Become my attention when we hire company/people to handle our server due our knowledge about manage dedicated server is low level and we run big site on that server.
Anybody know about tips how to prevent staff from managed service steal our site,even they has been trusted and handled hundred or thousand servers.As we know when we hired them for full managed service,they have our root access.
how i can prevent a site to take a full backup from his Cpanel?
i am sure there is a way to do that from the server
a website/s that you can maybe subscribe to it's emails that will notify you on hacks that are out, and how to prevent them?
I'm already aware of the ways you can secure your server first hand, but I'm talking about notifications that will keep you updated on the newest release of hacks out and etc.
how can we monitor a mail of our staff, if he change the password.
Is there any option in cpanel/webmail to send a copy of that mail to admin.
If staff member receive or send any mail, can admin monitor it?
Don't get me wrong, I really enjoy hosting with CheapVPS.co.uk, but I find their level 1 support staff to be lacking the basic skills required to respond in a helpful manner.
Their typical replies often instruct me to confirm that the problem has been resolved, when in fact nothing has changed; this is just a waste of my time (and theirs).
I would expect that my issue is forwarded to level 2-3 admins when level 1 staff can't provide a sound solution/fix. This is the case sometimes, but not always. Most importantly (and this occurred to me today) level 1 staff should never, in any form, have access to a customer's VPS without prior consent/approval. Maybe I'm coming off as a little paranoid here, but I'm not fond of the idea of inexperienced individuals going through my stuff. Limiting access to just level 2/3 admins can only mean good as far as security is concerned.
I honestly can't recall a time when a good solution was provided by level 1 staff. While I strongly trust Rus Foster and the way he conducts business, I would ask him to take the above into account and reconsider the policies in place.
(I was originally going to paste a screenshot of my last support ticket, but I now think it won't be neccassary as my post adequately conveys my concerns)
A month back i signed up for reseller hosting with santrex, earlier I've had a VPS since a couple of months which i regularly pay for.
The reseller account was however not according to my expectations as i did not get required amount of support as i should have got.
I did not wish to continue with the Reseller account so i simply did not bother to pay the due RESELLER invoice, however i paid the VPS invoice, BUT my VPS account got banned and the reseller went on being active.
What sort of stupidness would you guys call this? Carelessness or slow at understanding? This kind of services can never be expected from a well known host.
I've liked their services, but i must say after this i am really disappointed.
Here's a screen to show things better :
[url]
Can you guys recommend any software that allows you to give certain staff members access to your WHM, but can restrict what they can do in WHM, like they can create accounts, but many not suspend them or terminate accounts?
Here's one software I found: [url]
I'm just wondering why CPanel.net hasn't even made something like this yet?
I have opened an emergency ticket with Midphase/10TB since Dec 23 and until now, no response from support even the ticket was assigned.
The issue is regarding customer privacy which Midphase/10TB leak my direct contract information ( name, address, cellphone..) to 3rd party.
I know it is holidays, but 4 days without reply is very bad.
Anyone have experience the same issue(no reply)?
I've been pretty happy with my servers with theplanet/ev1servers for the past, err, 5 years. But the OSes were out of date and it seemed like I could stand to get some significantly improved hardware for what I'm paying now (or, comparable hardware for a lot less).
I put in a RFQ from ThePlanet to see what I could do as far as upgrading my current server, hoping for something a little better than buying a new server while the old one is up and moving everything over, and also hopefully avoiding re-paying a one-time fee I had for a secondary hard drive.
Now I have no problem whatsoever with the result -- that my only option is to buy a new server, they won't migrate my HDs, and they won't upgrade my current server, and they won't give me any kind of credit for the second hard drive or let me transfer it to a new server. I get where they're coming form, even though it might make sense to figure out something a little better for a customer of 5 years that's dropped about $25k over that time period.
The problem is their sales staff. I'm surprised that theplanet (at least theplanet I remember from when I signed up) would have sales people so apathetic and basically useless.
Getting information I requested in my initial ticket took back-and-forth with a sales rep over the span of over 24 hours (and I still haven't really gotten an answer on one part, about my secondary hard drive). Actually looking at the ticket now, the initial response was over 24 hours after I opened a ticket (and it was opened during working hours).
Heck, the first two responses didn't even include a price for the hardware he wanted me to buy, just if I wanted to proceed and buy it.
Figuring it beats waiting I did one of their instant chats and before answering my questions I was told to be sure to give the guy credit for the servers I order. In fact, him telling me his contact information and to choose him were the only complete sentences I got, and roughly 80% of the communication I received.
I haven't needed support on my server recently, so I can't speak to if this is the quality of their support department now. I don't think I'll be around to find out though.
