Ku rakibidda Maamulka HestiaCP: Dejinta Amniga ah iyo Otomaatigga ah + Hagaajinta Maareynta Xogta

La cusbooneysiiyay: Luulyo 2026, 4

Tusaha Maqaalka

1 Maxaad u dooran lahayd Maamule halkii aad ka dooran lahayd phpMyAdmin?
2 Tallaabooyinka lagu rakibayo Maamulaha HestiaCP
3 Si toos ah u cusbooneysii faylasha Maamulaha
- 3.1 Cusboonaysii tusaalaha qoraalka
4 Weerar ka dhan ah xoogga ba'an ee Fail2Ban
- 4.1 Habaynta shaandhada
- 4.2 Qaabeynta xabsiga (muddada mamnuucidda oo kordhaysa)
5 Dhammaystir qoraalka dejinta hal-guji
6 Gunaanad: Isu-dheellitirka Badbaadada iyo Hufnaanta

Ugu dambeeyay HestiaCP Tilmaamahan dhammaystiran ee ku saabsan rakibidda Maamulaha waxaa ka mid ah dejinta hal-guji, adkaynta amniga, iyo tallaabooyinka habaynta otomaatiga ah. Waxay ku baraysaa tallaabo-tallaabo sida loo isticmaalo qalabka maaraynta xogta iyo ilaalinta server-kaaga, taasoo sahlaysa kuwa bilawga ah inay si dhakhso ah u bilaabaan oo ay xalliyaan dhibaadaha hawlgalka iyo dayactirka HestiaCP + Adminer.

Haddii aad wali isticmaaleyso qalabka maaraynta xogta adigoon wax ilaalin ah haysan, waxaad furaha u dhiibaysaa tuugada.

Maxaad u dooran lahayd Maamule halkii aad ka dooran lahayd... phpMyAdmin?

Maamuluhu wuxuu ka kooban yahay hal fayl PHP ah oo ka yar 1MB, taasoo ka dhigaysa dejinta mid aad u fudud, dhakhso badan, iyo mid kheyraad hufan.

Marka la barbar dhigo qaab-dhismeedka adag ee phpMyAdmin, Adminer wuxuu ku habboon yahay VPS, mareegaha yaryar, iyo mashaariicda shaqsiyeed.

Tallaabooyinka lagu rakibayo Maamulaha HestiaCP

1. Soo dejiso faylka Maamulaha

Tag Website-ka Rasmiga ah ee Maamulaha Soo dejiso noocii ugu dambeeyay adminer.php.

Faylka ku rar galka bogga internetka ee HestiaCP, tusaale ahaan:

/home/username/web/adminer.domain.com/public_html/adminer.php

2. Samee subdomain oo awood u yeelo SSL.

Ku dar subdomain guddiga HestiaCP adminer.domain.comDaar Aan Qarinno SSL si loo hubiyo gudbinta amniga leh.

3. Deji ilaalinta erayga sirta ah ee Nginx

Ku dar waxyaabaha soo socda faylka qaabeynta Nginx ee subdomain-ka:

location / {
    auth_basic "Restricted Area";
    auth_basic_user_file /etc/nginx/.htpasswd;

    root /home/username/web/adminer.domain.com/public_html;
    index index.php adminer.php;
}

Samee faylka eraygaaga sirta ah:

sudo apt-get install apache2-utils
sudo htpasswd -c /etc/nginx/.htpasswd adminuser

Markaad gasho Maamulaha, sanduuqa wadahadalka erayga sirta ah ayaa soo bixi doona, waxaadna geli kartaa oo keliya adigoo gelinaya magaca isticmaalaha iyo erayga sirta ah ee saxda ah.

Si toos ah u cusbooneysii faylasha Maamulaha

Si looga fogaado khataraha amniga ee la xiriira isticmaalka noocyadii hore, cusbooneysiinta otomaatiga ah waxaa lagu gaari karaa iyadoo la adeegsanayo qoraallada qolofka iyo hawlaha Cron ee la qorsheeyay.

Cusboonaysii tusaalaha qoraalka

#!/bin/bash
URL="https://www.adminer.org/latest.php"
TARGET="/home/username/web/adminer.domain.com/public_html/adminer.php"

wget -q -O "$TARGET" "$URL"
chown username:username "$TARGET"
chmod 644 "$TARGET"

Keydi sida /usr/local/bin/update-adminer.shOo ku dar hawl la qorsheeyay:

crontab -e
0 3 * * 1 /usr/local/bin/update-adminer.sh

Sidan, faylka Maamulaha ayaa si toos ah loo cusbooneysiin doonaa Isniin kasta 3 subaxnimo.

FaiWeerar ka dhan ah xoogga cadaanka ah ee l2Ban

Auth-ka Simple Basic wuxuu u nugul yahay weerarrada xoogga-cad, halka Fail2Ban uu si toos ah u xannibi karo IP-yada xaasidnimada leh.

Habaynta shaandhada

dukumeenti:/etc/fail2ban/filter.d/nginx-adminer.conf

[Definition]
failregex = ^<HOST> - .* "GET /adminer.php HTTP/.*" 401
ignoreregex =

Qaabeynta xabsiga (muddada mamnuucidda oo kordhaysa)

dukumeenti:/etc/fail2ban/jail.local

[nginx-adminer]
enabled  = true
filter   = nginx-adminer
port     = http,https
logpath  = /var/log/nginx/access.log
maxretry = 3
findtime = 600

bantime.increment = true
bantime.rndtime   = 60
bantime.factor    = 2
bantime           = 600

Saameyn: Mamnuucidda koowaad waa 10 daqiiqo, tan labaadna 20 daqiiqo, tan saddexaadna 40 daqiiqo, iwm. Weeraryahannada joogtada ah waa la mamnuuci doonaa muddo sii kordheysa.

