90 Percent Of Websites Vulnerable To Attack

Oct 22, 2007

[url]

I don't have a clue what WhiteHat is talking about in this article. Could some of you technical people please decipher it, and explain the vulnerabilities in language that webmasters can comprehend who aren't computer scientists? Because then we might be able to figure out how to protect our web sites from being hacked.

View 14 Replies


ADVERTISEMENT

Mysqld Using 100 Percent Of Cpu

Apr 10, 2007

I've got a strange situation here. We have some software which we run on multiple servers. As of today the software is using 100 percent (sometimes more) of the cpus.

Here is the result from top. It's usually far worse using 100 percent of both cpu's almost all of the time. I just restarted, but the server load is climbing to 20+. Any idea how I can figure out what is going on? The same software on two other identically configured servers runs fine. This server has had no problems for over 6 months, but suddenly this started today. The server is a dual opteron with 4GB of ram. The databases are innodb thus the high memory usage for mysql (innodb buffer pool size)

top - 13:52:54 up 3:14, 2 users, load average: 3.39, 4.42, 6.86
Tasks: 121 total, 4 running, 108 sleeping, 9 stopped, 0 zombie
Cpu(s): 66.1% us, 1.7% sy, 32.2% ni, 0.0% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 4090568k total, 3077004k used, 1013564k free, 52748k buffers
Swap: 2096440k total, 56k used, 2096384k free, 1796632k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
11871 mysql 15 0 2581m 1.0g 3844 S 96 26.2 13:05.73 mysqld
7569 root 39 19 8048 2024 1304 R 65 0.0 32:27.49 http
11984 apache 15 0 152m 14m 5860 S 12 0.4 0:24.27 httpd
11990 apache 15 0 152m 17m 8376 S 9 0.4 0:14.31 httpd
12002 apache 16 0 153m 15m 5408 R 6 0.4 0:08.60 httpd
12040 apache 15 0 152m 17m 8524 S 5 0.4 0:03.86 httpd
11966 apache 15 0 153m 17m 8280 S 3 0.4 0:22.99 httpd

View 14 Replies View Related

SSL Installation 90 Percent

Jun 5, 2007

i have a question concerning SSL surfitup.us is my domain. Now when you go to it, it doesnt show the lock button on the bottom to show that it is secure.

I would like to be able to use https.

In the site i have my icon fro go daddy saying is real.

how to get those two things working?

View 11 Replies View Related

ImageMagick :: Version Is Vulnerable

Sep 23, 2006

I installed ImageMagick via yum on my CentOS 4 box. It is version 6.0.7

When using gallery 2, I received a warning message stating that this version is vulnerable (low risk but still) and was wondering if there was anyway to update this past 6.2.2

I tried to do it manually by compiling from source but the composite part of ImageMagick never works...the identify and convert are recognized.

Is there an easier way....a RPM for RHEL 4 I could use?

View 1 Replies View Related

Wordpress V2.1 Vulnerable [MERGED]

Mar 2, 2007

[url]
In case anyone missed

View 5 Replies View Related

How Do Websites Get Hacked?

Oct 20, 2008

Every now and then I'll run into a website that has a message that says it was hacked by a certain hacker. How exactly do this? Do they hack into the actual server or do they somehow get a hold of the website owners FTP info?

View 10 Replies View Related

How Many Websites Can Stand On VPS

Oct 19, 2009

how many websites can stand on VPS with following configurations?

I'm asking this because Can I install whm reselling script like whmphp? or WHM Reseller creator?

It enables to create master reseller and whm reseller respectively. So there will be huge number of websites, databases, emails hosted on VPS
So which one to choose?

1.
Disk space - 10 GB
Bandwidth - 200 GB
Burst. RAM - 256 MB
Gurnt. RAM - 128 MB
Max CPU Usage (per CPU) - 80 %
OS - CentOS 5.3

2.
Disk space - 20 GB
Bandwidth - 400 GB
Burst. RAM - 512 MB
Gurnt. RAM - 256 MB
Max CPU Usage (per CPU) -
OS - CentOS 5.3

3.
Disk space - 30 GB
Bandwidth - 800 GB
Burst. RAM - 1024 MB
Gurnt. RAM - 512 MB
Max CPU Usage (per CPU) -
OS - CentOS 5.3

View 14 Replies View Related

How Many Domains/websites On A VPS

Oct 17, 2009

I have a pretty 'beefy' VPS (Future Host 'Titanium' plan, 1Gb RAM, equal share, 750 Mb bandwidth, 50Gb disk).

