How Do I Stop /tmp Directory Hacks
Jun 19, 2008
I'm on a Cpanel/WHM (latest release version) VPS with centos 4.6.
Over the last month or so, I have been routinely having /tmp directory hacks of various types (3-6 a week), often resulting in the processor spiking to 100% and load popping up.
What do I need to do to prevent /tmp directory attacks, but still mantain the functionality that the /tmp directory is intended for?
View 10 Replies
ADVERTISEMENT
Apr 11, 2008
I have read conflicting reports on if you can have "hacks" for your vbulletin on a shared server. Shoutbox etc.
Shoutbox, chat, and forum games are a requirement for us. I wanted to go with a host that offers both shared and vps so I can upgrade as needed. With the addons should I just go straight for the vps? If so, how much ram do I need?
The temp free forum I am using right now is less than two weeks old with over 200 members, 10-30 on at any given time. This is by word of mouth, and as soon as we get set up with vbulletin and a server we will start advertising. We expect to stay on the small side, projecting 5k members with around 100 users average at a time.
View 6 Replies
View Related
Mar 7, 2008
a website/s that you can maybe subscribe to it's emails that will notify you on hacks that are out, and how to prevent them?
I'm already aware of the ways you can secure your server first hand, but I'm talking about notifications that will keep you updated on the newest release of hacks out and etc.
View 6 Replies
View Related
May 31, 2007
I have a situation like this:
There is a directory say, "Master" and inside, "Master" there is sub-directory, "Slave". A user who has access to, "Master" should be able to access, "Slave" automatically. However, a user who has access to, "Slave" should not have access to, "Master". Inside cPanel this type of protection is not possible.
View 3 Replies
View Related
Dec 11, 2008
How do I direct my httpd file to point to:
home/USER/public_html
instead of:
C:Users estetc...
I want to do this to make my test server just like the remote server.
View 5 Replies
View Related
Sep 18, 2008
I want to move the entire contents of a directory tree to another directory.
So for example we may have a directory with 15 directories inside, each directory contains files itself. I want to copy all the files from the directory tree into another directory located somewhere else one the file system. I want only the "files" to end up in the other directory and not the file structure too.
Im running CENTOS latest version.
View 4 Replies
View Related
May 1, 2009
my DNS stop resolving, once a day i need to restart the service in cpanel/whm , what can be done to prevent that ?
its a fresh vps only cpanel is there and 2 domains with no pages just a simple under costruction index page . in CSF i have a Your Score: 106/112 in security , it firewalled and hardened
right now is using 299 of ram out of 512 burstable to 768
View 3 Replies
View Related
Jun 30, 2008
I was wondering if anyone has any methods to stop spammers? Currently i am keeping watch on the mail queue and making sure nothing unsual. I have in WHM configuration setup to not allow more 200 mail messages per account per hour but for some reason it will hit thousands. WHMCS does seem to suspend them automatically or maybe its because of WHM BUT only when its too late.
Any thoughts or suggestions?
View 9 Replies
View Related
Jun 2, 2009
Have a persistent spammer who kept emailing my clients, even non existent domain accounts and getting the bounced emails to be send to a particular yahoo address. I tried to block in all ways but can't seem to stop him. His spams are from all over the world. Any suggestions?
View 3 Replies
View Related
Nov 5, 2009
How to stops the scripts like c99 shell from installing into the server?
View 1 Replies
View Related
Jul 1, 2009
how to stop gunzip -c?
By mistake instead of using gunzip file name on my friend's vps, I had used gunzip -c filename
and its taking hell a lot of time to unzip it, I have no clue on how to stop this and I am scared if I close ssh client, it might be still adding load to the server ..
I am unzipping an 4.5mb file, which on un-compression must be around 14.5mb ..
for the past 10 mins its still unzipping and not sure how long it will go on.. unless I stop it..
View 2 Replies
View Related
Feb 6, 2009
a site i manage for a client is being hacked every couple of days, its not the actual site but the hosts server thats getting attacked, all sites on that server, well actually all thier servers.
They have made no attempt to sort this problem, i report it they look at the site and say "site loads fine for us" which it does.
All index files are having a base64 encode line written after the <body> tag, this adds hundreds of spam links which are hidden with display:none; they also add .html to application types in htaccess for php to run in these files too.
Problem is, i am moving the site to another host but cannot change the nameservers to the new host's untill the client returns from a holiday, so i must keep the site up on the insecure host for now.
I am removing the spam code almost daily, is there anyway i can stop this attack happening for the time being, the host does nothing.
View 14 Replies
View Related
Apr 17, 2009
I have a server that is sending spam, but I can not know who sent because the server not has installed suphp.
There is another option to see who sends spam?