Dhammaystir qoraalka dejinta hal-guji

Keydi sida /usr/local/bin/setup-fail2ban-adminer.sh:

#!/bin/bash
FILTER_PATH="/etc/fail2ban/filter.d/nginx-adminer.conf"
JAIL_PATH="/etc/fail2ban/jail.local"

cat > $FILTER_PATH << 'EOF'
[Definition]
failregex = ^<HOST> - .* "GET /adminer.php HTTP/.*" 401
ignoreregex =
EOF

cat >> $JAIL_PATH << 'EOF'

[nginx-adminer]
enabled  = true
filter   = nginx-adminer
port     = http,https
logpath  = /var/log/nginx/access.log
maxretry = 3
findtime = 600

bantime.increment = true
bantime.rndtime   = 60
bantime.factor    = 2
bantime           = 600
EOF

systemctl restart fail2ban
fail2ban-client status nginx-adminer

执行:

sudo chmod +x /usr/local/bin/setup-fail2ban-adminer.sh
sudo /usr/local/bin/setup-fail2ban-adminer.sh

Gunaanad: Isu-dheellitirka Badbaadada iyo Hufnaanta

Waxaan si adag u aaminsanahay in qalabka maaraynta xogta aysan ahayn wax aad si fudud ugu dhaafi karto internetka dadweynaha oo aad ku isticmaali karto xasillooni maskaxeed. Naqshadda fudud ee maamulaha waa mid soo jiidasho leh, laakiin tallaabooyinka amniga waa inay la socdaan. Ilaalinta erayga sirta ah waa safka ugu horreeya ee difaaca, cusbooneysiinta otomaatiga ah waxay bixisaa ilaalin joogto ah, Fail2Ban-na waxay bixisaa tallaabooyin caqli badan oo ka hortag ah. Kaliya marka la isku daro saddexdan qaybood waxaad abuuri kartaa jawi maamul oo xog ururin ah oo hufan oo ammaan ah.

Sayid dhab ah maaha qof yaqaan sida loo dhiso qalabka oo keliya, laakiin waa qof yaqaan sida loo ilaaliyo.

Hope Chen Weiliang Blog ( https://www.chenweiliang.com/ Maqaalka "HestiaCP Admin Installation: Security Otomaatig Settings + Data Management Optimization" ee halkan lagu wadaagay ayaa laga yaabaa inuu ku caawiyo.

Ku soo dhawoow inaad wadaagto xiriirka maqaalkan:https://www.chenweiliang.com/cwl-34018.html

Si aad u furto khiyaamo qarsoon🔑, ku soo biir kanaalkayaga Telegram!

Riix halkan si aad ugu soo biirto channelka Telegram

Share iyo like haddi aad ka heshay! Saamiyadaada iyo waxa aad jeceshahay ayaa ah dhiirigelintayada sii socota!

Post hore:WPCode vs Fluent Snippets: Kee baa ka wanaagsan? Isbarbardhigga Plugin-ka iyo Cashar Wax ku ool ah

Post post: eSender Xeerarkii ugu dambeeyay ee 2026: Muddada tijaabada bilaashka ah ee 7-maalmood ah ee lambarrada taleefanka gacanta ee Shiinaha ayaa la joojiyay; diiwaangelinta magaca dhabta ah ee ku salaysan baasaboorka ayaa dib loo soo celiyay; rukhsaduhu waa inay ahaadaan ugu yaraan lix bilood.

Ku rakibidda Maamulaha HestiaCP: Dejinta Amniga ee otomaatiga ah + Hagaajinta Maareynta Xogta

Maxaad u dooran lahayd Maamule halkii aad ka dooran lahayd... phpMyAdmin?

Tallaabooyinka lagu rakibayo Maamulaha HestiaCP

1. Soo dejiso faylka Maamulaha

2. Samee subdomain oo awood u yeelo SSL.

3. Deji ilaalinta erayga sirta ah ee Nginx

Si toos ah u cusbooneysii faylasha Maamulaha

Cusboonaysii tusaalaha qoraalka

FaiWeerar ka dhan ah xoogga cadaanka ah ee l2Ban

Habaynta shaandhada

Qaabeynta xabsiga (muddada mamnuucidda oo kordhaysa)

Dhammaystir qoraalka dejinta hal-guji

Gunaanad: Isu-dheellitirka Badbaadada iyo Hufnaanta

评论取消回复

Maxaad u dooran lahayd Maamule halkii aad ka dooran lahayd... phpMyAdmin?

Tallaabooyinka lagu rakibayo Maamulaha HestiaCP

1. Soo dejiso faylka Maamulaha

2. Samee subdomain oo awood u yeelo SSL.

3. Deji ilaalinta erayga sirta ah ee Nginx

Si toos ah u cusbooneysii faylasha Maamulaha

Cusboonaysii tusaalaha qoraalka

FaiWeerar ka dhan ah xoogga cadaanka ah ee l2Ban

Habaynta shaandhada

Qaabeynta xabsiga (muddada mamnuucidda oo kordhaysa)

Dhammaystir qoraalka dejinta hal-guji

Gunaanad: Isu-dheellitirka Badbaadada iyo Hufnaanta

评论 取消 回复

评论取消回复