(Executive summary: Hello SoftLayer!)
Does anyone know anyway that "rm -rf /" can be disabled? OR any selinux rule or something to prevent this?
Or if I wanted to prevent a certain directory from being deleted like backups but something unlike chattr that someone can figure out quickly.
Im sure LOTS of people would like to know about this. Ive searched around and only somewhat useful thing I have found is an rm wrapper that sends everything to a trash file in the root of the mount point.
Attached is a (badly) drawn diagram of two sites, connected by a vpn.
The site to the left, is network 10.0.0.0/24 which runs a linux server as the router for the network.
The site to the right, is network 10.1.0.0/24 which runs a windows 2003 server as the router for the network.
Now, my problem is, the clients behind the windows 2003 server can ping any machine on the first network because i setup a static route to route all traffic to 10.0.0.0/24 over the vpn interface.
now, my problem is, only the linux server can ping any machine on the windows 2003 network, any client behind the linux server cant seem to route over the interface.
I have the following route on the linux server: .....
Starting point: a working site using a shared IPv4, dedicated IPv6, and SSL. HTTP and HTTPS work, the latter only using SNI of course.
The good news: If I simply allocate an IP resource of 1 to a subscription it is pulled from the pool, assigned to the service node, assigned to the web site, DNS is updated, and the site is automatically changed to using a Dedicated IPv4 and Dedicated IPv6.
The bad news: visitors land on the default web site of the service node, with the default SSL certificate.
Other info: I can't ping the new IP, even though it shows in "ip a l" and /etc/sysconfig/network-scripts/ifcfg-eth0:0. [edited]
After the IP assignment, it is still installed, and /etc/httpd/conf/plesk.conf.d/ip_default/domainname.conf shows the new certificate is being used.
However, a second set of VirtualHost entries is created in server.conf for this IP for ports 80 and 443, with NameVirtualHost enabled on the new IP. The port 443 entry uses the default certificate. Apache's setup this default VirtualHost entry will override the web site configuration because Apache is listening on port 443 with the wrong cert.
If I go to "Change webspace settings" and toggle to Shared IPv4, Dedicated IPv6 the site works again via HTTPS, and Dedicated IPv4 and Dedicated IPv6 breaks it again. Setting the SSL cert to None and back again does not work.
Setting the SSL cert to None, changing to a dedicated IP, and enabling SSL results in the server being inexplicably inaccessible...browsers no longer connect to either the default site or the correct site, and I don't see any entries in the vhosts's logs.
is there anyone knows for a good hosting located in uk,which is allowed : adult site and casino betting online site ?
im looking for vps and dedicated server.
please help me i really need as soon as possible.thx
Can anyone share tips how to prevent DNS flood on a cPanel and Directadmin server platform on Centos?
View 7 Replies View RelatedI'm not that techy I'd like to ask why this person downloaded the file below before uploading some phishing webpages on my account ? I've changed my password numerious times from different computers and even from mobile phone just to check if the person can still get in. But again it is no use the person were able to upload phishing pages.
logs:
May 25 21:50:42 server100 pure-ftpd: (weblogin100@62.56.133.36) [NOTICE] /home/weblogin100//.htpasswds/update/Login.php downloaded (21251 bytes, 755.78KB/sec)
Right now I deleted all other scripts on the account and remain some htmls. Folder were also set to 644 no 777, while waiting if the person can still upload his phishing pages please help me why he downloaded the file above. I've check the file on my account and I cannot see Login.php. By the way I have a root login and only two accounts were a constant phishing victims.
I am giving few tips on securing your server against hack attempts. You must check these inspite of other securities like firewall, rootkits detectors etc.
1. Most Important, do not disable safe_mode under php.ini. If any customer asks to disable it, turn it off on his account only, not on whole server.
As most of the time attack is done using shellc99 (phpshell) script. In case safe_mode is off on server and there are public dirs with 777 permission, he can easily hack through.
2. Compile apache with safe mode as well.
3. In cpanel under tweek settings, turn on base_dir, if someone requests to turn off, turn it off on his/her account only. As using phpshell one can easily move to main server dirs like /etc, /home.
4. Do not allow Anonymous Ftp on your server. You can turn it off from ftp config under WHM Service Configuration. If its allowed, one can easily bind port using nc tool with your server and gain root access. Always keep it disabled.
5. Make sure /tmp is secured. You can easily do that by running this command /scripts/securetmp using ssh. But do make sure, /tmp is secured. Else one can upload some kind of perl script in /tmp dir and can deface or damage all data on the few/all accounts on your server.
keeping your server secure from hack attempts.
Does anyone know how to prevent some shell, php script change file name from file.php to file.jpg or file.gif and upload to server and run it to attack server?
