Have You Really Secured Your Hosting Server
May 18, 2008
some hostings around WHT have a small "feature" enabled on all shared or reseller servers. This feature allows read/write on local files. Php safe mode or open_basedir won't help here
CREATE TABLE data (text LONGTEXT);
LOAD DATA LOCAL INFILE '/etc/named.conf' INTO TABLE data;
This SQL query allows me to load local 'named.conf' to mysql database.
Code:
SELECT text FROM data INTO OUTFILE '/etc/file';
This SQL query allow me to write data from mysql to local file.
Last year I bought some shared and reseller packages, it worked 100%. None from 17 providers have disabled it. Also some of them are well known and big.
I've wrote emails to them, reported this "feature", hope they have disabled it ;-).
To disable add to my.cnf file :
Code:
[mysqld]
local-infile=0
View 12 Replies
ADVERTISEMENT
Sep 16, 2008
I tried searching around but maybe someone can steer me in the right direction.
I, as probably many other people, are in an interesting predicament.
I love my VPS right now...however obviously since I started with my VPS I'm about to out grow it, with the amount of power that I need.
What I'm looking for is a server which is completely managed, completely secured (some sort of active virus scanning), however I can get in there and have complete control like I would with my VPS, but obviously with more resources.
What I'm looking for is:
2-4GBs of ram
Pentium D (minimum) up to a Xeon 3220 SINGLE processor
1000 - 2000TB / bandwidth
100mb/s uplink
Windows 03 would be great, I'll settle for CentOS though
Budget max is $170/mo.
View 13 Replies
View Related
Mar 29, 2009
how to check if you host has made their job correct ?
We are looking into a PCI scan just because of the security, we do not need to be PCI compliant, but the security standard is what I believe the most reliable to stick to.
View 1 Replies
View Related
Mar 30, 2009
It has come to my knowledge that SSL certificates that use the MD5 algorithm have been successfully hacked and are vulnerable to attacks. Only Verisign (owners of RapidSSL since 2006) have stated that they have stopped using MD5-signing for RapidSSL certificates, and will have phased out MD5-signing across all their certificate products by the end of January 2009
View 7 Replies
View Related
Jun 12, 2008
My VPS provider just setup and delivered my new VPS ;-)
He also optimized and secured it.
These are the details of the setup he did:
Cleaned up /etc/hosts
SSH Server Hardening
PHP Hardening
Advanced Policy Firewall (APF) With IP Blacklists Configured
APF Add-on - Brute Force Detection (BFD) Dos/DDoS Prevention
Basic Apache Optimization
Basic MySQL Optimization
Is this enough or should i do more to let the VPS run smoothly and secure?
View 7 Replies
View Related
May 31, 2008
There has been a recent rash of Windows 2003 customers being hacked and having "UTorrent" installed, as well as having their Administrator password changed, rendering the server inaccessible.
At the moment, we have yet to determine the vulnerability in Windows allowing the hackers to breach the systems however we believe it is related to RDP.
We highly suggest you are complying with the following, to lessen your risk of having your server compromised:
1) Run RDP on a non-standard port
[url]
2) Run a software firewall on your machine, blocking ALL unnecessary ports on your server. You should only have the bare minimum open.
3) Limit any non-public access to your IP and trusted IP's only. This will prevent any other outside networks or servers from reaching your machine through ports which are not meant to be public (http for example)
4) Ensure you have FULL updates for your Windows O/S, immediately.
5) Ensure any 3rd party software you are running, has also been fully updated to the latest version including any patches.
Please make sure these suggestions are implemented immediately to lessen you risk of being hacked by the current wave of exploits.
View 1 Replies
View Related
Feb 15, 2007
Here are my requirements:
A. Space: 1/2 a secured cabinet
B. Location : Bay area
C. Power: 8 amps
D. B/w: 1 Mbps
I got quotes from
A. www.bayarea.net for 1 cabinet with 20 amps $699
B. www.he.net for 1 cabinet with 15 amps $600
C. www.svcolo.com/ for 1 cabinet with 15 amps $695
I am wondering who can give me 1/2 a secured cabinet for around $300 to $400
View 3 Replies
View Related
May 4, 2015
I have installed an SSL certificate on my website since last saturday the 1st of May, and forced redirection to https URLs via .htaccess.
Since then, I cannot see any statistics in AWStats. All values stops after the implementation of the certificate. How can I continue to have statistics for my secured web site ?
View 3 Replies
View Related
Mar 5, 2009
I'm hosting wmv,wma,mp3 files, streaming of video can be done with Windows hosting, but my website script is with php.
Do you suggest Windows Server 2008 hosting or redhat linux hosting?
View 6 Replies
View Related
May 6, 2008
Do website builders generally go with shared hosting or dedicated server? I mean, if they work on several websites would they get a dedicated server instead of shared? From what I understand through reading shared hosting is basically if you only have one website. So one with multiple websites would go with a dedicated server?
View 12 Replies
View Related
Mar 14, 2007
to get the best/right configuration:
DNS records in DNS server and DNS records in Hosting Server.
So, I have one VPS acting as DNS server and few VPS for domain site hosting.
I have it now (working ok) like below but can You please comment if there is something 'extra' or something I should reconfigurate (or delete) to make better performance/clear
ns1. & ns2.server.com are registrated and working ok
DNS server DNS Zone for <customer.com> (cPanel output):
Zone File for customer.com
$TTL 14400
@ 14400 IN SOA NS1.server.com server.server.com
customer.com 14400 IN NS NS1.server.com.
customer.com 14400 IN NS NS2.server.com.
customer.com 14400 IN A 11.11.11.11
localhost.customer.com 14400 IN A 127.0.0.1
customer.com 14400 IN MX [0] customer.com.
mail 14400 IN CNAME customer.com.
www 14400 IN CNAME customer.com.
webmail 14400 IN CNAME customer.com.
ftp 14400 IN A 11.11.11.11
Hosting server DNS Zone for <customer.com> (Plesk output):
11.11.11.11 / 24PTRcustomer.com.
ftp.customer.com.CNAMEcustomer.com.
customer.com.NSns2.server.com.
customer.com.NSns1.server.com.
customer.com.A11.11.11.11
customer.com.MX (10)mail.customer.com.
localhost.customer.com.A127.0.0.1
mail.customer.com.A11.11.11.11
webmail.customer.com.A11.11.11.11
www.customer.com.CNAMEcustomer.com.
View 1 Replies
View Related
Aug 8, 2008
Does a typical LAMP setup for a high enough traffic site(s) take enough resources to affect the performance of a game server? (we'll say 1million page views per day)
I'm speaking of say, 2MB of ram, dual xeon 2.8 type machine, with IDE drives. Nothing too fancy. 1 milion page views per day may be pushing it, so what about say, 200 per day?
Just wondering if anyone has a setup like this and how it fairs out at the game server end. I'm thinking of moving my websites over to my game server + add more sites over time, but don't want it to lag the game. I know as a fact bandwidth would not be the issue, I'm thinking more ram/cpu. The game I host (Ultima Online) uses very little bandwidth with even 30+ people online. I use less then 1% of my link capacity at most times. I've seen it spike to 5% and that's most likely when I was downloading data.
View 10 Replies
View Related
May 17, 2007
Purpose: I want to make my site load faster
Different Options Host images under the same domain - So no additional three way TCP handshake required.
Different subdomain for images - Browser pipelining can be utilized.
Different domain altogether - Browser pipelining can be utilize and also can avoid the site wide cookies with every request.
What is your opinion about this?
View 6 Replies
View Related
Jun 4, 2008
I recently came from a VPS server where my provider gave me the names of their DNS servers which I then pointed my domain name to with GoDaddy.
I recently signed up for a dedicated server and asked my provider for their DNS servers. They replied that I needed to run DNS on my server.
Is this normal for dedicated hosting providers? Do I just need to point my domain to the public ip address on this server or do I need to load/configure DNS on my server? Is there sofware that I need to install?
View 6 Replies
View Related
Feb 26, 2008
I have found few web hosting services with support for:
- ASP.NET 2.0
- SQL Server 2000
Can anybody recommend such a provider with a solid reputation? In addition I should mention my site will be accessed by visitors in Europe (besides the US), how would I know the page load times are going to be acceptable? Do some providers 'specialize' in hosting sites for which a large part of the traffic comes from abroad?
