Dr.Web AV-Desk is deployed in a bank for the first time. Dr.Web for Android and Dr.Web for Mac OS X are certified by the Russia's FSB. Doctor Web launches an education project to fight banking trojans. A proprietary firewall is included in Dr.Web for Android. Let’s say that you operate an internet security company, and you discover a brand-new security threat for the Mac platform – one that is allegedly safe since forever. You can honestly brag about it, and deservedly so. Dr.Web «uncovered the first botnet» made of Macs in 2012, but its software runs on OS X since 2009 and implement the usual graphic interface implemented by the majority of. This backdoor for Mac OS X is presented by its developers as a marketing research tool to study the users' activity in the Internet. It is distributed on the websites which offer all kinds of software for Mac OS X, using the following scheme.
Web Services in Mac OS X, Mac OS X Server, Linux and most versions of Unix are provided by Apache, an Open Source project that much of the Internet owes its origins to. Apache owes its name to the fact that it’s “a patchy” service. These patches are often mods, or modules. Configuring web services is as easy in OS X Mavericks Server (10.9) as it has ever been. To set up the default web portal, simply open the Server app, click on the Websites service and click on the ON button. After a time, the service will start. Once running, click on the View Server Website link at the bottom of the pane. Provided the stock OS X Server page loads, you are ready to use OS X Server as a web server. Before we setup custom sites, there are a few things you should know. The first is, the server is no longer really designed to remove the default website. So if you remove the site, your server will exhibit inconsistent behavior. Also, don’t remove the files that comprise the default site. Instead just add sites, which is covered next. Webmail is gone. You don’t have to spend a ton of time looking for it as it isn’t there. Also, Mountain Lion Server added web apps, which we’ll briefly review later in this article as well, as those continue in Mavericks Server. Finally, enabling PHP and Python on sites is done globally, so this setting applies to all sites hosted on the server. Now that we’ve got that out of the way, let’s add our first custom site. Do so by clicking on the plus sign. At the New Web Site pane, you’ll be prompted for a number of options. The most important is the name of the site, with other options including the following:- Domain Name: The name the site is accessible from. The default sites do not have this option as they are accessible from all names that resolve to the server.
- IP Address: The IP address the site listens on. Any means the site is available from every IP address the server is configured to use. The default websites do not have this option as they are accessible from all addresses automatically
- Port: By default, sites without SSL run on port 80 on all network interfaces, and sites with SSL run on port 443 on all network interfaces. Use the Port field to use custom ports (e.g., 8080). The default sites do not have this option as they are configured to use 80 and 443 for default and SSL-based communications respectively.
- SSL Certificate: Loads a list of SSL certificates installed using Keychain or the SSL Certificate option in the Settings pane of the Server application
- Store Site Files In: The directory that the files that comprise the website are stored in. These can be placed into the correct directory using file shares or copying using the Finder. Click on the drop-down menu and then select Other to browse to the directory files are stored in.
- Who Can Access: By default Anyone (all users, including unauthenticated guests) can access the contents of sites. Clicking on Anyone and then Customize… brings up the “Restrict access to the following folders to a chosen group” screen, where you can choose web directories and then define groups of users who can access the contents.
- Additional Domains: Click on the Edit… button to bring up a simple list of domain names the the site also responds for (e.g. in addition to krypted.com, add www.krypted.com).
- Redirects: Click on the Edit… button to bring up a list of redirects within the site. This allows configuring redirects to other sites. For example, use /en to load english.krypted.com or /cn to load china.krypted.com).
- Aliases: Click on the Edit… button to load a list of aliases. This allows configuring redirects to folders within the same server. For example, /en loads /Library/Server/Web/Data/Sites/Default
- Index Files: Click on the Edit… button to bring up a list of pages that are loaded when a page isn’t directly indicated. For example, when visiting krypted.com, load the wp.php page by default.
- Advanced Options: The remaining options are available by clicking on the “Edit Advanced Settings…” button.
- Enable Server Side Includes: Allows administrators to configure leveraging includes in web files, so that pieces of code can be used across multiple pages in sites.
