| Howto Install and Configure Upload Guardian | |
| Thank you for purchasing Upload Guardian. This guide is to perform a self installation on your dedicated server or VPS. This requires an advanced understanding of Linux and using shell commands.
Step 1) Login to your server through shell as the root user. Step 2) First off check which PHP version you are running and if you have Suhosin installed. This is required for the PHP based upload scanning protection. Run the command: # php -v You should see something like this: php -v PHP 4.4.6 (cli) (built: Mar 21 2007 14:01:59) Copyright (c) 1997-2007 The PHP Group Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies with Zend Extension Manager v1.2.0, Copyright (c) 2003-2006, by Zend Technologies with Suhosin v0.9.20, Copyright (c) 2002-2006, by Hardened-PHP Project with Zend Optimizer v3.2.2, Copyright (c) 1998-2006, by Zend Technologies If you see Suhosin proceed to step 4, otherwise continue. Step 3) Installing Suhosin: Run the following commands: # cd /usr/local Make a note of the installation path - you will need it shortly Now you need to edit your php.ini file to add Suhosin to it: # php -i |grep php.ini vi /usr/local/Zend/etc/php.ini Search for: extension_dir It should not be empty - make sure it matches the same directory path as what Suhosin mentioned during the install. EG: extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20020429" Now search for: Module Settings Add the extention: extension=suhosin.so Now add all this under: extension=suhosin.so
Save the changes to php.ini and restart the web server using: # /scripts/restartsrv_httpd # php -v will now show Suhosin as installed Step 4) Install Upload Guardian using the following commands: mkdir /usr/local/upload_guardian NOTICE: If you get a 403 Forbidden error you must do the following and e-mail us - your server IP has not been licensed. From the server you wish to install Upload Guardian on - do the following: wget http://files.serverprogress.com/ip.phpCopy and paste the servers IP - and email it to us (support (AT) serverprogress.com) so we can provide you the license. Step 5) Add the cronjob: # vi /etc/cron.d/upload_guardian 0 22 * * * /usr/local/upload_guardian/scanit.pl -autoupdate >/dev/null 2>&1 0 23 * * * root nice -n10 /usr/local/upload_guardian/scanit.pl Step 6) Check to ensure LWP::Simple is installed: # perl -MLWP::Simple -e 1 If you don't see an error message, you have the module. Meaning if just # returns you have it installed. Otherwise run the command to install the perl module: # cpan # install LWP::Simple Step 7) Add a logrotation entry: vi /etc/logrotate.conf Add an entry styled like the one below for each secure domain you have on your server at the end of the file: #Upload Guardian Step 8) cPanel Users ONLY Add FTP Scanning to Pure-FTPD: # vi /etc/pure-ftpd.conf find: #CallUploadScript yes change to: CallUploadScript yes Save the changes. # vi /etc/init.d/pure-ftpd find: in start () [ $RETVAL = 0 ] && touch /var/lock/subsys/pure-authd add below: #UPLOAD GUARDIANFIND: stop() { echo -n "Stopping $prog: " kill $(cat /var/run/pure-ftpd.pid) ADD BELOW: #UPLOAD GUARDIANRestart FTP service # /scripts/restartsrv_pureftpd Step 9) DirectAdmin Users ONLY - FTP configuration for ProFTP # mkfifo -m 644 /var/log/proftpd/fifo # vi /etc/proftpd.conf Find: ServerType standalone Add below: LogFormat nickname "%h %l %u %t \"%r\" %s %b \"%f\"" ExtendedLog /var/log/proftpd/xferlog.legacy all nickname Find: TransferLog CHANGE TO: TransferLog /var/log/proftpd/fifo Save the file and close it. Edit the startup service for ProFTPD # vi /etc/init.d/proftpd FIND: start) echo -n "Starting proftpd: " Add below: #UPLOAD GUARDIAN ############################### ugfile=/usr/local/upload_guardian/ug-ftp.pid echo > $ugfile /usr/local/upload_guardian/ugftpscan --fifo=/var/log/proftpd/fifo & scanitpid=`ps aux |grep ugftpscan| grep -v "grep ugftpscan" |awk '{print $2}' |grep -v "PID" `; echo $scanitpid > $ugfile ############################## FIND: stop) echo -n "Shutting down proftpd: " Add below: #UPLOAD GUARDIAN ############################### kill $(cat /usr/local/upload_guardian/ug-ftp.pid) ############################### Save the save and close it. Make sure to restart the FTP service: # service proftpd restart Step 10) FINISHED Congratulations! You have successfully installed Upload Guardian. View the README.txt file in /usr/local/upload_guardian for full usage details. |