View 14 Replies
View Related
Aug 18, 2008
We'll its time our business finally moved off of the Godaddy $30/month VPS server. We're setting up an eCommerce site with X-Cart and need a better server. Rather than paying $80 or so per month for a good VPS, we're considering buying a server (maybe a Dell) for around $1000 (Dual Core Xeon, 1gb ram, 80gb HDD) and running it off our Bell Business High Speed Ultra 6mb package (with dedicated IP) at our business. I'd likely install CentOS and a free control panel.
What are your thoughts on doing this? The site isn't super busy and we don't use much bandwidth. Would our customers likely have speed issues with the site if we ran off our own connection?
View 14 Replies
View Related
May 27, 2007
.NET hosting that has SQL Server 2000 or 2005.
I also want to know if there are .NET hostings that support SQL jobs or automated tasks (like the cron jobs feature under Linux). All the ones I found don't have this available.
View 4 Replies
View Related
Jul 21, 2006
im looking a free hosting server, let me explain what im looking for, i have some free softwares on my hard drive, i want to host them so other people also downloads these and its give me also a web location to store them in one place, for this im looking a free hosting server which support a great amount of web space and bandwidth.
View 4 Replies
View Related
Sep 17, 2007
I need to make a dns hosting for a client of mine. He will change his domain name nameservers to point to my server.
His website is hosted on another hosting company. On my server I will create all the necessary CNAME and A records to point www on the server of the other company.
My problem is with the MX records though. Because my client owns a local mailserver, (I think it's MS Exchange server) I need to create a primary MX record to deliver all the mails to that mailserver. No problem till here.. But he also needs a secondary MX record in case his mailserver is inaccessible ,so all the mails have to be queued on my VPS and when his mailserver is accessible again to deliver all the mails.
Any idea of how I can configure my dns zones for that?
View 1 Replies
View Related
May 29, 2008
I need a good but cheap DNS hosting service for hosting 4 domains of mine. Any ideas?
View 6 Replies
View Related
Oct 5, 2009
I have built a website based off of The Beer House template/book and am about ready to launch it. I need SQL server 2005, and ASP.net functionality. I will either use the included forum module or am considering a third party forum such as aspplayground.net.
I would like to spend $10-$20/month, I don't mind paying a bit extra to have a fast loading site, but I don't want to spend too much. I would appreciate any suggestions.
The database will handle the forums, the store, the users of course, and a custom database I am building for some vehicle information. To start out the database is not very big (maybe 20mb), but I expect it to grow to support the forums and users, etc.
Also, I have already built a database (mdf) file on my computer through visual studio 2008. Is it true most shared hosting accounts wont allow you the access to copy and paste the database file directly? I don't really want to have to recreate all these tables on the host server.
View 14 Replies
View Related
Mar 25, 2009
I have a client that wants to expand their website with a downloads section that has thousands of files and tens of gigabytes. I'm considering two options:
1. dedicated hosting:
- Is it an advantage to use a dedicated hosting service in the same city as opposed to one in another country?
- How would I go about changing hosting providers if one doesn't work out?
- How would I go about making and restoring backups?
- How does one access a dedicated hosting machine nowadays? Is it still via Telnet or something like that?
2. own hosting
- Do you think it's practical to have a dedicated server and link in company offices?
- Do the benefits of being easily able to change internet link providers and to make snap daily backups outweigh the benefits of a hosting provider's reliable infrastructure?
This dedicated server would only be a file server. The website itself would be on a normal hosting platform that would just redirect users to the dedicated server for the files to be downloaded. How is this kind of thing usually done?
View 3 Replies
View Related
Mar 29, 2009
if im going to open a web hosting business, which processor works best for a server, AMD or Intel?
View 12 Replies
View Related
Apr 29, 2009
I've been getting requests for a VPS hosting from a few clients and I was wondering what everybody's input on the best server hardware configuration for a hypervm server is.
Was thinking something along the lines of the following server configuration:
Quad core processor(s)
16gbs of ram
2x 100GB RAID 1 Main HDD (Do I need this much space?)