I'm using it mostly to host relatively small, low-traffic Wordpress sites. Right now, there are about 40 domains & blogs set up.

The majority see only a few dozen visitors per day. A few have traffic around 100 visitors, and 1 or 2 may get up to 500 per day.

My question is, what might be a comfortable limit on domains/blogs I can host before I should start thinking about adding a 2nd VPS?

View 6 Replies View Related

Can't Connect To Outside Websites

Jul 30, 2009

We can't resolve any outside websites, for example wget won't resolve any websites.

elvis:~# wget [url]
--2009-07-30 03:12:15-- [url]
Resolving g-ecx.images-amazon.com... failed: Temporary failure in name resolution.
wget: unable to resolve host address `g-ecx.images-amazon.com'
elvis:~#

How can we debug this? Its just started to do this, before it was fine for months.

We can resolve IP addresses fine.

elvis:~# wget [url]
--2009-07-30 03:18:08-- http://206.251.77.82/~proxy/images/b...ntent-view.png
Connecting to 206.251.77.82:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 241 [image/png]
Saving to: `background-content-view.png'

100%[======================================>] 241 --.-K/s in 0s

2009-07-30 03:18:08 (63.8 MB/s) - `background-content-view.png' saved [241/241]

elvis:~#

View 2 Replies View Related

How Can I Host My Own Websites

May 15, 2009

I have three domains that I want to host myself on my own computer. Two are temporary sites that I only put up on Memorial Day weekend for the Detroit Electronic Music Festival or Movement 09 to direct people to my after parties and the other site is a two page bio site for myself. I have a very tight budget this year and I can't afford to pay for web hosting all year round when these are only temporary sites even though I own the domain names all year round. I do know some of the promoters for the festival do the hosting themselves.

View 14 Replies View Related

Websites Timing Out

Mar 10, 2008

I'm not sure why my brand new dual proc quad core xeon 2.5ghz harpertown gets time out when the server load is under .5

Like it'll be running ultra fast and suddenly, I can't get into ssh, whm, my websites or anything. When I ping it, no reponse. Is it because it restarted itself?

View 4 Replies View Related

How Come The Big Websites Never Have Downtimes

Jun 14, 2008

Just out of curiosity, do the big boys deploy hosting solutions that are different from the ones we know?

They never complain of Network Outages or Hardware failure. How come the likes of Yahoo, Facebook, Youtube and the others are always there any second you need them?

View 14 Replies View Related

How To Access Websites

Jul 24, 2008

Earlier when my client's domain was not resolved he used to easily access his website using [url]

But after putting in the openbase dir protection they cannot access the site anymore.

how can the user view their site when openbase is protected?

View 1 Replies View Related

Types Of Websites

Oct 8, 2008

what are all the different types of websites? i know there's e-commerce, forums, blogs, personal and etc. what are some other types of websites people start?

View 9 Replies View Related

For Streaming Websites

Oct 31, 2008

If one video was ~128MB and I had 800 videos, and if I had 3000 views on each video, then would a 100mbps line be able to handle that?

View 14 Replies View Related

Websites Are Not Loading

Feb 2, 2007

This is a little wierd, I am not able to see any of my websites on my home network, but from anywhere else it seems too load just fine. Even when i go through a proxy site they load. I'm still able to get to WHM and cPanel from my home but the websites themself do not load.

this started happing yesturday and after a few hours it seemed to work again on its own.

