How To Secure Servers ....
May 26, 2008I was just wondering the top 3 best ways to secure your business ( not legal) just the servers.
View 3 Replies
ADVERTISEMENT
How To Secure Plesk Servers
Mar 12, 2007I am running on Fedora 5 and RHLE 4.
I am also using the latest version of stand alone plesk with a single server installation. I am not running database or email on this server, those are all done from an external server base.
Shell scripts will not be given out.
besides doing some of the basic tmp and restricing compilers, turning off unneeded services, etc.
is there anything in specific you guys have found that you need to do in order to secure your systems?
Secure Port On Dedicated Servers. How To?
Oct 6, 2009I was looking at staminus dedicated hosting offers, and after I asked them about secure port packages prices. I would like to know, after I purchase a dedicated server, how to install secure port? Does it work like a protected DNS?
View 6 Replies View RelatedHardware: Db Servers, Web Servers, File Servers. Cpu, Ram, Disk
Jan 20, 2007I have a lot of questions here so if you can't answer them all I understand. even pointing me somewhere where I could get the answers would be appreciated; hardware sites focusing on server hardware, forums focusing on such, etc.
we plan to have three different types of servers:
- db server (self explanatory. mysql. for forums, mysql driven sites.)
- file server (lots of files around ~2-10MB, consistant 70mbps right now, but we want more room for upgrades. needs a LOT of storage room.)
- web server (lots of php files, but also static things like plain html, images, etc. also includes all misc services for the setup-- dns, etc.)
could I be given a rundown for which hardware each of the three should have? I don't need specifics, even just knowing that more ram is important here while cpu doesn't matter as much, or that the fastest disks available are a must, etc would all be valuable info for me. despite that, I certainly wouldn't mind specific hypothetical hardware configs.
for the database server I'm assuming the more ram the better. not entirely sure about the cpu? also not positive on disks...
for the fileserver, how much ram would be practical or useful? disk io will be an issue I'm because plenty of people will be pulling files at once so the disk needs to read from multiple places. scsi (and even raptors) are not an option as we need 750GB+ of space on a reasonable budget. more ram will take some load of of the disks, but how much is neccessary / reasonable?
for the web server I'm assuming cpu first, then ram, but it'll likely need less ram than the db server?
I'm more lost on the disks than anything. scsi on the fileserver is not an option under any circumstances due to $/GB. for the db & web server I'm willing to pay for scsi if the performance increase really does warrant the extra money, but I'd like to be convinced before shelling it out. if you have benchmarks geared at server hardware when it comes to disks I'd really appreciate it.
also, what's the best way to network these together when colocated? each one with a dual gigabit ethernet port and then the communications go to and from the router?
Send Mail To Another Servers But We Cant Recieve Mails Another Servers
May 24, 2008We send mail to another servers but we cant recieve mails another servers. We can't recieve with webmail and outlook.
I look logs but there is no error and our ip is not in blacklist.
there is the error in our server
[url]
linux cpanel centos 4.6
How Secure /tmp On Vps
Jul 26, 2009how can i secure my tmp on vps?
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
it isnt work on vps and i have this error:
[root@ dev]# mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
mount: could not find any device /dev/loop#
I Cant Secure My /tmp
May 5, 2009i want to secure my /tmp and do this:
so i try this link
[url]
so:
cd /dev
dd if=/dev/zero of=tmpMnt bs=1024 count=150000
/sbin/mke2fs /dev/tmpMnt
cd /
cp -R /tmp /tmp_backup
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
but i have this error:
root@server [/]# mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
mount: no permission to look at /dev/loop#
Secure A Vps
May 13, 2009when I get a dedi server for shared hosting. I secure it as much as i can and then just incase I miss stuff etc I hire 2 other companys to check over everything. Since I bought a vps from fsckvps are there any guides to secure and optimize a vps other then the one located in the vps section? thanks. I Dont feel like spending 50+ dollars on securing a vps that costs less then 15 a month.
View 14 Replies View RelatedHow Secure Is My VPS
Aug 7, 2008vbulletin.com/forum/showthread.php?t=281011
How secure is my VPS? Anyone who has some free time and is reading this thread could please try to do some penetration-testing or something related (I really do not know much about network security) in order to know if my server configuration could be the problem?
Do you find any way to download the full database without login on the system (cPanel or phpMyAdmin)?
Secure VPS I Done
Sep 8, 2008i'v been Installed all these In my VPS server
1)Disable Functions:
system,system_exec,shell,shell_exec,exec,passthru,escapeshellarg, escapeshellcmd,proc_close,proc_open,ini_alter,dl, popen,parse_ini_file,show_source
and Enable The Safe_Mode.
---------------------------------------
2)Hide_your_apache_Version
---------------------------------------
3)Install LogWatch in a Server
---------------------------------------
4)Mod-Security-Install
---------------------------------------
5)Root-Login (IP Sent).
---------------------------------------
6)Disable Login Root and Change SSH Port .
---------------------------------------
7)Installing eAccelerator .
---------------------------------------
8)Install Nobody Check
---------------------------------------
9)Updateing All of
/scripts/upcp
/scripts/updatenow
/scripts/sysup
/scripts/fixeverything
/scripts/exim4
/scripts/easyapache
/scripts/securetmp
----------------------------------------
but doesnt know yet what the better to secure my vps ..
and about Firewall two .. wich firewall better
CSF or APF+BFD ..
Secure FTP
Mar 27, 2008I have an application that requires a Secure FTP connection to a server to work. I am having trouble connecting to one server, a windows based server, while the CentOS Linux server is working fine.
Does anyone know where I can find test Secure FTP locations so I can determine if the issue is with misconfiguration or with an incompatibility of the program with windows Secure FTP sites?
I am able to connect to both sites using WinSCP and choosing Secure FTP.
How To Secure The VPS
Aug 30, 2007Check out this blog and suggest what thing more can be added to secure the vps and i think this information database can be helpful for newbies and intermediate users which like to secure the VPS.. which sometimes exploited due to bad scripts.
[url]
Secure UK VPS - DPA
Nov 11, 2007Ive been using Dreamhost for years and there great however, One of my clients needs has drastically changed and they are now required to comply with the Data Protection Act.
In particular this bit make Dreamhost a bit of a no go due to them being in California:
"Personal information may not be transmitted outside the EEA unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data."
Unless my client goes and asks all 1000+ customers they are kinda in a bit of a quandary. So here's what im looking for:
Secure UK Datacenter, eg Easynet, Blue Square etc
128mb RAM, 256mb Burstable, 20GB storage, 500GB transfer
LAMP Environment
Support within Business Hours
Control Panel
Way To Secure SVN
Feb 4, 2007So I just got SVN installed on my server, and now I'm wondering about the best way to go about securing it. This is what I've had done so far
the executables were installed to /usr/bin as ROOT
Then I created a directory in /usr/local/svn as ROOT to hold the svn repositories (the conf folders, etc).
I've decided that I'd like to use the SVNSERVE tool rather than have to run Apache2 which my current VPS provider does not provide any support for.
So I've run SVNSERVE like so:
svnserve -d -r /usr/local/svn --listen-port=7126
Then for each repository within the /usr/local/svn folder I've gone into the conf folder and added:
anon-access = none
auth-access = write
password-db = passfile
realm = myrealm
The passfile is located in the same directory (ie. /usr/local/svn/test) and contains my users in the format:
[users]
harry = harryssecret
sally = sallyssecret
I then run my checkouts like so:
svn checkout svn://mysite.com:7126/test
Now my question is how secure is this. I was tempted to use svn+ssh but I couldn't seem to figure out how to get it configured. Is the protection I have adequate? How easily can this be compromised? What steps should I take to lock it down further. Can I limit the connection to SVNSERVE to only come from certain specific IP's... similar to how apache does:
Order deny,allow
deny from all
allow from 192.153.123.12
Most Secure CMS
Feb 22, 2007What would be the most secure free CMS at the moment? I ask this because im looking to setup a website, and i dont have enough money to invest in a custom coded website, so to start out with ill use a free CMS, but i dont want to be hacked.
Now i know that because the CMS's are open source, they can still be hacked, what im looking for is something that is the most secure, preferably with sql injection protection.s?
Secure FTP
Apr 15, 2007Secure FTP?
Entirely dependent on Client Software or do we need to buy an SSL certificate and install it on our server as well?
How it works?
When Trying To Secure The /tmp Dir
Jun 25, 2007[url]
i followed the guide, after done I reboot the server then it gives me these errors:
Quote:
mounting local filesystems: Failed
mounting other filesystems: /dev/tmpMnt: No such file or directory
What Is Best Method To Secure The Tmp?
Nov 3, 2009What is best method to secure the tmp?
1. /tmp mounted as noexec,nosuid?
2. creating /usr/tmp directory?
How To Secure DNS Server
Mar 25, 2009i have question about securety of our DNS Server.
View 8 Replies View RelatedAntivirus Like F-secure
Jun 13, 2007I am looking for antivirus under linux like f-secure scanning php shell files scripts but free
i am facing many problems here from these shell files ....
How Can Secure /tmp /var/tmp In OpenVZ VPS ?
Mar 15, 2007recently I got a VPS from cheapvps.co.uk and so far so good. Im getting used to the VPS enviroment. I tried to follow several guides about how to secure with noexec and nosuid the /tmp and /var/tmp and it did not work.
in http : / / www . webhostingtalk .com/showthread.php?t=474681&highlight=tmp points it must be done from the hosting. Same is said in http : // kb . swsoft . com/article_130_648_en.html.
I asked the hosting to do it and they told me as I got an Unmanaged VPS they cant do it for me.
Do anyone know how can be done ? I dont want to use tmpfs as it uses main memory.