View 6 Replies
View Related
Jul 19, 2009
Is there a way to stop hotlinking? I have a client who has a blog. They have post pics of tattoos. Now there are at least 50 tattoo forums, blogs and other sites hotling to the pics. Now his bandwidth usage has skyrocketed. So enable hotlink protection in his cPanel. Just did a redirect to my main hosting site with a nice please stop hotlink image. Now I see all this in my logs. So I then made a 150 x 9000 clear BG gf with the text at the top please stop hotlinking.
My questions is there any way to stop it. If not should I just make a 1x1 clear gif to redirect to? Also is there a way to not have this traffic show in my log files?
View 4 Replies
View Related
Dec 25, 2008
I want to stop emailing myself
I have received quite a few emails from senders claiming to be the recipients [in this case one of my email accounts]. I did not send these emails. This is happening with almost every email account I have setup on one of my domains.
I know this is probably an easy fix-- I am simply unsure of what it is.
I noted that someone else recently posted a similar question-- with only one response. I wanted to see if another post my garner another response.
View 3 Replies
View Related
Nov 14, 2008
I would like to ask about the best system or software code used to stop bots and offline down loaders from entering website.
View 2 Replies
View Related
May 4, 2008
to stop iptables cause when any user make refresh he is take banned from server
i need to stop iptables or how to make rules for it
View 9 Replies
View Related
Jun 14, 2008
I already enabled awstat in whm features manager.
And it was working till 3 jan 2008!
But statistic doesn't update now!
View 5 Replies
View Related
May 4, 2007
i've a vps with iptables, but i've too much traffic (RX), there are too many packets received from random ports on both upt and tcp. Today in just 14 hours i've 2.8 gib of traffic, without any connection for web, email, etc (i've stopped all the services). How can i stop this? it's going to burn all my monthly traffic
View 5 Replies
View Related
Jun 15, 2007
to stop supporting php.ini files in clients account because they can turn off safe mode or any fucntions and options and they can hack server! how i can stop supporting this files
View 14 Replies
View Related
Oct 19, 2007
For my site email address I get like 500 emails a day.
Is spam assassin really the only method?
View 7 Replies
View Related
Apr 30, 2007
I have a massive spam problem on my server, which I cannot seem to find a cure for. Here is an example of the headers from an example email (from WHM) that is stuck in the mail queue:
Quote:
1HiU0X-0006Y3-O6-Hmailnull 47 12<>1177932329 0-ident mailnull-received_protocol local-body_linecount 78-allow_unqualified_recipient-allow_unqualified_sender-frozen 1177932333-localerrorXX1vrroark@freemail.ru144P Received: from mailnull by host.zaggs.com with local (Exim 4.63)id 1HiU0X-0006Y3-O6for vrroark@freemail.ru; Mon, 30 Apr 2007 12:25:06 +0100045 X-Failed-Recipients: download@host.zaggs.com029 Auto-Submitted: auto-replied058F From: Mail Delivery System <Mailer-Daemon@host.zaggs.com>024T To: vrroark@freemail.ru059 Subject: Mail delivery failed: returning message to sender047I Message-Id: <E1HiU0X-0006Y3-O6@host.zaggs.com>038 Date: Mon, 30 Apr 2007 12:25:06 +01001HiU0X-0006Y3-O6-DThis message was created automatically by mail delivery software.A message that you sent could not be delivered to one or more of itsrecipients. This is a permanent error. The following address(es) failed: download@host.zaggs.com (generated from abraham@keysupplier.com) retry timeout exceeded------ This is a copy of the message, including all the headers. ------Return-path: <vrroark@freemail.ru>Received: from [220.157.245.77] (port=3648 helo=localhost.localdomain)by host.zaggs.com with smtp (Exim 4.63)(envelope-from <vrroark@freemail.ru>)id 1HiU0X-0006Xu-7rfor abraham@keysupplier.com; Mon, 30 Apr 2007 12:25:06 +0100Message-ID: <10fb01c78b19$683b6042$8bc8505a@freemail.ru>From: Noticeable <vrroark@freemail.ru>To: abraham@keysupplier.comSubject: I am 79 years young!Date: Mon, 30 Apr 2007 14:19:48 +0300MIME-Version: 1.0Content-Type: multipart/alternative; boundary="----=_NextPart_000_0000_9E7D5C31.01A57A34"X-Priority: 3X-MSMail-Priority: NormalX-Mailer: Microsoft Outlook Express V6.00.2900.2180X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180This is a multi-part message in MIME format.------=_NextPart_000_0000_9E7D5C31.01A57A34Content-Type: text/plain; charset="iso-8859-1"Content-Transfer-Encoding: 7bit A few words about HGH LifeI have been taking HGH Life for five weeks and there is a noticeable improvementin me overall. Waking up without muscular pain is the most obvious! WhenI run out, I shall be ordering as much as my pension will allow. I am inEngland and am 79 years young!Order HGH Life online ------=_NextPart_000_0000_9E7D5C31.01A57A34Content-Type: text/html; charset="iso-8859-1"Content-Transfer-Encoding: quoted-printable<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><META http-equiv=3DContent-Type content=3D"text/html; =charset=3Diso-8859-1"><META content=3D"MSHTML 6.00.2900.2912" name=3D"GENERATOR"></HEAD><BODY text=3D#000000 bgColor=3D#ffffff><font size=3D"3" face=3D"Times New Roman"><p align=3D"center"><font =face=3D"Arial" color=3D"#009900" size=3D"5"><strong>A few =words about HGH Life™</strong></font></p><p align=3D"center"><font face=3D"Arial">I have been taking HGH =Life™ <strong>for five weeks </strong>and there is a noticeable =improvement in me overall. Waking up without muscular pain is the most =obvious! When I run out, I shall be ordering as much as my pension will =allow. I am in England and am <strong>79 years =young</strong>!"</font></p><p align=3D"center"><a href=3D"http://worldwdefull.com"><strong><font =face=3D"Arial" color=3D"#ff6600" size=3D"4">Order HGH Life™ =online</font></strong></a></p></font></BODY></HTML>------=_NextPart_000_0000_9E7D5C31.01A57A34--
I can confirm that the person who is doing this IS NOT using the 'nobody' user because I am keeping a spam_log for that.
