I will be storing personal customer information in mysql, so security is driving all my requirements. I was thinking the architecture will be :-a dedicated web server within a DMZ and placed behind a firewall and border router.
a dedicated database server inside the internal network behind another firewall, All running Linux
building out and management of the servers to be done by hosting provider or third party Please feel free to comment on this setup.
QuestionsIs a reverse proxy a benefit for security.
Am I right in saying that a reverse proxy hides the OS and server details from prying eyes and provides another layer of security
if a reverse proxy server is a benefit, is it normally the default architecture at most reputable hosts.
How do you get like for example ROOT of cPanel in a VPS? How would you be able to use it besides like giving permission to use WHM and stuff on accounts. As doesn't remote reboot and such have to happen on the whole server?
I am moving my servers this week and my new host doesn't do domain hosting. This is my first time doing it, I need help in pointing my domain to the new server. I just need the basic settings for A, CNAME and MX records.
I understand that servers can do automatic backups of information, yet I also see forum modifications that enable simple ways of doing a backup. Are there different types of backups? Why is it necessary to manually backup a forum database when its done automatically by the server? In terms of assuring the data, what is required and whats a typical procedure, what does it entail, is it manual and if so usually how often, or is it usually automatic?
Processor #2 Vendor: GenuineIntel Processor #2 Name: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz Processor #2 speed: 2660.000 MHz Processor #2 cache size: 4096 KB Why is the Processor #1 speed labeled as 1.6 ghz? Processor #2 speed never goes down no matter how high the load is. Could it be the reason that my server can't handle 4 websites with a cumulative total of 20k unique hits per day?
We are planning for a clustering archirecture for our mail servers,The basic idea is put all of mailservers behind a load balancer which will monitor and distribute the n/w load as server load and forward the requests accordingly can u suggest any good hardware loadbalancer which could give us 'server load balancing' as well as n/w load balacing.
I would also like to know if it is a good idea to go for a software load balancer(like linux heartbeat) or to h/w load balancer.
Are there any scripts out there that can protect URLs? For an example I am trying to protect a megaupload.com URL with a masking URL and making sure that the masking URL is only access by a referral site. Can this be done?
Last days my site was hacked to the main page has been added the "iframe" tag with path to the virus loading. I don't know how somebody could edit the original page and insert this code to the html body. This time I have updated this page from archive but I would be glad to know how to protect my site in future. Could somebody advice me fast and effective methods?
what is the best way to protect whm and cpanel from unwanted login?
If i change the port they still can sniff, is there away to put another layer to protect it or assigned specific ip to be able to login ? I'm on a dedicate server and only hosting for 1 site so there no customer that i should worry about.
can i change /whm and /cpanel to something else just to hide it form novice users.
I just want an expert opinion if what I am doing should be considered to be secure (or if there is a more secure way to do what I am doing). I made our hotel's online reservation system and it stores the guests' credit card information.
The card is encrypted using AES (MCRYPT_RIJNDAEL_128) and the key that is used to encrypt/decrypt must be entered from the client side in order to log in. It is not stored on the server. So that my employees do not have to enter it every time they want to log in, it is stored in a cookie on their computer or entered manually if the cookie is deleted. When logged in, I have the key stored in a _SESSION variable in a subdirectory of that account's home directory and have the following attributes (for example):
When I login to plesk as admin and then Tools and settings and then backup manager and choose backup and then Server configuration and content and run backup, after 2-4 minutes i see backup process failed and then i see "Backup log information is not available" what should i do?
how to pwd protect directories with when using no control panel, I am planning to change the login details of the protected directories every few days as well as its top secret data, so I would like to know how to protect directories with pwd, I know how to do using control panel such as cPanel r Plesk but I am having no control panel at this interface
I intend to share the files under this protected directories only to my team, so plz help me with codes if there are any