View 5 Replies View Related

Some Of My Websites Haf Been Hacked

Jun 8, 2007

i have a reseller account with canaca.com the safe mode &security mode are on! and everythings was great! till those hackers bastards appeared! they somehow could upload a php shell files to my websites! and then they deleted everythings in 4 of my websites!
i contact my tech support and they restored my websites and i checked that there is no shell files! next day,my websites hacked again and there was i php shell files in them!
i deleted those god damn files and i deleted the page that the hackers put in my websites! you security is zero,and we will hacked the entire server.., but after 3 hours the pages returned and the shell files are there! i dont belive that! the
unbelivable this is that when i want to run those php shell files the safe mode stoped them doing anythings! so how can those bastards do what they do?how can they ulpload the files in the first place? is there any soultions to this problem! cause i restored my websites about 3 times now and everyting i restore it they hacked it again and again!

View 13 Replies View Related

Cannot Access Websites

Jan 17, 2007

I think I broke my server. I was trying to install Zend Optimizer, but it didn't work.

After doing some research, I found out that I needed to disable selinux. After doing so, I rebooted. Then I installed Zend Optimizer and rebooted again.

Since then, all my websites have been inaccessible. I can access my server through Plesk control panel, but connection to my websites just timeout.

What can I do to fix this?

Edit :
I can access my sites via FTP as well.

Edit 2 :
I tried starting Apache with the following command :

Quote:

/sbin/service httpd start

...but it keeps on telling me that the service is already in use.
It seems like TCP is bound to port 80.

View 1 Replies View Related

UK VPS For 15 Websites And VPN Server

Jul 3, 2007

i currently have a reseller server in the states but ive seen for the money im paying (and im not using the space actually) i can get a VPS server here in the UK which i can combine for webhosting and other development projects. I am after a UK based VPS for the following requirements:

Host 15 websites

Access the box remotely and dial-in to the box which needs to be configured as a VPN server (the box will act as a router, i presume masquerading on eth0 for the connected vpn clients to go out through the server and onto the net).

Traffic will not be too high, maybe around 75GB per month.

Around 3-4 websites run forums on (small size phpbb) and the other sites are again small and mostly used for email.

I will need full root access and maximum configurability.

Preferably Suse 10 as i have worked with that before but i am open to suggestions on other OS. I need to configure the pppd service and easier this is via the OS the less time i have to dig in scripts and terminal! I wouldnt mind windows but on a VPS this will be a resource drain so i am happy to get more performance from the box by sticking with smaller footprint of linux.

Plesk for website management, or cpanel, i dont mind either way.

I dont however know how much CPU/RAM i will need, what is a sensible amount? I dont think my requirements are too strenuous, what would be a good sensible amount of RAM to select to allow me to host say 50 web sites in future?

I have heard good things on the forums for the following:

a2b2.com
cheapvps.co.uk
1and1.co.uk

I know you get what you pay for so i do need something reliable, but if people say the service from the above sellers is good i will go for them as the price is fantastic. It would be great to hear of other recommendations also.

View 6 Replies View Related

How Do Websites Know IP Addresses

Apr 29, 2007

Does the client tell the site or a third party internet "authority" do so.

I've heard a guy that make a program that keep changing our IP. How can anyone do that?

I thought it requires a proxy to hide your IP. You can't just "lie" to a server right?

View 1 Replies View Related

VPS You Can Host Multiple Websites?

Apr 27, 2009

So with a VPS you can host multiple websites?

Do certain packages come with WHM where you can make an account for each of your domains?

Also, what is the importance of having more IPs? Does having 1 IP allow me to have only 1 site hosted?

View 9 Replies View Related

Multiple Websites On One Server

Jun 16, 2009

we have one dev server that is hosting a website. I would like to use the same server to host another internal website. Can i do that?

I am using Linux centos OS.

View 8 Replies View Related

Hack Erases 100,000 Websites

Jun 9, 2009

Don't know if anyone else saw this.

[url]

Once again points out the importance of backups.

View 5 Replies View Related

Check Websites Before Dns Propogation

Feb 23, 2008

I used to check new websites before dns propagation by adding an entry to windows/system32/drivers/etc/hosts file and used to work perfectly. But now days I think IE7 and Firefox 2 is bypassing the hosts file and the method is not working.

any alternative method to check the website before dns propagation?

View 4 Replies View Related

Websites Email Going To Spam

Sep 16, 2008

I currently have a problem with my websites email going to spam. Most of the mail my website sends out, responses to registration, lost passwords etc...gets sent to spam. I have never used this site to send mass email or newsletters. I was thinking of getting an external hosted email solution, but wanted to know what you thought is the best solution for this and what you use to send out emails from your site.