- Allow overrides using .htaccess files: Using a .htaccess file allows administrators to define who is able to access a given directory, defining custom user names and passwords in the hidden .htaccess file. These aren’t usually required in an OS X Server web environment as local and directory-based accounts can be used for such operations. This setting enables using custom .htaccess files instead of relying on Apple’s stock web permissions.
- Allow folder listing: Enables folder listings on directories of a site that don’t have an Index File (described in the non-Advanced settings earlier).
- Allow CGI execution: Enables CGI scripts for the domain being configured.
- Use custom error page: Allows administrators to define custom error pages, such as those annoying 404 error pages that load when a page can’t be found
- Make these web apps available on this website: A somewhat advanced setting, loads items into the webapps array, which can be viewed using the following command:
sudo serveradmin settings web:definedWebApps
apachectl
command to restart the Websites service. Instead, use the serveradmin
command to do so. To start the service: sudo serveradmin start web
To stop the service(s): sudo serveradmin stop web
And to see the status: sudo serveradmin fullstatus web
Fullstatus returns the following information: web:health = _empty_dictionary web:readWriteSettingsVersion = 1 web:apacheVersion = '2.2' web:servicePortsRestrictionInfo = _empty_array web:startedTime = '2013-10-08 01:05:32 +0000' web:apacheState = 'RUNNING' web:statusMessage = ' web:ApacheMode = 2 web:servicePortsAreRestricted = 'NO' web:state = 'RUNNING' web:setStateVersion = 1
While the health option typically resembles kiosk computers in the Computer Science departments of most major universities, much of the rest of the output can be pretty helpful including the Apache version, whether the service is running, any restrictions on ports and the date/time stamp that the service was started. To see all of the settings available to the serveradmin
command, run it, followed by settings and then web, to indicate the Websites service: sudo serveradmin settings web
The output is pretty verbose and can be considered in two sections, the first includes global settings across sites as well as the information for the default sites that should not be deleted: web:defaultSite:documentRoot = '/Library/Server/Web/Data/Sites/Default' web:defaultSite:serverName = ' web:defaultSite:realms = _empty_dictionary web:defaultSite:redirects = _empty_array web:defaultSite:enableServerSideIncludes = no web:defaultSite:customLogPath = '"/var/log/apache2/access_log"' web:defaultSite:webApps = _empty_array web:defaultSite:sslCertificateIdentifier = ' web:defaultSite:fullSiteRedirectToOtherSite = ' web:defaultSite:allowFolderListing = no web:defaultSite:serverAliases = _empty_array web:defaultSite:errorLogPath = '"/var/log/apache2/error_log"' web:defaultSite:fileName = '/Library/Server/Web/Config/apache2/sites/0000_any_80_.conf' web:defaultSite:aliases = _empty_array web:defaultSite:directoryIndexes:_array_index:0 = 'index.html' web:defaultSite:directoryIndexes:_array_index:1 = 'index.php' web:defaultSite:directoryIndexes:_array_index:2 = '/wiki/' web:defaultSite:directoryIndexes:_array_index:3 = 'default.html' web:defaultSite:allowAllOverrides = no web:defaultSite:identifier = '37502141' web:defaultSite:port = 80 web:defaultSite:allowCGIExecution = no web:defaultSite:serverAddress = '*' web:defaultSite:requiresSSL = no web:defaultSite:proxies = _empty_dictionary web:defaultSite:errorDocuments = _empty_dictionary web:defaultSecureSite:documentRoot = '/Library/Server/Web/Data/Sites/Default' web:defaultSecureSite:serverName = ' web:defaultSecureSite:realms = _empty_dictionary web:defaultSecureSite:redirects = _empty_array web:defaultSecureSite:enableServerSideIncludes = no web:defaultSecureSite:customLogPath = '"/var/log/apache2/access_log"' web:defaultSecureSite:webApps = _empty_array web:defaultSecureSite:sslCertificateIdentifier = 'com.apple.systemdefault.9912650B09DE94ED160146A3996A45EB3E39275B' web:defaultSecureSite:fullSiteRedirectToOtherSite = ' web:defaultSecureSite:allowFolderListing = no web:defaultSecureSite:serverAliases = _empty_array