Secure Sites
Jan 16, 2009In terms of the secure domain, if I had a secure site and wished to access some information on a web page that was from a NON-SECURE domain or at least duplicate the non secure information on to the secure page, does the user need to click acknowledge buttons to go in and out of the secure areas? Can I copy or transfer information [eg goggle search results] onto the secure page without this necessity?
View 6 Replies View RelatedSecure Uploads
Jun 8, 2009My requirements are 500MB, 5GB bandwidth, rails and postgres, $5-6 per month. It looks like there are many providers out there that are offer that.
However the only uploading method shared hosters seem to offer - or at least the only method they advertise - is FTP. Coming from a university and sysadmin background, I thought that anything that sends passwords over the wire unencrypted had died long ago (except HTML forms and legacy systems).
Are there any shared hosting services that allow a more secure upload method (e.g. scp, rsync-over-ssh, even webdav-over-ssl)?
/var/log/secure Error
Jun 7, 2008am getting this repeated error line in in log/secure
Quote:
Jun 7 18:19:38 host sshd[15751]: warning: /etc/hosts.allow, line 7: can't verify hostname: getaddrinfo(ev1s-209-85-4-32.ev1servers.net, AF_INET) failed
Jun 7 18:19:38 host sshd[15752]: Connection closed by 209.85.4.32
here is my host.allow:
Quote:
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
ALL: localhost
ALL: 62.215.149.53
ALL: 70.84.160.0/24
ALL: 66.98.240.192/26
ALL: 216.12.192.107
ALL: 12.96.160.0/255.255.255.0
ALL: 67.19.0.0/255.255.255.0
ALL: 216.234.234.0/255.255.255.0
ALL: 70.85.125.0/255.255.255.0
ALL: 70.84.160.0/255.255.255.0
ALL: 216.40.193.0/255.255.255.0
ALL: 66.98.240.192/255.255.255.192
ALL: 209.85.4.0/255.255.255.192
ALL: 209.85.4.32
ALL: 75.125.126.8
How To Secure Perl
Mar 28, 2008all we know that perl language its using in alot of scripts and alot of system admins stop it why this why u dont try stopp the problems from it and make ur client have perl to used it in scripts lets try this if some one need to see passwd he will do cat /etc/passwd what about make this chmod 700 /bin/cat and he will used wget to get files what about this chmod 700 /usr/bin/wget and lynx what about chmod 700 /usr/bin/lynx in this case we make root only can using this commands any system admin sure know now the idea and he can use it as he want ,, this secured method not only in perl its in another programing language put i give this as a clear exampel.
View 5 Replies View RelatedSecure My Server ...
Apr 25, 2008My server hacked!
my server hacked for tow time in less than one month (both times they were similar to each other), and my previous securing company work on my server in previous hack but the server hack again!
anybody can work on my server? this is very URGENT because my server and all of our sites are down!
How Secure Is Joomla
May 7, 2008Is it good security wise?
View 11 Replies View RelatedWhere Is A Database Most Secure
Feb 7, 2008I'm building an ASP.NET 2.0 web app on a shared hosting plan. It looks like I have two good places to store my database. One is the App_Data folder that my .NET training tells me is the place to store databases. However, like many shared hosting plans I have a directory above the publicly accessible webroot folder with serves as my application root. Right next to my webroot folder is a databases folder which my web host apparently sets up as a default location for databases. So which is more secure? My App_Data folder? Or a "sibling" folder to my webroot?
If it matters, I have an Access .mdb, which I may upgrade to a SQL server .mdf.
Is Your Server Really Secure
Mar 14, 2008so while we all obsess over hardening our servers against sophisticated hacking attempts, how many of us consider the security of our own host's control panel?
Just today i'd forgotten my login for my host's helpdesk. I couldn't find their password recovery form, so i opened their public support chat and asked support for a link to their password recovery form. Apparently they didn't have a password recovery form. Here is the chat transcript:
Support: Hello
Tom: Hi, where is your password recovery form for the helpdesk?
Support: How may i help you?
Tom: Did you see my message?
Support: Yes
Support: Let me know your email address
Tom: [REMOVED]
Support: Okay Let me check
Support: Your new password is [REMOVED]
So, the only think really stopping someone from logging into my helpdesk and posting a server cancellation ticket is a little bit of research to find my email address and a traceroute to find my host.
Errors In /var/log/secure
May 17, 2007Getting these odd errors in /var/log/secure
May 16 16:00:32 server Cp-Wrap[6322]: Pushing "32121 GETDOMAINIP user.com " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6322]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6325]: Pushing "32121 LISTSUBDOMAINS 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6325]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6328]: Pushing "32121 LISTMULTIPARKED 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6328]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6330]: Pushing "32121 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6330]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6333]: Pushing "32121 LISTDBS" to '/usr/local/cpanel/bin/postgresadmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6333]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6338]: Pushing "32121 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6338]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6342]: Pushing "32121 LIST 0 0 " to '/usr/local/cpanel/bin/ftpadmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6342]: CP-Wrapper terminated without error