4TB RAID 5 VM HDD's
That would allow me to keep the main OS separate and redundant due to HDD failure and leave the VM's on a RAID 5 for the same reason.
What would you change or advise me to do on this configuration? The goal is to host as many VM's as the processor/ram/HDD's will allow without much of a performance hit.
how many we can host with this configuration? Obviously depends on the packages that I haven't thought about yet.
View 14 Replies
View Related
Apr 25, 2009
I want to host a personal FTP server for myself and friends at home. I have 30Mbit/30Mbit unlimited optical fiber net with a static IP, so that isn't my problem. I also know how to setup the FTP on my computer.
The thing I need help with is the domain. How can I make files.mydomain.com be hosted at home while the main domain (and the other subdomains) is hosted by a host? I don't own the domain or a host yet, so I'm open for all options.
View 4 Replies
View Related
Jul 23, 2008
we going to running a hosting company
but not sure how to manage the backup server
Server A = 10 host accounts
Server B = 15 host accounts
Server Backup use rsync to get 25 account
will it be work?
and each domain the name server
ns1.host.com < - Server A
ns2.host.com < - Server A
ns3.host.com < - Server B
ns4.host.com < - Server B
ns5.host.com < - Server Backup
ns6.host.com < - Server Backup
www.abc.com
ns1.host.com < - Server A
ns2.host.com < - Server A
ns5.host.com < - Server Backup
ns6.host.com < - Server Backup
if server A down, so auto point to backup server
so is it work?
View 0 Replies
View Related
Jan 30, 2008
I would like to help my friend to host his email service on my VPS server. His current shared web hosting unfortunately has a quota limit on the number of emails he can send each hour, which is very inconvenient for him.
I know how to modify the MX record of my friend's domain in his current web host using Cpanel, but I don't know how to set up my server to accommodate his email service. I'd appreciate if anyone can teach me how to do it. My server also has Cpanel/WHM installed.
View 4 Replies
View Related
Oct 24, 2008
is there a way that i can have a web server that runs windows server 2003 and be able to have file hosting on it...so people can upload files to it and be able to access it without having to have a domain name?
View 10 Replies
View Related
Aug 27, 2008
I am currently selling hosting from my reseller account. Planning to buy a dedicated server. I will be hosting around 250 hosting accounts with PHP and Mysql on a centos 5 OS with Cpanel. The 250 sites will be controlled by normal terms and conditions that comes with shared hosting. Now I am confused about the configuration to go for:
My Budget is around USD 200 per server.
Here is the config I thought to go for initially:
Xeon 3060 Dual Core
2 x 250 GB SATA II HDD
4 GB RAM
Cpanel/WHM
10 MBPS Port
Then I found this config for 20$ extra.XEON 3220 Dual Core
2 X 250 GB HDD
4 GB RAM
CPanel
10 MBPS Port
will 3060 is a good config or do you think should go for the 3220. Or should I save that extra 20$ and use them to get a hardware RAID 1 for 3060 server...?
View 9 Replies
View Related
Apr 7, 2008
Got a person potentially developing an ecommerce website for me. Part of the agreed price is 1 yrs free hosting on their server. However what are the pitfulls since i am concerned with security (customer credit info), and if anything untoward happens like the site going down.
If a proper webhosting business is required, essentially i need these:
"Linux server with PHP, MySQL, an SSL certificate, register_globals turned on, a c-panel to admin the MySQL"
Which provides a great qualty and cheap service (not godaddy) - if it helps I am bested in the UK.
View 9 Replies
View Related
Jul 15, 2008
on april 19th, we started a new internet radio station and now 3 months later, we're using up over 250GB of monthly bandwidth and have quite some listeners throughout the day. Therefore we want to have more security for our listeners that our stream stays online. I currently just use WinAMP to broadcast to my shoutcast server and CentovaCast takes care of the rest, but if I don't stream, listeners don't hear music and that's becoming a bigger problem everyday.
So I wondered. Can I buy a Windows dedicated server or VPS, install WinAmp on that machine and use a remote desktop to control and configure our stream, like I now do on my local PC? And does anybody has any experience with that?
View 7 Replies
View Related
