Canan

Hi, I'm Canan

Oups ...

Never forget impossible is possible

:(


Your PC ran into a problem and needs to restart.
We're just collecting some error info, and then we'll restart for you.


0% complete



QR Code

For more information about this issue and possible fixes, visit
https://www.windows.com/stopcode

If you call a support person, give them this info:
Stop code: SYSTEM_SERVICE_EXCEPTION

First installation

First installation

Ubuntu




Steps

  1. Ensure your system is up to date
  2. apt-get update && apt-get upgrade -y
  3. Installation useful packets
  4. sudo apt-get -y install dos2unix
  5. sudo apt-get -y install zip unzip
  6. sudo apt install nano
  7. sudo apt install bash-completion
  8. sudo apt-get -y install mlocate & sudo updatedb
  9. > In Nano: Use CTRL+K to delete the full line / CTRL-X to exit
  10. Secure your server
  11. apt-get -y install fail2ban
  12. Update "/etc/fail2ban/jail.conf" file (if you have [ssh] inside)
  13. > Add or Edit (not remove !) to have following lines:
  14. [DEFAULT]
  15. ignoreip = 127.0.0.1/8 __YOUR_IP__
  16. bantime = 600
  17. maxretry = 5
  18. > Force reload it with:
  19. sudo systemctl restart fail2ban
  20. > Check which IP try and fail with:
  21. awk '($(NF-1) = /Ban/){print $NF}' /var/log/fail2ban.log | sort | uniq -c | sort -n
  22. > Secure shared memory
  23. sudo nano /etc/fstab
  24. > Add or Edit (not remove !) to have following lines:
  25. tmpfs /dev/shm tmpfs defaults,noexec,nosuid 0 0
  26. > Harden network with sysctl settings
  27. sudo nano /etc/sysctl.conf
  28. > Add or Edit (not remove !) to have following lines:
  29. # IP Spoofing protection
  30. net.ipv4.conf.all.rp_filter = 1
  31. net.ipv4.conf.default.rp_filter = 1
  32. # Ignore ICMP broadcast requests
  33. net.ipv4.icmp_echo_ignore_broadcasts = 1
  34. # Disable source packet routing
  35. net.ipv4.conf.all.accept_source_route = 0
  36. net.ipv6.conf.all.accept_source_route = 0
  37. net.ipv4.conf.default.accept_source_route = 0
  38. net.ipv6.conf.default.accept_source_route = 0
  39. # Ignore send redirects
  40. net.ipv4.conf.all.send_redirects = 0
  41. net.ipv4.conf.default.send_redirects = 0
  42. # Block SYN attacks
  43. net.ipv4.tcp_syncookies = 1
  44. net.ipv4.tcp_max_syn_backlog = 2048
  45. net.ipv4.tcp_synack_retries = 2
  46. net.ipv4.tcp_syn_retries = 5
  47. # Log Martians
  48. net.ipv4.conf.all.log_martians = 1
  49. net.ipv4.icmp_ignore_bogus_error_responses = 1
  50. # Ignore ICMP redirects
  51. net.ipv4.conf.all.accept_redirects = 0
  52. net.ipv6.conf.all.accept_redirects = 0
  53. net.ipv4.conf.default.accept_redirects = 0
  54. net.ipv6.conf.default.accept_redirects = 0
  55. # Ignore Directed pings
  56. net.ipv4.icmp_echo_ignore_all = 1
  57. > Force reload it with:
  58. sudo sysctl -p
  59. > Prevent IP Spoofing
  60. sudo nano /etc/host.conf
  61. > Add or Edit (not remove !) to have following lines:
  62. order bind,hosts
  63. multi on
  64. nospoof on
  65. > Harden PHP for security (if you have PHP installed)
  66. sudo nano /etc/php5/apache2/php.ini
  67. > Add or Edit (not remove !) to have following lines:
  68. disable_functions = exec,system,shell_exec,passthru
  69. register_globals = Off
  70. expose_php = Off
  71. magic_quotes_gpc = On
  72. Custom startup message
  73. sudo apt -y install screenfetch
  74. sudo apt -y install toilet
  75. sudo apt -y install figlet
  76. Upload "clean.sh" and "now.sh" (in /home/Files/) and do "chmod +x clean.sh now.sh" to give it execution right to be able to use it
  77. Upload ".profile" (in /home/Files/) to be able to use it
  78. Update "/home/now.sh" file
  79. > Add or Edit (not remove !) to have following lines:
  80. curl wttr.in/__YOUR_CITY__?0 --silent --max-time 3
  81. Update "~/.bashrc" file
  82. > Add or Edit (not remove !) to have following lines:
  83. source /home/Files/.profile
  84. > Force reload it with:
  85. source ~/.bashrc
  86. Apache2
  87. apt-get install -y apache2 apache2-utils
  88. Update "/etc/apache2/conf-available/security.conf" file
  89. > Add or Edit (not remove !) to have following lines:
  90. ServerTokens Prod
  91. ServerSignature Off
  92. > Activate module
  93. sudo rewrite
  94. > Force reload it with:
  95. service apache2 restart
  96. > You can edit /etc/apache2/apache2.conf to add your custom directory rules, like:
  97. <Directory /home/canan>
  98. Options -Indexes
  99. AllowOverride All
  100. Require all granted
  101. </Directory>
  102. Do not forget to empty (or put your site) in /var/www/html/ folder
  103. PHP (if needed)
  104. sudo apt-get install -y php libapache2-mod-php php-gd
  105. If you want to test it, simply create a test file, then go on it, finally delete it
  106. Update "/var/www/html/test.php" file (change by yours)
  107. > Add to have following lines:
  108. <?php
  109. phpinfo();
  110. ?>
  111. > Force reload it with:
  112. service apache2 restart
  113. Go to http://__YOUR_IP__/test.php
  114. Crontab
  115. crontab -e
  116. > Add or Edit (not remove !) to have following lines :
  117. 10 5 * * MON apt-get -y autoclean; apt-get -y autoremove; apt-get -y clean;
  118. 20 5 * * MON dpkg --purge $(COLUMNS=200 dpkg -l | grep "^rc" | tr -s ' ' | cut -d ' ' -f 2);
  119. 30 5 * * MON rm -fr /var/log/syslog.*; rm -fr /var/log/auth.log.*;
  120. 40 5 * * MON apt-get -y update; apt-get -y upgrade