTIFIED BY ‘password’;
GRANT ALL PRIVILEGES ON *.* TO ‘phpmyadmin’@’%’ WITH GRANT OPTION;
quit;
nano /etc/mysql/my.cnf
sql_mode = “”
mod-security (apache security):
apt-get install libapache2-mod-security2 git
systemctl restart apache2
cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
nano /etc/modsecurity/modsecurity.conf
SecRuleEngine On
systemctl restart apache2
rm -rf /usr/share/modsecurity-crs
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git /usr/share/modsecurity-crs
nano /etc/apache2/mods-enabled/security2.conf
cp /usr/share/modsecurity-crs/crs-setup.conf.example /usr/share/modsecurity-crs/crs-setup.conf
Add before
IncludeOptional “/usr/share/modsecurity-crs/*.conf
IncludeOptional “/usr/share/modsecurity-crs/rules/*.conf
a2enmod headers
systemctl restart apache2
# remove apache2 headers:
nano /etc/apache2/apache2.conf
add at the end:
ServerTokens Prod
ServerSignature Off