阿里云服务器搭建gitlab&host漏洞&telnet协议
gitlab搭建
阿里云搭建
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | bash
yum -y install gitlab-ee-14.1.7
gitlab-ctl reconfigure
gitlab-ctl start
gitlab-ctl status
注意:内存大小2核4G
http host头攻击漏洞
修复:cd /var/opt/gitlab/nginx/conf/gitlab-http.conf
if($host != '47.101.164.5' ){
return 403;
}
域名和ip一起
set $a "a";
if ($host = "47.101.164.5"){
set $a "${a}a";
}
if ($host = "ww.com"){
set $a "${a}a";
}
if ($a != "aa"){
return 403;
}
telnet协议
在/etc/services文件中,注释掉 telnet 23/tcp 一行,关闭开机自启
| 使某服务自动启动 | chkconfig --level 3 httpd on | systemctl enable httpd.service |
|---|---|---|
| 使某服务不自动启动 | chkconfig --level 3 httpd off | systemctl disable httpd.service |
| 检查服务状态 | service httpd status | systemctl status httpd.service (服务详细信息) systemctl is-active httpd.service (仅显示是否 Active) |
| 显示所有已启动的服务 | chkconfig --list | systemctl list-units --type=service |
| 启动某服务 | service httpd start | systemctl start httpd.service |
| 停止某服务 | service httpd stop | systemctl stop httpd.service |
| 重启某服务 | service httpd restart | systemctl restart httpd.service |
