Posts Tagged ‘directory location’

Nginx increase security by putting websites into Linux jails howto

Monday, August 27th, 2018

linux-jail-nginx-webserver-increase-security-by-putting-it-and-its-data-into-jail-environment

If you're sysadmining a large numbers of shared hosted websites which use Nginx Webserver to interpret PHP scripts and serve HTML, Javascript, CSS … whatever data.

You realize the high amount of risk that comes with a possible successful security breach / hack into a server by a malicious cracker. Compromising Nginx Webserver by an intruder automatically would mean that not only all users web data will get compromised, but the attacker would get an immediate access to other data such as Email or SQL (if the server is running multiple services).

Nowadays it is not so common thing to have a multiple shared websites on the same server together with other services, but historically there are many legacy servers / webservers left which host some 50 or 100+ websites.

Of course the best thing to do is to isolate each and every website into a separate Virtual Container however as this is a lot of work and small and mid-sized companies refuse to spend money on mostly anything this might be not an option for you.

Considering that this might be your case and you're running Nginx either as a Load Balancing, Reverse Proxy server etc. , even though Nginx is considered to be among the most secure webservers out there, there is absolutely no gurantee it would not get hacked and the server wouldn't get rooted by a script kiddie freak that just got in darknet some 0day exploit.

To minimize the impact of a possible Webserver hack it is a good idea to place all websites into Linux Jails.

linux-jail-simple-explained-diagram-chroot-jail

For those who hear about Linux Jail for a first time,
chroot() jail is a way to isolate a process / processes and its forked children from the rest of the *nix system. It should / could be used only for UNIX processes that aren't running as root (administrator user), because of the fact the superuser could break out (escape) the jail pretty easily.

Jailing processes is a concept that is pretty old that was first time introduced in UNIX version 7 back in the distant year 1979, and it was first implemented into BSD Operating System ver. 4.2 by Bill Joy (a notorious computer scientist and co-founder of Sun Microsystems). Its original use for the creation of so called HoneyPot – a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems that appears completely legimit service or part of website whose only goal is to track, isolate, and monitor intruders, a very similar to police string operations (baiting) of the suspect. It is pretty much like а bait set to collect the fish (which in this  case is the possible cracker).

linux-chroot-jail-environment-explained-jailing-hackers-and-intruders-unix

BSD Jails nowadays became very popular as iPhones environment where applications are deployed are inside a customly created chroot jail, the principle is exactly the same as in Linux.

But anyways enough talk, let's create a new jail and deploy set of system binaries for our Nginx installation, here is the things you will need:

1. You need to have set a directory where a copy of /bin/ls /bin/bash /bin/,  /bin/cat … /usr/bin binaries /lib and other base system Linux system binaries copy will reside.

 

server:~# mkdir -p /usr/local/chroot/nginx

 


2. You need to create the isolated environment backbone structure /etc/ , /dev, /var/, /usr/, /lib64/ (in case if deploying on 64 bit architecture Operating System).

 

server:~# export DIR_N=/usr/local/chroot/nginx;
server:~# mkdir -p $DIR_N/etc
server:~# mkdir -p $DIR_N/dev
server:~# mkdir -p $DIR_N/var
server:~# mkdir -p $DIR_N/usr
server:~# mkdir -p $DIR_N/usr/local/nginx
server:~# mkdir -p $DIR_N/tmp
server:~# chmod 1777 $DIR_N/tmp
server:~# mkdir -p $DIR_N/var/tmp
server:~# chmod 1777 $DIR_N/var/tmp
server:~# mkdir -p $DIR_N/lib64
server:~# mkdir -p $DIR_N/usr/local/

 

3. Create required device files for the new chroot environment

 

server:~# /bin/mknod -m 0666 $D/dev/null c 1 3
server:~# /bin/mknod -m 0666 $D/dev/random c 1 8
server:~# /bin/mknod -m 0444 $D/dev/urandom c 1 9

 

mknod COMMAND is used instead of the usual /bin/touch command to create block or character special files.

Once create the permissions of /usr/local/chroot/nginx/{dev/null, dev/random, dev/urandom} have to be look like so:

 

server:~# ls -l /usr/local/chroot/nginx/dev/{null,random,urandom}
crw-rw-rw- 1 root root 1, 3 Aug 17 09:13 /dev/null
crw-rw-rw- 1 root root 1, 8 Aug 17 09:13 /dev/random
crw-rw-rw- 1 root root 1, 9 Aug 17 09:13 /dev/urandom

 

4. Install nginx files into the chroot directory (copy all files of current nginx installation into the jail)
 

If your NGINX webserver installation was installed from source to keep it latest
and is installed in lets say, directory location /usr/local/nginx you have to copy /usr/local/nginx to /usr/local/chroot/nginx/usr/local/nginx, i.e:

 

server:~# /bin/cp -varf /usr/local/nginx/* /usr/local/chroot/nginx/usr/local/nginx

 


5. Copy necessery Linux system libraries to newly created jail
 

NGINX webserver is compiled to depend on various libraries from Linux system root e.g. /lib/* and /lib64/* therefore in order to the server work inside the chroot-ed environment you need to transfer this libraries to the jail folder /usr/local/chroot/nginx

If you are curious to find out which libraries exactly is nginx binary dependent on run:

server:~# ldd /usr/local/nginx/usr/local/nginx/sbin/nginx

        linux-vdso.so.1 (0x00007ffe3e952000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f2b4762c000)
        libcrypt.so.1 => /lib/x86_64-linux-gnu/libcrypt.so.1 (0x00007f2b473f4000)
        libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f2b47181000)
        libcrypto.so.0.9.8 => /usr/local/lib/libcrypto.so.0.9.8 (0x00007f2b46ddf000)
        libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f2b46bc5000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f2b46826000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f2b47849000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f2b46622000)


The best way is to copy only the libraries in the list from ldd command for best security, like so:

 

server: ~# cp -rpf /lib/x86_64-linux-gnu/libthread.so.0 /usr/local/chroot/nginx/lib/*
server: ~# cp -rpf library chroot_location

etc.

 

However if you're in a hurry (not a recommended practice) and you don't care for maximum security anyways (you don't worry the jail could be exploited from some of the many lib files not used by nginx and you don't  about HDD space), you can also copy whole /lib into the jail, like so:

 

server: ~# cp -rpf /lib/ /usr/local/chroot/nginx/usr/local/nginx/lib

 

NOTE! Once again copy whole /lib directory is a very bad practice but for a time pushing activities sometimes you can do it …


6. Copy /etc/ some base files and ld.so.conf.d , prelink.conf.d directories to jail environment
 

 

server:~# cp -rfv /etc/{group,prelink.cache,services,adjtime,shells,gshadow,shadow,hosts.deny,localtime,nsswitch.conf,nscd.conf,prelink.conf,protocols,hosts,passwd,ld.so.cache,ld.so.conf,resolv.conf,host.conf}  \
/usr/local/chroot/nginx/usr/local/nginx/etc

 

server:~# cp -avr /etc/{ld.so.conf.d,prelink.conf.d} /usr/local/chroot/nginx/nginx/etc


7. Copy HTML, CSS, Javascript websites data from the root directory to the chrooted nginx environment

 

server:~# nice -n 10 cp -rpf /usr/local/websites/ /usr/local/chroot/nginx/usr/local/


This could be really long if the websites are multiple gigabytes and million of files, but anyways the nice command should reduce a little bit the load on the server it is best practice to set some kind of temporary server maintenance page to show on the websites index in order to prevent the accessing server clients to not have interrupts (that's especially the case on older 7200 / 7400 RPM non-SSD HDDs.)
 

 

8. Stop old Nginx server outside of Chroot environment and start the new one inside the jail


a) Stop old nginx server

Either stop the old nginx using it start / stop / restart script inside /etc/init.d/nginx (if you have such installed) or directly kill the running webserver with:

 

server:~# killall -9 nginx

 

b) Test the chrooted nginx installation is correct and ready to run inside the chroot environment

 

server:~# /usr/sbin/chroot /usr/local/chroot/nginx /usr/local/nginx/nginx/sbin/nginx -t
server:~# /usr/sbin/chroot /usr/local/chroot/nginx /usr/local/nginx/nginx/sbin/nginx

