Mod Security Rules / Install Method

Feb 7, 2008

I see that mod security is an option in whm > apache compile. Is this a good (and improved way) of install modsecurity over the old cpanel add-on from back in the 10x versions?

Also, can someone point me to really tight, yet reasonable mod security rules for these server settings?

#1
centos
cpanel with phpsuexec
apache 2.2
php 5
mysql 5
a few shared domains (main business box)

#2
centos
same as above, but apache 1 / php 4 / mysql 4
(shared / reseller hosting server)

View 1 Replies


ADVERTISEMENT

Mod Security Rules

Aug 2, 2007

I really want to know some importent mod_security rules that can come in handy to avoide hackers

I am using apache1

any good rules will do just fine

View 3 Replies View Related

Good Rules For Mod Security / Apache 2.2x

Dec 31, 2007

Anyone can give me good rules for apache 2.2.6 / Cpanel , i'm new with this, i've use Apache 1.3.x before.

View 0 Replies View Related

Do I Need To Use Iptables And Create Some Security Rules?

May 6, 2009

If I buy a web server (Linux), Do I need to use iptables and create some security rules?
What types of rules?

Is it suggest use modsecurity for Apache?

If I host 2 sites (2 wordpress blog), what are better rules?

View 14 Replies View Related

Mod Security Rules And Hacking Attacks

Nov 15, 2007

I have a problem with a hacker from China. He keeps uploading 4 files to my server:

mail.php
mysql.info.php
footer.txt
header.txt

He did this with 4 different accounts so far.

I have mod security installed with the ruleset from gotroot.com but it doesn't help. Now my questions:

1. Where can I download the mod security core ruleset (is it helpful anyway ?) I already found this page [url] but I do not see a "download here" link anywhere... I found the link that points to [url] but then I do not see the mod sec ruleset anywhere...

2. The rules on gotroot.com have not been updated for a long time. Are they still useful ? What do you think ?

3. Any other sources for good mod sec rules that may resolve my issues with PHP exploits.

View 7 Replies View Related

MOD Security INSTALL

Jun 22, 2009

to install mod security in ubuntu BUT I CANT.

IT SAYS THERE IS NO PACKAGE etc.

What commands to use?

View 14 Replies View Related

Is It Really Useful To Install ConfigServer Security & Firewall On Server?

Jul 15, 2009

I heard that CSF firewall will block the ips but still its useful to install? or is there any other method to stop to automatically block the ips from csf? Just want to know about it.

View 14 Replies View Related

What Is Best Method To Secure The Tmp?

Nov 3, 2009

What is best method to secure the tmp?

1. /tmp mounted as noexec,nosuid?

2. creating /usr/tmp directory?

View 1 Replies View Related

Backup Method

Apr 3, 2009

I was wondering what is the best backup method for 2 servers with over 3TB of data? Need the best backup solutions so if something happens sites are easy to get back online.

View 14 Replies View Related

Method Not Allowed

Nov 11, 2008

I have problem on my server that is when I try to download backup or when I try to upload vb froums producet I recive this message:

Method Not Allowed

The requested method GET is not allowed for the URL /backup-11.4.2008_18-10-25_ashaq.tar.gz.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

so what should I do to solve this problem?

View 11 Replies View Related

VPS Backup Method

Oct 22, 2007

With a Linux/cPanel VPS, what is the best backup method?

Cpanel FTP overnight of every account to a remote backup service?

Is their a more efficient and less bandwidth consuming method for VPS's?

View 14 Replies View Related

Best Reliable Method For Backups?

May 5, 2009

which is the best reliable method for backups?

i own dedicated server along with cpanel and i want to make weekly backups of about 20 domains in the server.

I have NAS but all files got corrupted (with theplanet) and so i cant rely on it. Please suggest me a inexpensive solution.

View 2 Replies View Related

Virtuozzo SLM Method Alternative?

Aug 5, 2007

I run special software that is similar to a gaming server. It operates mostly in SWAP memory because 99% of the time its idling. Each instance uses about 5MB of physical memory and 50MB of SWAP memory. So I am using about 2000MB (2GB) of SWAP memory and 250MB of Physical memory. To my understanding, most Virtuozzo VPSes count SWAP memory as apart of the burstable memory , so finding 2GB of burstable is not likey or cheap.

Virtuozzo with the SLM method of handling RAM seems to be my only option because it allows for no set limit of burstable RAM. I am wondering if there is any other method or technology that could allow me to actually use high amounts of SWAP memory, as it should run from the hard-drive, not taking up the faster physical memory.

I am currently consider XEN servers, but I was unsure if they could handle the SWAP I need, I emailed Ray at BigVPS.com and he stated his XEN servers can handle my requirements, but would need an extra $5 for the extraneous SWAP usage. Is it true XEN can handle what I need?

