How To Secure Hosting From Shell Scripts

Oct 19, 2009

How to secure server from Shell scripts like c100,c99,locus and so on.

Please provide me clear instructions if possible.

and let me know what we can do if a server is already infected with these shell scripts.

View 3 Replies


Secure FTP Without Shell Access?

Apr 22, 2009

Do you guys have any idea what is the best way to enable SFTP for a cPanel account?

I could give it Shell access, but isn't it possible without it?

View 3 Replies View Related

How To Secure A FreeBSD Server For Shell?

Mar 13, 2007

For hosting irc and shells i heard that the best choice for OS is the FreeBSD..

I would like to know if there are any toturials or if someone can write one.. (or give some tips) of how can i secure a machine running FreeBSD and used for irc + shells!

For example how can i install a firewall, a rootkit etc etc..

Also what about putting users at jail? (not allowing them see other dirs except theirs) how can i do that?

Also what about dont allow users use some commands like dmesg, ping, traceroute, and also how can i make them when they do ps -aux to only see their processes (to not be able see the other processes from other users..)

View 3 Replies View Related

Plesk 12.x / Linux :: Change Domain Name Preference - No Secure Shell Available

Dec 8, 2014

When I try to change a domain name preference from www to non-www i am getting the error

"Error: No secure shell available"

I am using plesk 12 .... 

View 1 Replies View Related

Why Using FreeBSD For Shell Hosting

Apr 30, 2008

I have several question for make shell hosting company:

1. Most of shell hosting company using FreeBSD, why?

2. Is it possible to use linux as OS for shell hosting company?

3. How to secure linux OS for shell hosting company?

View 7 Replies View Related

Anyone Know Where I Can Find Shell Hosting In Atlanta?

Jul 31, 2008

Anyone know where i can find shell hosting in Atlanta?

View 0 Replies View Related

Shell Access For Shared Hosting

Mar 24, 2009

Does anyone know if the popular shared hosting like Host Gator or Dream Host allow shell access?

View 14 Replies View Related

Shared Hosting With Shell Access

Oct 23, 2009

I know there are so many similar threads related to this issue in this forum, I know but my situation is a bit different from other guys, please read the following lines,

I've got a forum with approximately 100 users concurrently, now I'm looking for a shared hosting with relatively high simultaneous MySQL connections number at least 50 and also allows Shell access to dump or restore the MySQL database. but the main problem is lots of US hostings do not host Iranian I dunno US government has problem with Iran's government but I can't understand what's my guilt in this debate?

View 14 Replies View Related

Shared Hosting With Secure Ftp Or Pgp

Apr 10, 2008

A friend is looking for shared hosting with secure ftp, or pgp encryption or both. Do you know of any host that offers them? Would a vps have these features?

View 5 Replies View Related

Shared Hosting With Shell, Cron And Ping/traceroute

Jan 10, 2009

I'm looking to set up some custom monitoring stuff that ties into my existing systems, so that's why I'm not looking for established monitoring services.

I'm looking for a shared environment where I could ping and trace to my equipment, either from cron or a background daemon which I'd write in perl, python, etc.

I'd also want it located somewhere on the left coast or Texas.

Does anyone know any hosts that would meet the above?

View 1 Replies View Related

Secure Shared Hosting ... A Paradox

Nov 5, 2009

We have several VPS's reselling shared hosting, and as we grow our shared hosting operations, I've realized how its almost impossible to have every user, developer or who ever is accessing our shared accounts to properly lock down their scripts eg set proper permissions... But what I don't get is how larger shared hosting providers (which we plan on becoming) fully lock out homedir/User A from being able to access, view or write to homedir/User B's files no matter if User A's executed scripts, processes, protocols is requesting User B's files...

In a shared environment you can't rely on your customers to lock down their stuff and they are trusting you to take reasonable precautions to protect their stuff at the same time... This should be basic security but its almost impossible it seems to achieve in a shared env.

Obviously there are VPS's with completely isolated layers but in a shared env it shouldn't be too big of a request to have one persons stuff not easily visible by another person no matter if SSH is being used or a script of any kind.. bottomline... think of a hotel ... a "shared environment"... one guest can't just go in someone else's room easily. The hotel owner ensures that guests rooms are not available for other guests to access, this is a reasonable policy and the hotel owner would be in deep s**t if other guests had access to other guests rooms....

Here are the reasons why I think "secure shared hosting" is essentially a paradox...

1. False sense of security - SuPHP, Suexec, open_basedir..

Problem is even if you're using SuPHP or open_basedir or other security practices, someone on that server could still possibly "view" other users files which could include database config files and other files that you wouldn't want someone to read/access. These files could include xml, dat, txt etc any other file that a user might not want another user in another homedir to access that isn't protected by SuPHP or SuExec...