 

c) Restart the chrooted nginx webserver – when necessery later

 

server:~# /usr/sbin/chroot /nginx /usr/local/chroot/nginx/sbin/nginx -s reload

 

d) Edit the chrooted nginx conf

If you need to edit nginx configuration, be aware that the chrooted NGINX will read its configuration from /usr/local/chroot/nginx/nginx/etc/conf/nginx.conf (i'm saying that if you by mistake forget and try to edit the old config that is usually under /usr/local/nginx/conf/nginx.conf

 

 

12 must have Joomla extension plugins / Essential modules for new Joomla CMS install

Thursday, June 16th, 2011

Joomla bundle of must have extensions picture

These days very often I have to install, plain new Joomla based websites. I’ve realized that since there is no structured guide to follow describing the most essential plugins that every new fresh new joomla installation is required to have.
Thus I took the time and wrote this post, as it will be useful to myself in my future new joomla based websites establishment, I also believe these guide will be useful to other Joomla enthusiasts or administrators in their daily work.

Below I will describe in short the installation, configuration and oddities I’ve faced during installment of the above described bundle of plugins on a plan Joomla 1.5 install.These article will walk through 12 joomla essential plugins that I believe every fresh Joomla installation should be equipped with.
Hope this guide will be helpful to you. Now let’s start it up:

1. JoomlaXplorer – A sophisticated web file explorer for Joomla

One of the basic modules, beneficial with a new joomla CMS install is Joomla Xptplorer . This module enables the joomla admin to browse files in a web file explorer, on the server where the joomla CMS is installed. Below you see how handy the joomla web explorer provided by the plugin is:

Joomla file explorer extplorer module

Installing and using the plugin is a piece of cake. To install the plugin:

a. download Joomla file Xplorer from here or from the official plugin website.

b. Install the plugin through the admin joomla menu:

Extensions -> Install/Uninstall

c. Start using the newly installed plugin by following to menus:

Components -> eXtplorer

2. JCrawler Generate easily sitemap.xml to aim the overall Joomla website SEO optimization

JCrawler logo plugin joomla

I have previously written a very through tutorial on how to install configure and generate website sitemap with Jcrawler module, You can read my article titled: How to build website sitemap.xml in Joomla here

3. sh404SEF – Make your Joomla links and content more user friendly

sh404sef Joomla Search Engine Optimization plugin

sh404SEF is a great Joomla plugin, which will seriously improve SEO and could contribute well for a website to be better indexed with major search engines.

I have previously written an article describing thoroughfully the install and use procedures for the module.
You can read the article Making your Joomla URLS Google friendly with sh404sef plugin / Simple Joomla link SEO here

4. Akeeba Backup Joomla solution

Akeeba backup Joomla Module

Installing a joomla backup solution is very essential if you does take care about your data, it often happens that server hard disk got crashes or a RAID massives got corrupted or some kind of other unexpected disaster hits the server. In these terrible times, having a website backup will save you nerves and data recovery funds, not to mention that in many cases data recovery is impossible.

Joomla has a very easy to use software for creating full website backup called Akeeba Backup

To start using the software one must:

a. Download Akeeba Backup and install it via:

Extensions -> Install/Uninstall

After the Akeeba Backup installation is over, to create your first backup, one needs to navigate to:

Components -> Akeeba Backup -> Backup Now

Each Akeeba backup (a version of the website’s files data and sql info) will be created in an archive file with the extension .jpa
The backup files are created under joomla’s website (main) root directory in directory location administrator/components/com_akeeba/backup

The Akeeba plugin also has capabilities to recover a (.jpa) backup restore point easily.
To recover a backup with the Akeeba plugin one needs to do it once again, via the plugin joomla web interface.
5. Google Analytics (place easy tracking code) in Joomla

Google Analytics Tracking Module for Joomla

a. Download the Google Analytics Tracking Module
The module is available from Joomla Extensions on joomla.org

At the current time of writting you need to download the analytics_tracking15,zip file

b. Install the Google Analytics Tracking Module;
Login as joomla admin and navigate to;

Extensions -> Install

Place the analytics_tracking15.zip url to the Install URL: field.
Again as of time of writting you need to place https://www.pc-freak.net/files/analytics_tracking15.zip;

c. Open the Module Manager

Extensions -> Module Manager

d. Click over Google Analytics Tracking Module
On the right pane you will notice in the Module Parameters the Analytics_uacct_code field. In the uacct_code field you need to paste your UA obtained from your created google-analytics account.
This code is usually something like UA-2101595-10
Now place your code their and press the save green button located near the right top of the screen. You should see the text in blue Item Saved which would indicate your UA code is stored already in the Google Analytics Tracking Module, now press the Cancel button located again on the right top.
As a last step before the Google analytics is set-up on the Joomla you need to enable the plugin to do you need to press over the tick left sided from the text reading Google Analytics Tracking Module in the Module Manager
e. Click over the Enabled button in Module Manager;
Google Analytics Tracking Module -> Enabled

6. Itprism (Facebook, Twitter etc.) Social Network share buttons Joomla plugin

ITPShare Large Social Buttons Joomla

a. to add the itpsocialbuttons to joomla Download the Itpsocialbuttons latest module files from http://itprism.com/free-joomla-extensions/social-buttons-plugin or use my mirrored module files below:

Download mod_itpsocialbuttons .zip file
Download plg_itpsocialbuttons .zip

After having the two files necessery to be installed to make the ITPSocialButtons appear on website, installation is done like with any other installation:

Extensions -> Install/Uninstall -> Upload Package File (Choose File)

Next its necessery to configure the plugin to do so, follow to menus:

Extensions -> Module Manager -> Share

You will notice the Share dialog in the list of Module Name column in Module Manager

Here is a screenshot on how the settings options for ITpsocialbuttons will look like:

Mod ITpSocialButtons settings screen

The options which I personally changed was:

Show Title – I set this one to No as I wanted to omit the plugin title text to appear on my website.
Further on I’ve set the Enabled option to Yes to enable the plugin and choose the buttons Style option to be of a Small buttons type.
I’ve also found that the most suitable position for the Social Share buttons were to be of a right – Position .

Here is how the social network itprism share buttons looks like:

ITprism Joomla Social Share Plugin various button types

The plugin supports sharing of joomla pages to the following list of social networks:
 

  • Delicios.com
  • Digg.com
  • Facebook
  • Google Bookmarks
  • StumbleUpon
  • Technorati
  • Twitter
  • LinkedIn

The module configuration, also allows the user to configure the type of social network buttons, one wants to display on the website.

7. Joomla JCE Content Editor

This content editor is really awesome compared to the default editor TinyMCE. If you want to have an options rich content editor for Joomla, then this is the one for you 🙂
download JCE Content Editor here

After installing the JCE Joomla content editor in order to enable it as a default editor you need to go to the following location:

Site -> Global Configuration -> Default WYSIWYG Editor

There place on Editor TinyMCE and change it with Editor – JCE

Now go to edit some article, and you will see the difference in the editor 🙂

8. Add gallery Joomla capabilities with sigplus (Image Gallery Plus) and Very Simple Image Gallery

Image Gallery Plus sigplus Joomla Screenshot

Image Gallery Plus plugin (sigplus) gallery review screenshot

sigplus Image Gallery Plus is a straightforward way to add image or photo galleries to a Joomla article with a simple syntax. It takes a matter of minutes to set up a gallery but those who are looking for a powerful gallery solution will not be disappointed either: sigplus is suitable for both beginner and advanced users.

Download Sigplus Joomla Image Gallery plugin here
Using sigllus is quite easy all one has to do is use Joomla Media Manager from links:

Site -> Media Manager

Create new folder in the stories folder, let’s say New Pictures and further on use Media Manager to upload all desired pictures to be later displayed.

Being done with uploading the images you want to display, go to Article Manager :

Content -> Article Manager

From there choose your article where new uploaded pictures you want to display and type in the article:

{gallery}New Pictures{/gallery}.

Note that New Pictures is the directory just recently created as stated below, it’s important that there is no spacing between {gallery}and New Pictures, if one tries {gallery} New Pictures {/gallery} instead of {gallery}New Pictures{/gallery} an error will occur instead of the pictures being displayed in a scrolled gallery.

Sigplus Image Gallery has also a number of configuration options, which might make it look a bit more decent.
I have to say in my view the default way sigplus displays pictures is awful!

Another alternative if you don’t like Sigplus ‘s way of creating new galleries is to use Very Simple Image Gallery

Very Simple Image Gallery joomla screenshot

Here is a screenshot on a sample gallery created with Very Simple Image Gallery Joomla Plugin

You can download Very simple image gallery here

After installing the plugin. It’s use is analogous to the Sigplus . To use it likewise sigplus create new directory through Media Manager and in stories and upload your files in let’s say New Pictures1 . Later on in your article place, the code

{vsig}New Pictures1{/vsig}

Gallery will be generated automatically by the plugin. I think Simple Image Gallery is a bit more advanced and gives a better outlook to Galleries, though it’s configuration settings are much less than with SigPlus image gallery.

To add pictures comments e.g. img link alt=” and title=” tib you need to place a code within the Article manager similar to:

{vsig_c}0|Picture_1.JPG|Some sample text|Some other text{/vsig_c}
{vsig_c}0|Picture_2.JPG|Some example text|Some text{/vsig_c}
etc. ..

Note that the 0 in above example specifies the gallery number if you for instance are using a couple of galleries with Simple Image Gallery , the first one you used would be call 0 . The text specified as comments to the picture will also appear after you preview the gallery right below the picture when clicked on as a picture description in a really nice way.
9. Install Google maps plugin for Joomla

Google Maps plugin for Joomla screenshot

It’s a wise idea that every website has a location map on it’s website, for that reason Google maps is just great.
To install Google maps capability to joomla one can use a plugin called Google Maps .

You can straighly download Joomla’s Googlemap plugin from here

Afterwards use Extension Manager to install the plugin e.g. follow:

Extensions -&gr; Install/Uninstall (Choose File)

and click on Upload File & Install button.

To further enable and configure the Joomla Googlemap plugin you will have to go to the location:

Extensions -> Plugin Manager

Therein you will have to find and enable the Google Maps plugin which is to be found in the column named Plugin Manager
On my Joomla installation the plugin was located in the second page with modules, so if you don’t find the module on the listing with modules on the first page, make sure you scroll to the bottom of the page and click on Next button.

Therein in the list you will most likely notice Google Maps use the Enable button to enable it.

Next step is to configure the plugin, to do so press on the plugin name Google Maps
All configuration necessery here is to place Googlemaps API Key in the respective field (you will see it among config options).

Issuing a new Google Maps api key takes just few seconds, if you already have a gmail account just go to http://code.google.com/apis/maps/signup.html and take few seconds to issue the key.

You will get the key right on your gmail account after being issued (to repeat myself issuing takes few seconds so no worrier here).

One moreOnce having the key place it in the Googlemaps API Key field and configuring Address (which is one of the list of many options the plugin provides) you will be done with configuration.

To display a google map the location you just configured go to the Article Manager , select the article where you want the google maps location picture of your address to appear and type in the Article:

{mosmap|text='Exact street address location'|zoom='15'|zoomType='Large'|zoomNew='0'}

After you save the article a very nice Google map showing you the location’s streets will appear.
You can further conifgure a number of things related to the google map to appear, one thing you might want to play with is the zoom option which as you see in below’s code is equal to 15, e.g. zoom=’15’
Set it to another one if you want to regulate your googlemaps zoom level. For more thoroughful options take a look at the extensive plugin documentation.

10. Joomla Xmap (generating static HTML sitemap) Download Xmap from here , install it the usual plugin way.

Right after installation on the plugin succesful install screen you will notice the link component menu .
Clicking on the component menu you will be leaded to a page showing you few links Sitemap’s URL :
 

  • XML Sitemap:
  • HTML Sitemap:
  • News Sitemap:
  • Images Sitemap:

11. Add Joomla donate Paypal capabilities with Joomla PAYPAL DONATION MODULE

Paypal Donation Module Joomla Screenshot

Just recently I’ve written a a post on how to add a paypal donation capabilities to joomla, you can read my previous post here

12. Install Joomla RSForms Module (Advanced Joomla Forms Support)

Simple Joomla RsForm contact form

If you’re planning to add a complicated form support for Joomla, there are plenty of plugins, however one that was suggested by a friend of mine which is deep in Joomla world and moreover works good on my joomla installations is RSForms

Joomla – RSForms! is free to download and has great and easy interface to create new joomla forms.

At the time of writting I use these three RSForms components on new Joomla installations:

RSform Pro 1.1.0 com
Mod RsForm for Joomla 1.5
Mod Rsform list for Joomla

For latest release of RSForms! use the link http://www.rsjoomla.com/joomla-components/rsform.html

Installation is like any other module and is done through Extensions -> Install/Uninstall menu.