View 5 Replies View Related

Method To Transfer A Site

May 14, 2009

Anyone have any tips as to the best way of transferring a website from one server to our server?

I have a successful way right now, but it's extremely tedious and time consuming.

View 4 Replies View Related

95% Billing -- Is There A Standard Method

Sep 5, 2007

I just got hit with a whopping bill by my provider, and noticed they charged almost twice the bandwidth I was showing in my Cacti graphs.

I looked at the graphs they provided, and it seems that rather than averaging in/out bandwidth on the swich port, as the default Cacti installation does, they were treating in and out as separate switchports and totalling the bandwidth (at least I think that's what's going on).

Just wondering if this is a standard practice among providers. Attached are my and my provider's graphs.

I've been with these guys for years and never had this problem, until I had a big spike in incoming bandwidth which apparently skewed the usage. Prior to this, overrage charges have always matched bw shown in my Cacti graphs.

View 12 Replies View Related

Best Backup Method(s) For Archiving Data

Jul 20, 2008

I was hesitant to even post this because I've been on the net for so long, that and I know just about every method out there. However, large corporations obviously can't live with loosing data so I figured I'd see what everybody else is doing out and figure out my next battle plan for archiving data.

Here's what happened. I had triple backups of some data. I burned them twice on DVD (yes, two DVD's of each archive) as well as had them on a WD hard drive. ALL are dead or unreadable. I had the discs in a DVD binder and they were never touched for a good 5 years. I put them in a player (multiple players) and only certain parts were read.

Other parts came up with errors. (Yes, I'm aware there are companies that offer recovery for both CD/DVD and Hard drives, but they always charge a fortune and in some cases, aren't worth it). This was Memorex media btw which might of had something to do with it, but at the time I thought it was the best. Next I went to the hard drive. This was stored in a room temp house over a good 5 years and when I plugged it in to a computer's IDE port, nothing. Not sure exactly what's wrong with the drive and I'm sure it could be fixed and recovered, but once again, that's not my question.

My Question: What methods are you using to store your archives over long periods of time? Any recommendations on hardware? I'm thinking of DLT Tape backups and of course doing RAID next but don't want to run into the same problem in 5 years. How can I sleep at night (which is already impossible) knowing that in 5 or 10 years when I'm ready to get into my backups that they will be there?

What are you doing and what do you recommend? Better yet, what the hell is Hollywood doing to keep all their music and movies safe?

View 3 Replies View Related

Best Method Of Offering Clients Hosting?

Mar 25, 2007

I'm in the process of forming a web development business and am currently interested in learning the various methods of offering 3rd party services and accounts. How to offer hosting is my current dilemma; I can of course refer the client to a host and receive a referral kick-back, but the idea of reselling hosting accounts is also appealing, though I have no knowledge currently as to how this works, and I'm basically just curious how other's manage this aspect of the business. I do not mind offering customer service on hosting accounts, so this is not an issue

View 5 Replies View Related

Dedicated Server - Paypal Payment Method?

Oct 11, 2008

I need a dedicated server for the following specifications

RAM: 1- 2 GB
Speed:10 Mbit or more
OS:Linux (Centos/Debian/etc. or Windows )
Control Panel : Plesk/Cpanel

Budget Range:$90-$130

Payment method: Paypal

1 &1 suits my needs but there are many bad reviews about it

what's your take on that?

I need a good dedicated server provider like Softlayer (in terms of everything) who is in this price range..

View 10 Replies View Related

DNS / Bind - Easiest Method To Redirect A Domain To Another

Jan 2, 2007

I've got two domains (for sake of example, domain A and domain B). Domain A resolves correctly to my web server. Domain B is just sitting collecting dust. I didn't set these domains up, a previous programmer at my job did.

How do I configure resolv.conf, named.conf and the zone file(s) correctly to have domain B redirect to domain A?

I've already set up httpd.conf so that any requests for the host name of domain A will redirect.

e.g. [url]-> [url]
I just need the DNS part of this fixed (that I'm a bit of a noob at).

Do I have to do something like this in named.conf:

Code:
zone "domaina.com" {
type master;
file "/var/named/domaina.com.hosts";
};

zone "domainb.com" {
type master;
file "/var/named/domaina.com.hosts";
};
Then in the domaina.com.hosts zone file add an alias like this?

Code:
domainb.com. IN CNAME domaina.com.
Or do I need to create a domainb.com.hosts zone file with basic info emulating domaina.com.hosts zone file, and add its entry in named.conf?

View 2 Replies View Related

What Is The Best Method To Protect My Server From Data Lost

Jul 3, 2007

I have dedicated server at GoDaddy and I am hosting very important web service for our company. We have only one HDD on server and no FTP backup. What is the best method to protect data and whole server from HDD crash? Is it enough to add second HDD?