web:defaultSecureSite:errorLogPath = '"/var/log/apache2/error_log"' web:defaultSecureSite:fileName = '/Library/Server/Web/Config/apache2/sites/0000_any_443_.conf' web:defaultSecureSite:aliases = _empty_array web:defaultSecureSite:directoryIndexes:_array_index:0 = 'index.html' web:defaultSecureSite:directoryIndexes:_array_index:1 = 'index.php' web:defaultSecureSite:directoryIndexes:_array_index:2 = '/wiki/' web:defaultSecureSite:directoryIndexes:_array_index:3 = 'default.html' web:defaultSecureSite:allowAllOverrides = no web:defaultSecureSite:identifier = '37502140' web:defaultSecureSite:port = 443 web:defaultSecureSite:allowCGIExecution = no web:defaultSecureSite:serverAddress = '*' web:defaultSecureSite:requiresSSL = yes web:defaultSecureSite:proxies = _empty_dictionary web:defaultSecureSite:errorDocuments = _empty_dictionary web:dataLocation = '/Library/Server/Web/Data' web:mainHost:keepAliveTimeout = 15.000000 web:mainHost:maxClients = '50%'
The second section is per-site settings, with an array entry for each site: web:customSites:_array_index:0:documentRoot = '/Library/Server/Web/Data/Sites/https://krypted.com/' web:customSites:_array_index:0:serverName = 'https://krypted.com/' web:customSites:_array_index:0:realms = _empty_dictionary web:customSites:_array_index:0:redirects = _empty_array web:customSites:_array_index:0:enableServerSideIncludes = no web:customSites:_array_index:0:customLogPath = '/var/log/apache2/access_log' web:customSites:_array_index:0:webApps = _empty_array web:customSites:_array_index:0:sslCertificateIdentifier = ' web:customSites:_array_index:0:fullSiteRedirectToOtherSite = ' web:customSites:_array_index:0:allowFolderListing = no web:customSites:_array_index:0:serverAliases = _empty_array web:customSites:_array_index:0:errorLogPath = '/var/log/apache2/error_log' web:customSites:_array_index:0:fileName = '/Library/Server/Web/Config/apache2/sites/0000_any_80_www2.krypted.com.conf' web:customSites:_array_index:0:aliases = _empty_array web:customSites:_array_index:0:directoryIndexes:_array_index:0 = 'index.html' web:customSites:_array_index:0:directoryIndexes:_array_index:1 = 'index.php' web:customSites:_array_index:0:directoryIndexes:_array_index:2 = '/wiki/' web:customSites:_array_index:0:directoryIndexes:_array_index:3 = 'default.html' web:customSites:_array_index:0:allowAllOverrides = no web:customSites:_array_index:0:identifier = '41179886' web:customSites:_array_index:0:port = 80 web:customSites:_array_index:0:allowCGIExecution = no web:customSites:_array_index:0:serverAddress = '*' web:customSites:_array_index:0:requiresSSL = no web:customSites:_array_index:0:proxies = _empty_dictionary web:customSites:_array_index:0:errorDocuments = _empty_dictionary
The final section (the largest by far) includes array entries for each defined web app. The following shows the entry for a Hello World Python app: Dr Web Mac Os X Update
web:definedWebApps:_array_index:20:requiredWebAppNames = _empty_array web:definedWebApps:_array_index:20:includeFiles = _empty_array web:definedWebApps:_array_index:20:requiredModuleNames = _empty_array web:definedWebApps:_array_index:20:startCommand = ' web:definedWebApps:_array_index:20:sslPolicy = 0 web:definedWebApps:_array_index:20:requiresSSL = no web:definedWebApps:_array_index:20:requiredByWebAppNames = _empty_array web:definedWebApps:_array_index:20:launchKeys:_array_index:0 = 'org.postgresql.postgres' web:definedWebApps:_array_index:20:proxies = _empty_dictionary web:definedWebApps:_array_index:20:preflightCommand = ' web:definedWebApps:_array_index:20:stopCommand = ' web:definedWebApps:_array_index:20:name = 'org.postgresql.postgres' web:definedWebApps:_array_index:20:displayName = '
Each site has its own configuration file defined in the array for each section. By default these are stored in the /Library/Server/Web/Config/apache2/sites directory, with /Library/Server/Web/Config/apache2/sites/0000_any_80_www2.krypted.com.conf being the file for the custom site we created previously. As you can see, many of the options available in the Server app are also available in these files: <VirtualHost *:80> ServerName https://krypted.com/ ServerAdmin admin@example.com DocumentRoot '/Library/Server/Web/Data/Sites/https://krypted.com/' DirectoryIndex index.html index.php /wiki/ default.html CustomLog /var/log/apache2/access_log combinedvhost ErrorLog /var/log/apache2/error_log