View 4 Replies View Related

Websites Open Slow

May 13, 2008

all websites on one of my server open very slow..in firefox it just kep saying Waiting.. for at least 10 secs and data is transfered.

contents of my.cnf

[mysqld]
safe-show-database
#old_passwords
back_log = 50
skip-innodb
max_connections = 500
key_buffer_size = 144M
myisam_sort_buffer_size = 64M
join_buffer_size = 1M
read_buffer_size = 1M
sort_buffer_size = 2M
table_cache = 5000
thread_cache_size = 256
wait_timeout = 20
connect_timeout = 10
tmp_table_size = 64M
max_heap_table_size = 64M
max_allowed_packet = 64M
net_buffer_length = 16384
max_connect_errors = 10
thread_concurrency = 4
concurrent_insert = 2
table_lock_wait_timeout = 30
read_rnd_buffer_size = 786432
bulk_insert_buffer_size = 8M
query_cache_limit = 6M
query_cache_size = 128M
query_cache_type = 1
query_prealloc_size = 262144
query_alloc_block_size = 65536
transaction_alloc_block_size = 8192
transaction_prealloc_size = 4096
default-storage-engine = MyISAM
max_write_lock_count = 16

[mysqld_safe]
nice = -10
open_files_limit = 8192

[mysqldump]
quick
max_allowed_packet = 16M

[myisamchk]
key_buffer = 384M
sort_buffer = 384M
read_buffer = 256M
write_buffer = 256M

httpd.conf

KeepAlive: Off
MaxKeepAliveRequests: 100
KeepAliveTimeout: 1
MinSpareServers: 10
MaxSpareServers: 15
StartServers: 10
MaxClients: 150
MaxRequestsPerChild: 1000

View 11 Replies View Related

How Do I Find Out What Websites Are Hosted By Olm.net

Jul 11, 2008

Before I buy a dedicated server I would like to browse other sites hosted by olm.

View 4 Replies View Related

How To Check Websites From All Over The World

Jun 29, 2008

I remember using a few years ago a site where you could plugin a domain name and a report will run showing if the site was vieable or accessible from all different parts of the worls, I forgot the URL does anyone know abou something like this?

View 8 Replies View Related

DNS - Websites Load Very Slowly

Jan 12, 2008

We have an issue with websites load very slowly in a new server (centos) and we recieve an email from the server stating the following:

IMPORTANT: Do not ignore this email.
The hostname (ns.domain.com) resolves to . It should resolve to
xx.xxx.xxx.90. Please be sure to correct /etc/hosts as well as the 'A'
entry in zone file for the domain.

Some are all of these problems can be caused by
/etc/resolv.conf being setup incorrectly. Please check this file if
you believe everything else is correct.

You may be able to automaticly correct this problem by using the ' Add an A entry for your hostname ' under ' Dns Functions ' in your Web Host Manager

and when we restart "DNS Server (BIND)" or "named" we get as part of the output the following:

view localhost_resolver: received notify for zone 'domain.com': not authoritative

Please find below the contents of /etc/hosts , /etc/resolv.conf and /etc/sysconfig/network:

/etc/hosts:

::1 localhost6.localdomain6 localhost6
# Do not remove the following line, or various programs
# that require network functionality will fail.
XX.xxx.xxx.90 ns.domain.com ns
127.0.0.1 localhost

/etc/resolv.conf :

#domain domain.com
#search domain.com
#nameserver 127.0.0.1
nameserver xx.xxx.xxx.92
nameserver xx.xxx.xxx.93

/etc/sysconfig/network:

NETWORKING=yes
NETWORKING_IPV6=yes
GATEWAY=xx.xxx.xxx.xx
HOSTNAME=ns.domain.com
DOMAINNAME=domain.com

So what could be wrong with the above settings?

View 5 Replies View Related

Hosting Clients Websites

Sep 30, 2008

I'm going to be hosting my clients websites and I was wondering how to calculate how much bandwidth / space I should make available to clients and also how much to charge for hosting / maintenance.

View 11 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved