While reading a lot of posts and blogs about hosting, I just wanted to ask if someone has an idea on how to find files with illegal content.
I just tried a few bash scripts, but if there are a few thousand files, most of them stop working or produce server loads that stop the whole server.
Is there any software already out there or any script to scan the content on server for phrases?
I want to get a VPS to hold my sites and the websites i build for people.
I'm not sure about what happens if a client uploads something they shouldnt - be it porn, warez or whatever.
As a server owner, do i risk getting in trouble? Or am i simply the contact person .
I can't check every file that people might upload.
is it legal to host links to indirect content such as rapidshare/megaupload?
I've seen alot of sites hosting these contents and the servers (from traceroute) are hosted in the USA where copyright law are enforced heavily.
what do you think? Will my webhost take my site down if I host these contents?
CSF install the new version, I warned that the option Check for cxs. I had a few questions!
1 - is it free? And can be installed and will work?
2 - I like these things are additional to the installation?
3 - a bit about this new possibility to explain how to solve the case to get out of the red.
Does anyone know any open source tools that will scan cgi programs for exploits? Specifically for exploitable formmail scripts.
View 0 Replies View RelatedI have noticed over 10 sites hosted on HostFresh which are abusing my copyright and stealing softwares from a company which I'm affiliated with I sent hostresh email to abuse@ however no actions was taken its been almost a month since I sent the email out.
I asked them nicely to remove that infringing site but they do nothing I sent them another email today Waiting to see what happened and I wanted to bring this here for some advice what should I do if they do nothing after another month? I'm not much expierenced with this but the company is loosing a lot of money and I'm being pressured, hiring a lawyer is a lot of money too so I tried to get it fixed with emails but they dont want to help me solve this.
I know theres a hostfresh rep here
I have a cpanel 11 server with php 4.4.6 installed. my site use php scripts and one day even if the file was not edited, not touched at all , i get errors like
Parse error: syntax error, unexpected ']' in /home/xxx/public_html/wp-includes/post.php on line 37
I checked and could find a lot of illeagal characters in my php file. See below. for post_status , it became post_statuó and edit_date became edit_date<8d>. If you read through the code, you can see a lot of illegal characters. This is why i get parse errors. I had to replace the file from backup and the issue fixed. But this problem continues to occur for more files and i can't find a reason for this. Again I am the only one with access, I use BBedit to edit php files when needed in Mac OS X, and beleive I know what is being edited and again, those file which gets errors does not need to be edited for nothing, not even to modify wordpress.
======================================================
iN ( 'draft' == $post['post_statuó'] && empty($postarr['edit_date<8d>]) && empty($postarr['post_date¯]) &&
('0000-00-00 00:00:00' == $post['post_date']) )
$clçar_date = true;
else
$clear_nate = false;
// Merge old and"new fields with new fields overÃriting old ones.
$postarr = arRay_merge($post, $postarr);
$poytarr['post_category'] = $post_cáts;
if ( $clear_date ) {
$poótarr['post_date'] = '';
$postërr['post_date_gmt'] = '';
}
éf ($postarr['post_type'] == 'at|achment')
return wp_insert_atÃachment($postarr);
======================================================
What type of free email scanner gateway that you are using? I am using SA, Clam and Qmail. It's a little old and w/o the GUI for client to manage the settings.
I'm thinking to switch to something with GUI. Perhaps the combination of Exim, SA, Clam, MAilScanner and a GUI.
i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.
my server os : linux Centos 5
I am not a web host. I do have my own server that I host my company sites on and some of my friends use it as well.
I had someone ask me if I could host about ten pages on my server for him. He said the following," Hello. What is your base hosting price... say for a dozen page static site? (making some Page Rank sites on different hosts to mask the connections to my main website)"
This question gave me an uneasy feeling, but then again I am not familiar with this tactic. I have two questions since the above was asked.
1. Is this illegal by search engine rules.
2. Can my websites be affected if it is.
I saw a website a few days ago hosting Warez and hacking, But they wasn't directly download from there website. They was only linking? is this illegal in the UK just to link to warez, Like to rapidshare, megaupload, etc..? Whats there law like?, Can anyone explain if this is a good idea or not?
View 10 Replies View RelatedI would like to know how resource intensive is ClamAV Scanner. Should I allow it or not to my VPS clients/resellers?
Can I set it to use it as root? How?
I wonder which virus scanner software is useful for Unix server(Centos 4.5). One of my client install SMF forum and when visitors access the forum,their virus scanner warn that site is affected by trojan. I used Clamav to scan entire home directory but seem nothing found.
View 4 Replies View Relatedi have managed server. just i want sure if it is secured.
i want company to test my server, Security Scanner.
and give me report about my bugs.
Anobody knows appropriate rules to block Acunetix scanner to crawl my sites?
View 8 Replies View RelatedAre there any vulnerability scanners that search the local file system for vulnerable apps?
I don't need an external scanner. I want to scan all my users home dirs for bad apps - old coppermines, phpbb, etc.
I've not been able to find anything like this.
How would I go about reporting a website for illegal hacking and other activities?
Their host is fully supporting them. They have even given them the ip address of the proxy I used, in which case the client of theirs have added the proxy to their htaccess deny list.
Anyone use this poorly coded thing?
Goolag Scanner coded by CULT OF THE DEAD COW/cDc communications
Ive been using it for a bit, but i don't have any vulns on most of my box's.
Anyone else find this thing effective?
Ive passed it onto a few clients, seem to entertain them doing there own basic google powered security scans.
Here is a quick download; Goolag_Scanner_1.0.0.40_Setup.exe
Ive pulled a few results on other large sites, some interesting data thats spread out on google, strange how the crawlers get into it?