<IfModule mod_ssl.c> SSLEngine Off SSLCipherSuite “ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM” SSLProtocol -ALL +SSLv3 +TLSv1 SSLProxyEngine On SSLProxyProtocol -ALL +SSLv3 +TLSv1 </IfModule> <Directory “/Library/Server/Web/Data/Sites/https://krypted.com/”> Options All -Indexes -ExecCGI -Includes +MultiViews AllowOverride None <IfModule mod_dav.c> DAV Off </IfModule> <IfDefine !WEBSERVICE_ON> Deny from all ErrorDocument 403 /customerror/websitesoff403.html </IfDefine> </Directory> </VirtualHost> The serveradmin command can also be used to run commands. For example, to reset the service to factory defaults, delete the configuration files for each site and then run the following command: sudo serveradmin command web:command=restoreFactorySettings
The final tip I’m going to give in this article is when to make changes with each app. I strongly recommend making all of your changes in the Server app when possible. When it isn’t, use serveradmin and when you can’t make changes in serveradmin, only then alter the configuration files that come with the operating system by default. I also recommend keeping backups of all configuration files that are altered and a log of what was altered in each, in order to help piece the server back together should it become unconfigured miraculously when a softwareupdate -all is run next.Already purchased Dr.Web?
Advantages
- Reliable real-time protection.
- High Speed anti-virus scanning.
- Minimum consumption of system resources and low updating traffic.
- With asynchronous scanning you can perform any operations on files of any type instantly—low consumption of system resources enables Dr.Web for macOS to run without interfering with user experience.
- Dr.Web for macOS will never freeze your Mac during scanning—even if an error occurs.
- In most cases, with default settings Dr.Web does not require the user to respond to the anti-virus in any way and will not distract you from your tasks.
- macOS Aqua interface makes using Dr.Web intuitive and simple.
Features
Dr.web For Mac Os X
- Scan of autorun objects, removable>
- Three types of scanning: express, full and custom.
- Automatic, manual and scheduled scans.
- Detailed operation log.
- Settings of SpIDer Guard® are protected by password against unauthorized modification.
- Different actions can be performed with different types of objects; cure, move to the quarantine, delete; action sequences allow you to define which action will be applied to an object if the first action can't be performed.
- User-defined file and path exclusions.
- Full HTTP traffic scanning and Internet access control.
- Detection and removal of viruses disguised with unknown packers.
- The anti-virus log contains the time of each event, the name of the object scanned, and the type of action applied to the object.
- Automatic (scheduled) and on-demand updating.
- Virus notifications (that include event sounds) on viral events.
- The quarantine isolates infected files; quarantine storage time and maximum size can be specified.
- Curing, restoration and removal of quarantined objects.
- Modules are available as command line utilities that can be used with Apple Scripts.
Protection components
Anti-virus | Prevents trojans from accessing a protected system and will cure malware that has already penetrated it. |
HTTP monitor | Scans webpages in real time, blocks access to phishing sites, and blocks access to non-recommended and potentially dangerous sites. |
Firewall | Protects against unauthorised access by another network. |
Privacy protection | Controls webcams and microphones to prevent spying. |
Dr.Web Cloud | Real-time protection using Dr.Web Cloud services |
System requirements
- macOS 10.7-10.15.
- RAM — as required by the OS.
- Internet access: to register and receive updates.
And more: Anti-spam | Dr.Web virus database | Global Updating System
Bonus
Users of this product receive our gift—free protection for Android!
Click on a component’s icon to learn about its features.
Don't have a Dr.Web license?This can easily be fixed!
Dr.Web Security Space
11 PC/Mac + 1 mobile device for 1 year