2. People often say.. well its your users responsibility "Rely on your end users to choose proper permissions for their files"... This is like relying on your hotel guests to deadbolt their door instead of having an autolock on their door when they close it.

I'm sure your clients would expect you to "section off" their account reasonably from another user however these doesn't seem possible at least with Apache that requires "nobody" to have to access files... And the problem is you can't rely on your users.. Besides, most open source scripts (WP, Joomla, Magento) and people here in this forum recommend 644/755 permissions as being the ideal permissions for most files/folders however if a user makes all of their files 644/755 other users can still possibly access those files.. You still would be giving world-readable access... Many people still use PHP as an Apache DSO, so under normal circumstances where scripts are installed in pub_html a user is FORCED to use world-readable permissions on their config files for their apps to run. For instance with our cPanel install, when we provision accounts in WHM, it creates .htaccess files with 644 permissions .. well why would it do this if .htaccess shouldnt be read by other users .. same goes with xml files, or other non-php/cgi files outside or inside the pub_html directories of a users homedir/ that shouldnt be viewable by world users...

Bottomline, until "world" readable/writable/executable permissions completely are ignored in a users homedir/ for not just PHP/CGI but for any file I think shared hosting security no matter what patches you have added to Apache or your system (Suhosin ,SuPHP etc) ... is a paradox... It shouldn't even be possible in any home dir no matter how responsible/irresponsible a user is for one user to be able to view another users stuff. The whole point and reason panels such as WHM or any panel uses the /home dir is to separate that users files/mail/etc from another users.. So, logically, there's no reason why a script would need access to anothers home dir/ knowing its a shared environment and on a shared hosting env it shouldn't be allowed to go outside of that users /home/ dir ...


So I think a server admin should be able to enable a "mod_shared host" lets say in WHM or something that will get rid of global permissions eg there will only be 64 not 644 for any file in /home/<user>/... If someone chmods something to anything in Y ... XXY ... Y is completely ignored and set to 0...

If the server admin wants to override such settings, there could be an override feature but by default, just as PHP open_basedir restrictions settings in WHM work for PHP, the same should go for all files/scripts part of a home dir (any extension), under normal shared hosting shouldn't be accessible by any method (FTP, SSH, any apache module/process - CGI, Java etc) regardless of DSO, SuPHP...

Until then... How could large shared hosting providers sleep at night knowing that they are not protecting everything in their users home directories? This should be a simple and reasonable request that a user would expect when signing up for Shared hosting... Obviously there are other possible security leaks, breaches can occur but this should be basic security...

Shared hosting shouldn't be like open kindergarten cubbies with a curtain protecting the contents, instead, anyone signing up for shared hosting would expect their host to at least have a high school locker with a pad lock ....

Or am I missing something? Is there a solution already for this reasonable security practice of protecting users from each other user without referring them to a VPS or a dedicated? How do the big shared hosting operations have a large shared environments with hundreds of users on a box NOT allowing others to view/access other peoples stuff?

I've asked people on cPanel forums as well as our hosting provider, everyone has mixed responses and no real "answer" so I wanted to get your thoughts...

View 2 Replies View Related

Secure File Hosting Service

Feb 9, 2009

I don't know where to ask this question so hopefully I'm in the right forum. I have a friend that owns his own company and travels alot. He needs a place where he can store his work files (mostly document like word, excel, pdf, drawings, etc...) which contains very sensitive information. He need a place where he or the people in his team can transfer files and that he can setup access levels for his users. He need access to his files with a secure tool such as sftp or something else that you guys can recommend.

Also, since some files can be very large he requires a good transfer speed from everywhere in the world. He's looking at around 100GB of storage space and a very high transfer allowance. He will probably need to host his website also. Do you guys think it's better to host the files and website separately?

View 3 Replies View Related

How To Secure A Shared Hosting Server

Dec 18, 2007

how to secure a windows and a linux server used for shared hosting?

View 0 Replies View Related

Change Jail Shell To Normal Shell

Jul 8, 2008

Do any1 know how to change jail shell to normal shell?

View 14 Replies View Related

Secure Mod_php On A Shared Hosting Environment

Jan 21, 2007

I'm running a shared hosting environment and I'd like to know if it's even possible to secure the Apache while it's running mod_php. I know I could go suPHP with PHP-CGI, but that'd increase drastically the server load.

So what should I do to best secure the server?

So far now I did:

- Apache:
Installed mod_security and mod_evasive.

- PHP:
Set register_globals=OFF
Set disable_functions = ini_restore, popen, exec, shell_exec, system, passthru, proc_open, proc_close
Set safemode=ON
Set open_basedir to user's directory on virtualhost

Is that would be a secure environment for my users?

View 2 Replies View Related

Good Secure Managed Dedicated Hosting Provider?