1.2 Software
To understand Goolag Scanner, it is important to understand how "dorks"
work (see 1.4) and with that, to establish the use of dorks as an
acceptable tool for information security experts, penetration testers,
and practical paranoids.
1.4 Terms And Abbreviations
* Dork = A detailed search pattern - heretofore used with Google's
search engine - that uses Google to show untapped results for web
sites previously indexed by Google.
The intention of a dork is to find results that might show
information relevant to security issues and/or confidential data.
From our point of view, dorks are not limited to Google. Frankly,
they are malicious patterns that apply to most search engines.
* gS = Goolag Scanner
* cDc = CULT OF THE DEAD COW/cDc communications
i installed the latest version of the mail scanner on my linux server. It has been tested to be scanning and running properly. But one thing that is unusual is that the emails that is being processed by the mailscanner does not get tagged as its being processed by it. Hence i do not really know whether it has been processed.
When i check the email full headers, i am missing information like spam score, spam information and spam status. I did a check in the mailscanner.conf and the configuration was done correctly.
how can we set these information to show on the email header that it has been processed.
Last week my brother puchased a CD which promised contains thousands of unique templates through [url]
He sell it locally for Indonesia market and leave no contact info.
He showed me and I'm surprised that what did guy did is copied from all sources included templatesmonster.com majority which is available alot of through the net (example: [url]burn it into CD and sell it illegaly.
I reported the site to hostgator.com and got the followin reply:
---------------------------------------------
Hello,
Since there are no templates on the site, you will need to provide evidence of this some how.
Regards,
Richard F.
Network Security Administrator
ISP Blacklist Administrator/Level 3 Systems Administrator
PGP Key: [url]
---------------------------------------------
I'm not trying to bash HG, but I need your opinion: is the HG respond is already correct?
So learn from the same thing, if I set a website sell cracked properties and only delivery the product through CD or email (not downloadble one) I can host it with HG as long as no offensive files in their server? Or in this case HG just ignore it because could not understand Indonesia languange?
i'v sent to sharktech.net - rackvibe.com / an emails since a week about an illegal hosting on thier ircd services, but can i know why the identity theft irc servers is still running?
i have sent to both abuse emails to:
abuse@rackvibe.com
abuse@sharktech.net,
from a differnt email addresses with a hope to see a responce, but they never did.
i wounder how the both companies feel when people credit cards and thier bank accounts are being sold and traded under thier service.
i'v sent to sharktech.net - rackvibe.com / an emails since a week about an illegal hosting on thier ircd services, but can i know why the identity theft irc servers is still running?
i have sent to both abuse emails to:
abuse@rackvibe.com
abuse@sharktech.net,
from a differnt email addresses with a hope to see a responce, but they never did.
i wounder how the both companies feel when people credit cards and thier bank accounts are being sold and traded under thier service.
i have a problem with my server it wan't boot, i get the following error on /tmp
fsck.ext3 e2fsck_read_bitmaps illegal bitmap block
how can i fix?
I have a file named dos-1.2.13.4 (i changed the IP address in purpose) inside the log and inside the file there is a 4 digit number that is constantly changing. more
[root@myserver]# more dos-1.2.13.4
8726
What is 8726?
Looking for an VPS provider which allows IRC network provider, currently host a network on a shell account but want to move to a VPS for more control, don't want to host it on any of my current dedicated which allow IRC access.
View 12 Replies View RelatedIs there anything that takes the concept of a CDN (localised content delivery), but applies it to dynamic stuff like PHP and databases, syncing across worldwide servers as necessary? It'd be nice to deliver the entire site in a localised manner.
I'd imagine Google does something like this for their own sites, and maybe other large companies too — but I have no idea if such a technology exists in the consumer space.
I can see it being a logistical nightmare having to keep all versions of the database in sync, so it wouldn't surprise me if nothing like this exists.
i have two domain names:
domain.net and domain.com
I want to transfer the FTP content of domain.com to domain.net without havin to do it manually, (transfering data to my PC via FTP and resending it again)
Is that possible in WHM? and How?
Will it work with "Restore a Full Backup/cpmove file"?
My company provides various reports and dynamic website content to clients whose websites we design and host as well as to clients who have their sites designed and hosted elsewhere. We do not want people to be able to easily link to our content or bring it up in an iframe or whatever unless they are a paid subscriber. We would like to be able to limit the content to the domains of paying clients and keep it from displaying elsewhere. Note also that out of several reports, publications and content we offer, clients can mix and match, subscribe to just one element or all of them (The subscription levels are managed by us on the back end.)
Currently we have a system that is built in Perl/Postgres SQL and it is problematic(constantly failing and not very secure) Also it requires that the content be loaded into an iframe on the client's site or linked directly. We would like a solution that is PHP-based and can talk to our existing database. We would also like to be able to display the content on the page without an iframe so it is more search engine friendly, etc.
An off-the-shelf solution would be preferable if one is available - and we like to support the open source community.
I am aware that modern-day browsers support decoding GZIP-encoded content, such as a GZIP-encoded JavaScript file.
Apache supports delivering content like so, however, the server-side must generate the file, then compress, and then deliver.
So I was wondering, is it possible to GZIP the files ahead of time and then allow Apache to deliver them in their compressed state.
I am planning to do this only for static content (images, css and javascript).
I know, it could depend on the company, where you have your vps. So it is a general question. Do I have to take care, which content I put on the machine, assuming that it is _not_ illegal, at least in the European Union? So I do not mean illegal mp3 or warez.
But what about erotic things. For sure, I do _not_ mean hardcore-pornography, but I think of erotic paintings, which you can see in Europe at prime time on tv and these paintings got prizes already, while in other parts of the world, it would be banned.
So do I have to check this exactly before a sign-up?