View 14 Replies View Relatedfrom 2 days ago until now my server be ddos and i stay in my computer and block ip but it is not finish is a program to do block ip automatic?
View 2 Replies View RelatedWe have been using our L2 switches functionality to only allow IPs that are assigned to a particular server to be accessed for sometime. However, the latest version of this particular switch no longer includes this feature. Moreoever, it is quite a labor intensive task which is not good for "budget" servers.
I am considering moving the rules to the main router, but am afraid of the scalability of this. Will it hold up with a few 1000 servers?
How are other hosties going about this? I have heard that some just don't bother at all, which leaves their clients open to having their IPs duplicated by others on the same subnet. This can't be good....
I run basicly run two main site.
1.Forum big one .
2.File and image sharing site.
(image sharing site generates thumbnails which produces lots of hits)
In these conditions how much difference can lighttpd can do as compared to apache for keeping my 600 MB Ram VPS host constant.
i need any thing to prevent mass download
my server is cost a huge bandwidht monthly . because mass downloading?
I need to know so idea, how to prevent iframe virus injection into the server,also is there is any mod which help in protection for iframe virus.
View 14 Replies View Relatedi have my own box for my forum .. now i shared my box with friend's , but in reall they a freak friend's , just to be in safe brother, am looking to know what function i can disable in php.ini or any problem/tool to prevent anybody / attacker * nobody* permission to move in the server via his shell script..
as we know some attacker's use them own php-shell to hack site's * shared hosting *, so they can move to any account after they know the user account name * /etc/passwd * .. so as i say before is there any good functions to prevent these attacker to move in the server? so i can disable it .. or install any good tool * else modsecurity * in the system to prevent them *nobody* of that?
I try to use mod_security to prevent some script in some files,
imagine I want to block all scripts includes "test" in the body
so if code of script.php is:
HTML Code:
<html>
<p>test</p>
</html>
and someone run script.php , I want block running and show 406 error
now can you tell me how can I write this rule in mod_security 2 with apache 2?
I use SecRule RESPONSE_BODY "test" but its now working ...
I have a cPanel/Linux server, runing apache as a webserver.
i want to know how can i prevent perl/cgi files from working on all virtual hosts on both apache2/apache1.3!
My site was recently under a DDoS attack and was down for a few days, the attack came from Russia i believe.
The people who did it asked for $800, but of course i didnt pay. My hosting company did the best they could in order to stop the attack but it still lasted a few days and badly hurt my rankings.
I moved my site to a dedicated server, but i dont know what kind of software/hardware i need to install on it in order to prevent more future attacks, the hosting company suggested a few things but i dont know if they are just trying to get more money out of me.
I have added some functions in php.ini for security.
But when user use their php.ini file located in their account, all functions enabled again.
How can i prevent user custom php.ini?
I have a colocated server with the following specs:
Intel Core 2 Quad Q6600 2.4Ghz
4GB RAM
400GB SATA Drive
I have a problem every few days, the server keeps hanging up and giving an "Out of Memory" message and SSH just hangs and doesn't connect. Every time i have to call out a tech to manually reboot it.
Is there a setting i can change to make SSH connect even when it is out of memory, or anything that can prevent it happening?
I've just made a transition from a VDS to a Dedicated and I'm having problems preventing directory contents from showing. In my previous server whenever I created a directory, it would automatically give a 403 when you tried to access the directory directly in your browser (which is what I want). Now when I set up directories in this new dedicated the contents of the directories display when there is either no index page or if I didn't have an htaccess file preventing it from listing the contents.
So what im asking is how did my previous server automatically set up the directories to not display the contents but use the contents and allow access to say for example pictures in the directory?
Is there a way I can have apache automatically do this for me or do I have to place a blank index page in every directory i create or have to place an htaccess file in every directory I create? How can I protect the contents with a 403 but still allow the contents to be accessed only through full path?
My server was recently hacked and I'm looking ways to secure it in the future. I use the server to host my own websites.
It was hacked to be a spam server. I traced the new files the hackers added to my "upload" directory, which is where my site members upload pics. I had set the directory to chmod 777. Could someone hack that directory solely from it being its rights being 777?
The site was custom developed in PHP, and looking through it myself, I couldn't find any security issues. But then again, I may not know what exactly to look up.
I would appreciate any general tips to protecting a server, as well as general tactics hackers use to hack a server and PHP site.
I try to enhance my server security and prevent local hack but it seem useless.
I tried to chmod home/user/public_html to 711; disable functions; enable php open_basedir.
I can stop some popular shell such as c99shell.php but server can be hacked local.
Anyway to prevent it completely?