Jun 20, 2006

I work for a small web design firm with about 100 clients/domains and we are starting the search for a new hosting provider. We need a managed dedicated server with an offsite backup. We are also looking for a company that knows what they are talking about. If we have a Linux or server question they need to be able to give us a quick straight answer. Also, if they could help us transfer all our hosting accounts from our current server over to the new one that would be a BIG plus.

We have been thinking about Rackspace or but were wondering what the community thought. Any recommendations?

View 5 Replies View Related

Can Recommend A Secure Adult Video Stream Hosting Site?

Jan 28, 2009

Who can recommend a secure/affordable video streaming hosting site to me?

Setting up a members video site.

Best if the web host can come with a ready members template and shopping cart/payment service where I can just upload my videos.

View 7 Replies View Related


Sep 30, 2007

my server in under attack of shell

how can i find shell code in my server? (c99 ...)

is any anti virus or open source tools to find it

how can i disable shell function?

View 4 Replies View Related

Shell Allow.

May 10, 2007

I have spare dedicated machine.

I want to allow user to run few processes on machine (debian etch).

I configurated limits at /etc/security/limits.conf for group "shell".

When I attached user to group shell, limits work well, but he still can look
everywhere on system. (he can do cat /home/somefile.txt, even owned by root).

Is there any method, software to limit user to acces only their home directories?

View 2 Replies View Related

Shell And Php Security

Jun 7, 2009

For security reason I have these php functiosn disabled:

show_source, system, shell_exec, exec, popen, proc_open, procopen, passthru

Can anyone please tell me whether if it will prevent shell scripts from working?

They can still upload the shells but cant read/write/execute commands in 777 directories?

View 6 Replies View Related

SSH/Shell Not Connecting

Apr 16, 2005

I'm having a problem connecting to SSH/Shell on my server. I get the Login Prompt, but when i enter the User/Pass i just get "SSH-2.0-OpenSSH_3.6.1p2", everything under that is blank.

I've restarted the SSH Server and made sure the account i was using was set to use Normal Shell (not jailed). What could be the problem?

View 3 Replies View Related

Chmod Using Shell

Oct 8, 2006

I was wondering if it were possible to chmod a directory that is set to a low number to 777 using a shell or command and if so can anyone point me in the right direction as to how to go about doing so ??? I am trying to learn a little and i pefer using my browser to edit files rather then a ftp client.

View 9 Replies View Related

Pennsylvania VPS Or Shell

Jun 9, 2007

I was just wondering if anyone is aware of Linux VPS or shell account providers with servers that are physically located in Pennsylvania. The only two I've come across so far are Nocster and VPS Village.

View 2 Replies View Related

What's Shell Access?

Oct 8, 2009

I keep seeing web hosts where it says that there is/isn't shell access, etc. What's shell access and what do you do with it in/with a web host?

View 14 Replies View Related

Shell DNS Toolkit?

May 27, 2008

Is there a such thing? I use shell mainly for whois info, tracing, telnet for email issues, etc etc. Is there a 'toolkit' for such things?

View 6 Replies View Related

How Do You Use Shell Access?

Nov 6, 2005

I have a script that needs to be run from shell access, but I've never done this before. How do you access a script through shell? Is there software I need to download? Not even sure where to begin.

View 5 Replies View Related

C99 Shell On My Server

Dec 16, 2007

One of our customers uploaded C99Shell script on my server, and he can access to another accounts,
I upgraded php to 5 but he can access with this script to another accounts yet, what should I do to disable this script or other one?

View 14 Replies View Related

How To Program In Shell ?

Oct 11, 2006

I'm trying to program a very simple shell script that does 2-3 things.

1) checks for the number of a script running say, "ps aux | grep php | wc -l" returns that number.

2) deletes temp files folders "cd /to/that/directory/; rm -fr *&" every 90 seconds IF that number in check #1 is below say 50....

and then have this shell script launched in shell every so often, not sure on the frequency but first is how to program in shell is a TIME DELAY....

View 7 Replies View Related

DNS Forwarding Using Shell

Oct 29, 2006

We have customer who has account on our *nix box server and who wanna move to our h-sphere reseller platform because now he want to use asp and mssql.

If it`s .com domain, for example, I would be able to easy change NS1 and NS2, but since this is ccTLD (and we will wait 10-15 days) I need quick solution for DNS forwarding.

ns1.oldnameserver -> ns1.newnamerserver
ns2.oldnamesrever -> ns2.newnamerserver

se when I run ping for example, I have to have reply from new server.

I have shell access but I don`t know how to modify zone or named, since obviously I can not do this using whm.

View 3 Replies View Related

SSH/Shell Access :: How To Use It?

Jun 11, 2008

I have never used SSH/Shell Access, but think I may want to. Can someone explain what it is, and maybe explain how to use it? My web hosting provider provides SSH, but I have no clue what to do.

View 10 Replies View Related

Copyrights 2005-15, All rights reserved