View 8 Replies View Related

DNS / Bind - Easiest Method To Redirect A Domain To Another

Jan 2, 2007

I've got two domains (for sake of example, domain A and domain B). Domain A resolves correctly to my web server. Domain B is just sitting collecting dust. I didn't set these domains up, a previous programmer at my job did.

How do I configure resolv.conf, named.conf and the zone file(s) correctly to have domain B redirect to domain A?

I've already set up httpd.conf so that any requests for the host name of domain A will redirect.

e.g. [url]
I just need the DNS part of this fixed (that I'm a bit of a noob at).

Do I have to do something like this in named.conf:

Code:
zone "domaina.com" {
type master;
file "/var/named/domaina.com.hosts";
};

zone "domainb.com" {
type master;
file "/var/named/domaina.com.hosts";
};
Then in the domaina.com.hosts zone file add an alias like this?

Code:
domainb.com. IN CNAME domaina.com.

Or do I need to create a domainb.com.hosts zone file with basic info emulating domaina.com.hosts zone file, and add its entry in named.conf?

View 9 Replies View Related

Apache :: Preferred Method For Centralizing Logs

Mar 23, 2015

Which method do you prefer for centralizing your logs: file monitoring or Pipe to Logger?

View 4 Replies View Related

Recompile Apache :: Your Operating System's Rpm Update Method (yum) Was Not ..

Aug 29, 2007

i tried recompile Apache to install

--curl
--curl ssl
--mcrypt

by running /scripts/easyapache

then i get the error below. Can anyone help me out? i really dont know what todo here.

Checking Update System........Your operating system's rpm update method (yum) was not able to locate the glibc package. This is an indication of an improper set up. You must correct this error before you can proceed.

View 14 Replies View Related

Fasttest Method To Migrate 300G Cpanel Server

Oct 7, 2009

How do you handle migration on big servers with 300G disk space of cpanel accounts?

Last time we did one for 100G disk space, took us 72 hoours due to accotns on server are alive working

View 12 Replies View Related

Replacing Or Upgrading Hard Drives...remote Method

Dec 20, 2007

I want to try something different on our methods of replacing or upgrading hard drives.

I want to be able to do most of it via our KVM/IP instead of babysitting the server(s) for so long in the DC.

My thoughts are, how can I add the new hard drive in the DC, and move the data over via the KVM/IP. Can this be done with just a raw drive added (no new setup) using DD or even rsync, or is it better to setup a new installation of CentOS on the new drive, and use rsync to move the data over. Then how do I get the proper drive to boot until I go back into the DC to remove the bad or old drive? I'd be interested in how some of you folks are doing this, as far as what's easiest and could be done over the KVM/IP once the new drive is connected.

Or on systems that have 2 drives with cPanel/WHM, how can we temporarily on an emergency basis untilize the backup drive to do a new setup, copy the data over from the drive that is failing, then just replace the bad drive as a backup drive next time you go in the DC? We have an external USB CD in place to allow remote installs...just curious if anyone does something like this or has ideas how we could make this work.

We use cloning software now, but can end up babysitting a clone for a long period in the DC like this.

View 3 Replies View Related

Mod_Security Logs Showing Method Is Not Allowed By Policy

Jan 24, 2008

I have mod_security setup in WHM and am seeing a lot of these entries for various IP's.

Access denied with code 406 (phase 1). Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required. [id "960032"] [msg "Method is not allowed by policy"] [severity "CRITICAL"]

View 7 Replies View Related

Best File Sharing Method Between CENTOS/LINUX Servers

Apr 16, 2007

What is the best way to share files/folders between centos/linux servers?

View 7 Replies View Related

Prefered Method Of Network Redundancy (Server Connectivity)

May 16, 2007

There are several methods of offering network path redundancy. The basic decision for me has come down to:

Do it at Layer 2
Do it at Layer 3

At the moment we have layer 2 redundancy to each server. 2NICs on the server up with one having the IPs for apache/mysql/etc. each nic going into a seperate switch and the switches connected together, with 2 routers running VRRP to handle the gateway.
Everything is Vlaned.

So basicaly the switch redundancy is done by spanning tree and the IP redundancy is done with a process on the router/server to move the IP to the other router/server NIC if there is an issue.

I am thinking about going with 2 fully seperate networks. in differant subnets. where each router would have a gateway. the routers would talk to each other and they would speak OSPF or ISIS with the servers. This way I would move hosting onto loopback IPs on the servers and those loopback IPs would be advertised to the both routers through seperate networks.
Again everything would be Vlanned.

This has the advantage of getting rid of spanning tree which has caused issues from time to time. It would keep redundancy up and we could standardize on the routing daemon ran on the servers allowing all of the various OSs we run to have the same basic config for network redundancy. Where now each OS tends to have its own solution. This would make life easier from a config and troubleshooting point of view.

View 2 Replies View Related

Joomla Security / Linux Security

Apr 4, 2008

I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.

When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.

However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.

Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.

View 10 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved