Moving SSH Back To Port 22 But Will Root Be At Risk

Apr 26, 2008

At present I run SSH on a different port then normal to protect root. This has worked for two years, but with discovering that cPanel finally support SFTP without shell access needed, I want to finally turn off FTP and require SFTP. The problem is the port I am using. Since it's a random port I have been secured against root attacks (well nothing has shown up). I am with LiquidWeb which is fully managed. So I guess they take care of allot of prevention.

This is what I am thinking of doing. move SSH back to port 22 (I only host a few friends sites and want to be hosting 20 accounts by end of year to cover my costs). Then disabled root password and require SSH keys. Would this be strong as secure as running SSH on a high #port or am I fooling myself.

I could also add in for good measure restricting root SSH/SFTP (yes I prefer SFTP for file management as I am legally blind and using Transmit+BBEdit is allot easier for me for editing files). The problem with restricting to certain IP's, is that Shaw charges $30/month more for a static IP and I also am at my moms 25% of the time (and she is also with Shaw). I think the XXXX.vs.shawcable.net is static but I am not 100% sure.

I really do want to kill FTP so that only port 80 is the only non SSL port open.

View 14 Replies


ADVERTISEMENT

Supermico Minis Back To Back

Jun 19, 2007

Can you put two of these supermicro mini servers back to back in a standard rack? I am looking at the [url]

View 14 Replies View Related

Is My Domain Name At Risk

May 28, 2007

my domain name expires in July (within 90 days).

It is currently with company A who charge quite a lot to keep it there. I want to move it to company B who are my hosts and with whom I get 1 free domain name.

One added complication is that the domain is in a friends name, but I have logon and can change name to my own any time I want.

Company B said "After it is on our registrar, you will be the only one that can renew it as long as it doesn't expire for longer than 90 days."

This has me worried that because I haven't renewed it withing 90 days that it can be stolen from me. Have I misunderstood or is this a risk?

If so would I be better advised to renew it in my friends name wth company A?

View 10 Replies View Related

How Big Risk Do I Take If I Don't Update The Kernel?

May 2, 2008

I'm a Windows guy and can little or nothing about Linux. How big risk do I take if I'm using a Linux VPS and never update/patch the kernel?

I'm using CentOS 5 and LxAdmin. I can update the control panel, but I can not update/patch the kernel since I have no knowledge how I do that.

I'm using a unmanaged plan, so no help there.

Some of my sites are running Wordpress, but I'm always using the lates WP installation. I not using any other plugins that WG2, Gallery2, and remove max width.

Nobody except me have access to the VPS, and I have no other FTP accounts or something like that on the VPS.

I have no other scripts or any kind of dynamic pages on my VPS.

What kind of risk do I have here?

I'm currently having plans to cancel my second VPS that's using Win2003, and only use Linux in the future. I can cut my monthly expensive with 50% that way, but do I take a big risk doing it that way?

View 9 Replies View Related

Crypt_blowfish, Any Risk In Installing

Sep 11, 2007

A customer has requested we install a pear package called crypt_blowfish for there website which sells items.

What exactly is it? Is there any risk in installing the extension?

Ive not heard of it myself before

View 4 Replies View Related

Hosting A High Risk Site

Mar 25, 2009

What sort of redundancy that is recommended for a high risk site?

My definition of high risk is it will attract more hackers than usual, more DDOS, chances of blocked by ISP and etc.

View 4 Replies View Related

Security Risk To Share Phpinfo File

Mar 10, 2007

There are always people who would like to know what the php settings are on the server. Is it a security risk to share the phpinfo.php file on a website, with anybody who visits that website, able to view it?

View 4 Replies View Related

Does Your Provider Back Up Your VPS Or Do You Back It Up Yourself

Nov 10, 2009

Many of the VPS providers I've looked at don't back up the servers that house the VPSs and as such don't back up the VPSs either - have you considered what would happen should the VPS itself be erased (such as what happened to vaserv/fsckvps not too long ago)?

View 14 Replies View Related

Security Risk Having Mbstring And Mysqli Installed On Your Server

Mar 20, 2008

A friend of mine owns a hosting company and a client of his asked to have mbstring and mysqli installed. What he wants to know is , is there any security risks if he does install that on his server?

Also, he wants to know, if there is not, what how does he go about installing that on the server?

View 4 Replies View Related

Writing Large Files - Risk Of Damaging Filesystem

Jan 19, 2008

Does writing large files (ie, 10GB backups in one archive) cause any risk of damaging a linux filesystem?

View 1 Replies View Related

Mysql Delayed Writes Performance Boost, Worth The Risk

Jul 19, 2007

During my poking around performance tips I found the DELAY_KEY_WRITE option (and innodb_flush_log_at_trx_commit = 0 for innodb)

which supposedly for mysql will disable the immediate disk flush for every transaction written and instead update only once every second at most?

One thing I've never had to restart on my vps is mysql, it's been great. So is this safe to turn on? Am I risking corruption? Will the performance gain be worth it with only a 16M cache?

View 4 Replies View Related

PC World Article: Reduce Fire Risk - Remove Oxygen [merged]

Mar 19, 2007

I did a quick search on this and could not see it as already being posted

It seems quite a clever but simple idea - remove a lot of the oxygen from the air to help reduce the risk of fire. What do those of you operating your own facilities make of this? Is anyone already doing this?
[url]

View 14 Replies View Related

Plesk Automation :: Postfix CA Bundle File Under PPA - How To Edit Without Risk Of It Being Overwritten

Aug 19, 2013

I see in the maillogs a number of errors lots of different Certificate Authorities - and some I really did NOT expect to see here:

[root@web48002 admin]# grep ' certificate verification failed for' /usr/local/psa/var/log/maillog | wc -l
998
[root@web48002 admin]# grep ' certificate verification failed for' /usr/local/psa/var/log/maillog | head
Aug 19 00:04:45 web48002 postfix/smtp[28115]: certificate verification failed for inbound.hsaforamerica.com.netsolmail.net[206.188.198.64]:25: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

[Code] ....

How/where do we edit our CA file under Postfix - and why is the standard one installed by PPA not including some of these VERY MAJOR CAs?!?

I would like instructions on how to edit this in a manner that it will not get overwritten by some PPA update or yum update.

View 3 Replies View Related

Are Chained Root Ssl Certificates More Secure Than Single Root?

Nov 25, 2008

I have read that although chained root ssl certificates can be more difficult to install they are actually more secure since the root certificate cannot be compromised, only the intermediary.

Is this true? It looks like both google and amazon both use chained SGC certs.

View 0 Replies View Related

Apache :: Listen On Port 8080 For IPv4 And On Port 80 For IPv6?

Aug 8, 2013

I'm runnung a server with Apache2 (Apache/2.2.16 (Debian 6.0))

I would like Apache2 listen on port 8080 for IPv4 and on port 80 for IPv6.

This is what I have now:

/etc/apache2/ports.conf

View 4 Replies View Related

Email Server Port- How To Change/add Port For SMTP

Feb 19, 2008

Currently I am using Linux + cPAnel and using the port 25 for email sevrer. Currently we facing 1 problem is, some user's ISP is not support port. May I know how can I add additional port into server and allow users to send mail by different port?

View 1 Replies View Related

Did Port 80 Port To 7080, But Not Working When Login

Jun 21, 2009

I have an office internal website and I opened a port in the gateway of my office (7080) to this website (server )'s 80 port. That makes this website open to public as office has static IP. And then when I view the site from home . it's fine. But when I tried to login, the site is using a pop-up, I guess it's http authentciation, login, I was redirected to a url without my port number any more, that stops my access to the site as obviously I would.

How can I keep my connection/port number ...?

View 2 Replies View Related

Giga Port Vs Mega Port

Jun 18, 2008

about the NIC and switch,

there are giga port vs mega port,

in your experience,do they really be different?

View 14 Replies View Related

Changed SSH Port - How To Add Extra Port To APF

Jun 10, 2007

I recently changed my SSH port, but locked myself out when my APF firewall was installed.

Where would I got to add a custom port inside the APF's config file?

View 3 Replies View Related

"owner" ID In Ftp Client -- Security Risk

Mar 25, 2008

I just started using FileZilla Client, as a way of allowing business clients to upload to an ftp account at my website (the ftp account is a subdirectory of my public_html directory, and has its own username and password).

I noticed that, along with other information for each file listed at that subdirectory, FileZilla also posts info on "owner" and "group". It turns out that, for each of these fields, FileZilla displays the username of my entire site -- not the username specifically associated with the particular ftp account to which FileZilla had connected. Thankfully, it doesn't also display the password that goes along with it!

I'm wondering if anyone would know:

- does this constitute a significant security risk?
- is this because of actions on the part of my web host, or because of FileZilla's programming? (ie, would the same thing occur in all ftp clients?)
- if this is a significant security risk, would there be any workaround?

View 14 Replies View Related

Best Way Of Back Up

Oct 8, 2009

I have 3 websites on dedicated server(linux - plesk)

my data are about 2gigs. I want to know what is best way of backing up?

View 14 Replies View Related

Back Up Xen VPS

Apr 6, 2009

I have setup a xen vps. I have installed a package called Ossim. The xen VPS is based on the OS -- Centos 5. There are no web hosting panels etc installed like cpanel or plesk. Iam going to proceed with a few more software installations on it like elastix.

However before proceeding further, i want to backup the entire vps ie the entire data in it.

View 1 Replies View Related

VPS Back Ups

Apr 24, 2009

I've always thought, and it is like that, that the back ups are part of any quality VPS Hosting service. But see this below. It is part of the TOS, listed by quite popular vps hosting provider.

"Your use of - - - servers and services is at your sole risk. - - - is not responsible for files and/or data residing on your VPS. While complimentary backups may be provided by - - -, you agree to take full responsibility for files and data transferred to/from and maintained on your VPS and agree that it is your own responsiblity to take backups of data residing on your VPS."

View 14 Replies View Related

Back Up - Is This Possible?

Nov 16, 2008

if this steps is possible.

Back Up files from WHM / cPanel -> Download to PC -> Store it in NAS storage or an external hard disk.

Would that be possible? Is there any risk involve like my data would be corrupted?

View 11 Replies View Related

Can Cron (back Ups)

Jul 10, 2009

I want to set up a cron job to make daily back-ups of my database, but by turning my site off first.

This is how I envisage it to work:
1: rename '.htacess' (in public_html folder for the site) to .htaccess-open
2: rename '.htaccess-closed' to .htaccess
// this closes the site down so no-one can write/access the db (they are basically shown a 'site down for maintenance' page - I already have the code for this)

3: mysqldump --opt (DB_NAME) -u (DB_USERNAME) -p(DB_PASSWORD) > /path/to/dbbackup-$(date +%m%d%Y).sql
// this backs up the database

4: wait for 3 to finish
5: rename '.htaccess' to .htaccess-closed
6: rename '.htacess-open' to .htaccess
// this opens the site back upIs this easy enough to do? Anyone got any tips/pointers?

View 4 Replies View Related

Where Do You Store Your Back Ups

Oct 1, 2009

I would like some tips on how to create back ups with WHM/cPanel on a Reseller if you could.

Also where to store them?

I was thinking of storing them up on a VPS or Dedi server that just has backups or should I buy a enternal Hard Drive for my computer and store them on that? I have a 500GB Hard Drive.

View 14 Replies View Related

WHM Back Up Retention

Oct 29, 2008

how the backup in WHM works as far as data retention. For example, if I select the "daily backup" option, does

- WHM create a new backup for each day every day moving foward until the drive it uses is filled up, OR

- WHM creates a backup for each day of the week, overwriting the previous week's same day data.

View 2 Replies View Related

Cpanel Back Up

Mar 14, 2008

we have a client transferring to us from hg, they have created a full backup from cpanel and we have tried restoring it from whm all the databases, domains and folder structure is restored fine the error is that all the files are restored to a cgi-bin not the corresponding folders.

how we can fix this or a easier way to transfer a hg account

View 3 Replies View Related

Directory Back-Up

Jul 30, 2008

I would like to make some kind of script (probably .sh?) that automatically takes a directory, makes a copy of it then makes a gzip tar and then shoots it over to an FTP server. I would like this to happen twice a day (ie. every 12 hours).

View 13 Replies View Related

Pages Back Up

Feb 24, 2008

I just recently changed the server my website was being hosted on (my website being a small hosting-biz) and my site has been replaced by 1and1's temporary landing page. The thing is I have no idea or experience on what to do to put my pages back up. I don't even think I have them saved anywhere...

View 10 Replies View Related

Remote Back Up

Oct 9, 2007

how to use remote back up any video tutorial you can send the link please

I also need remote back up provider can you recommend any company
real company?

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved