Buy @ Amazon

Search This Blog

July 21, 2021

Blacklisting IP Addresses in Apache 2 Web Server

Operating System : Ubuntu

Web Server : Apache 2.4.48

Objective : Blacklist IP Addresses to block it accessing the web application

Steps To Finish Line: 

Step 1: Enable rewrite apache module by executing `a2enmod rewrite` in your bash terminal. Read a2enmod command as "Apache2 Enable Module". Its complementary command to disable an apache module is a2dismod. Putting it here, just in case you want to rollback your changes for whatever reason it be.

Step 2: Edit the Apache configuration file for the default website by executing `vi /etc/apache2/sites-enabled/000-default.conf` in your bash terminal to add the lines below:

so that the configuration file looks like below:

Step 3: Now create a file to hold black listed IP Addresses by executing command `vi /etc/apache2/blacklist` in your bash terminal and add your IP Addresses to be black listed like below in the file opened for editing in the previous step:

Step 4: You may have to change the blacklist file's ownership by executing the command in your bash terminal:

Step 5: Last step to reach the finishing line. Restart the apache2 web server with `sudo service apache2 restart` command in your bash terminal and check for its status by executing, `sudo service apache2 status` to see if it is running again.

July 19, 2021

Configuring Google Ops Agent for Monitoring Apache 2 Web Server in Ubuntu VM

Google Cloud released Ops Agent as GA in Jan 2021. The Ops Agent collects logs and metrics on Compute Engine instances, sending your logs to Cloud Logging and your metrics to Cloud Monitoring.

I performed the following steps to get this working in the Ubuntu VM in my Google Cloud account.

Step 1 : Install the latest version of the agent per the docs

Step 2 : Create and edit `/etc/google-cloud-ops-agent/config.yaml` which is a user-specified configuration that will over-ride built-in configuration for same keys and merge with built-in configuration for different keys. This config file should have the content below:

Step 3 : Restart the agent for the custom configuration to above to take effect. You can restart the agent by executing `sudo service google-cloud-ops-agent restart` in your bash terminal. You can list the available versions of the agent with `sudo apt-cache madison google-cloud-ops-agent`.

Step 4 : To ensure that the agent is ingesting the custom log path, (in our case apache's logs), exec `cat /var/log/google-cloud-ops-agent/subagents/*.log | grep apache` in your bash terminal to see if it shows any output.