How else is a user able to use our server for spam? Please help as I would like to get this sorted ASAP.
View 5 Replies
View Related
Aug 13, 2007
i have server and on the server 150 website and more
someone upload mailer and send spam to online banking
i want know where this mailer on the server coz my server on nobody
i stoped sending from nobody from Tweak Settings till know what the account sent that and all message in Mail Queue Manager
what the solution?
any script to know that or method?
View 7 Replies
View Related
Apr 17, 2007
I have my own server which I use for my own websites.
I use the following features of WHM -
Creating accounts
Deleting accounts
Creating "packages" for my accounts
Restarting services
...and possibly one or two other items once or twice a year.
I use the following features in Cpanel -
Checking statistics
Adding e-mail accounts
...and possibly one or two other items once or twice a year.
I'd like to break the (small) WHM/Cpanel habit I have and do all of the above via the command line.
Is this a big task?
Where should I start?
View 5 Replies
View Related
Oct 30, 2007
One of the servers have 1 account on, but seems like its extremely attacked. I cannot SSH and many packet loss. so I asked softlayer and they access it and said its a SYN Flood as from the /var/log/messages (I cannot see it as the server is not accessable) they put the main public ip under Cisco guard but still didn't help. when I asked for any solution, unfortunaly I were told there isn't and have to wait the attackers to stop as it comes from MANY addresses that iptables even won't help.
Isn't there any solution (software-hardware) to stop that ?
View 14 Replies
View Related
Oct 8, 2007
This is something that has been playing on my mind for a while now and this may be the place to create a plan.
How many of you are recieving emails advertising pills, viagra etc.
And how many are recieving them from domains totally unrelated to the above, sometimes from even your own address??
Has anyone got any thoughts or ideas about how we can put a stop to this?
View 12 Replies
View Related
Apr 20, 2009
there is a customer who transferred their site over to our servers and has run into some kind of encoding issue.
They have file on their website named:
EXCL%204810_00%20BeefSkewers.jpg
You can see that the "%20" characters are actually part of the file name on the server.
So the problem is that when they try to call the image in a URL:
[url]
It gives a 404 not found error.
We use apache 2.2.x on our servers, and my admins are stuck on how to fix this.
(Besides renaming the files. The problem is that this issue appears to also effect other text in their database that uses various symbols, such as the ", ', and the degree (for temperature) sign...)
View 3 Replies
View Related
Sep 17, 2008
I was using a server from dedicatedbox until last month. And I didn't want suffer anymore from their terrible service (IP taken away/provided less memory then ordered/down time/rarely answered support tickets/refused to fix problem after phone call), so I terminated my server last month. So my server was indeed shutdown as requested.
But after terminating the server, they still keeps sending bills and charing me. I have my credit card charged back the first bill. But seems that they are going to charge me another time this month. I tried to call them, but the phone call wasn't answered.
how could I stop them from making trouble?
View 14 Replies
View Related
Jul 10, 2008
I have CSF installed and working, but when I check the server secuirty it has saslauthd (see below for full message), now is it safe to stop and won't break anything ?
I am running on a VPS with cPanel/WHM
Check server startup for saslauthd
WARNING
On most servers saslauthd isn't needed and should be stopped and disabled from starting, as it could pose a security threat. This service is currently enabled in init and can be disabled using:
service saslauthd stop
chkconfig saslauthd off
View 3 Replies
View Related
Jul 14, 2008
How i can stop Spammer from my server?
my control panel is CPANEL !
what software i must install?
View 4 Replies
View Related