After installation, setting up a new form is available from the Joomla Menus:

Components -> RSform!Pro -> Manage Forms

I would not enter in details on how to edit the default RSForms or create a new RSForm. Just take some time and learn it by trying 😉

After the rsform is ready, to enable the new form, navigate to Joomla menus:

Menus -> Main Menu

Press the New button located in the buttons bar nearby the page header in the list of options in Select Menu item Type you will notice the RSForm!Pro as an option, press on it to establish the new form in the menus.

A follow up window will appear where one can set a Title: and Alias: for the new form as well as few other options.
After finalizing the settings press on Apply button to save the settings and the new form should appear in Joomla.

Probably there are many more handy plugins, which I’m missing here thus I’ll be glad if readers suggest some more helpful essential (must have plugins) for Joomla.
Feedback on this tutorial is very welcome!
Looking forward to hear for your opinions if my article was helpful to you 😉

Where does Debian GNU / Linux Apache + PHP stores session files?

Tuesday, November 22nd, 2011

In order to debug some PHP session problems on Debian, I needed to check the count of existing session files.
When PHP is compiled from source usually, by default sessions are stored in /tmp directory, however this is not the case on Debian.

Debian’s PHP session directory is different, there the sessions are stored in the directory:

/var/lib/php5

I’ve discovered the session directory location by reading Debian’s cron shell script, which delete session files on every 30 minutes.

Here is the file content:

debian~# cat /etc/cron.d/php5
# /etc/cron.d/php5: crontab fragment for php5
# This purges session files older than X, where X is defined in seconds
# as the largest value of session.gc_maxlifetime from all your php.ini
# files, or 24 minutes if not defined. See /usr/lib/php5/maxlifetime

# Look for and purge old sessions every 30 minutes
09,39 * * * * root [ -x /usr/lib/php5/maxlifetime ] &&
[ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -delete

To check the amount of existing PHP opened session files:

debian:~# ls -1 /var/lib/php5|wc -l
14049

Automatic blog posts tagging in wordpress blog 3.1 with (auto-tags) / wp plugin to increase Search Engine ranking

Monday, April 4th, 2011

There are plenty of articles, on how to increase search engine ranking in wordpress and I’m sure this article might be not that interesting but still I thought it might be nice to mention about this 3 wordpress plugins Auto-Tags, SEO Slugs and Platinium SEO Pack which will help you increase your traffic.

Let me say a few words for each of the 3 plugins:

1. Auto-tags
Below is the description of the plugin directly taken from the plugin website http://wordpress.org/extend/plugins/auto-tag/

This plugin uses the Yahoo.com and tagthe.net APIs to find the most relevant keywords
from the content of your post, and then adds them as tags.
New for version 0.2: an options page allows to choose how many tags are
retrieved from each service The tag adding is fully automatic,
so if you're using a plugin like feedwordpress to display RSS feeds
on your blog as posts, everything will get done as the feed
posts are published. No user intervention necessary!

Here are the installation instructions for auto-tags:

debian:~# cd /var/www/blog/wp-content/plugins
debian:/var/www/wp-content/plugins:# wget https://www.pc-freak.net/files/auto-tag.0.4.6.zip
100%[================================>] 14,325 45.3K/s in 0.3s

2011-04-04 12:30:17 (45.3 KB/s) – `auto-tag.0.4.6.zip’ saved [14325/14325]
debian:/var/www/wp-content/plugins:# unzip auto-tag.0.4.6.zip

In the above example my wordpress installation is in /var/www/blog/ , if your wordpress is installed in another directory location change to the respective directory.

To activate the Plugin go to:

Plugins -> Auto Tags
Press over Activate to activate the plugin.

To configure the Auto-tags plugin navigate to:

Settings -> Auto tags plugin

Auto tags Screen options

Therein you can configure the number of post tags to be retrieved from Yahoo, tagthe.net. The settings also allows you to disable certain tags you don’t want to appear in your post tags from the field, Remove those tags (comma separated)

The plugin also has an option called Append tags to the ones that already exist which on my wordpress 3.1 installation doesn’t work

After ending up your desired configuration simply press the Update Options button.

Now each time you type a new post in your wordpress blog, a tags related to the post will automatically be included.
Based on this tags Search engines will easily find content that relates to your blog tags and thus your page indexing will get better.