PCI Scanning On A Shared Server (UK)

Aug 23, 2009

Does anyone have experience of PCI DSS scanning on a shared server? Our current hosting company have told us that it's unlikely to pass on a shared server, and that we should move to a Virtual Managed Server for them to make the necessary changes to pass a PCI scan.

In particular, we're talking PCI compliance to use PayPal website payments pro UK.

From Googling there seems to be a lot of debate on this issue - varying from 'all you need for PCI compliance is a SSL certificate' (this seems to be paypals attitude), to 'PCI scans can be passed on a shared server if your host is willing to help' to 'you need separate dedicated servers for the database and site etc'.

Does anyone use website payments pro UK, have a shared server, and regularly pass quarterly PCI scans? Also, we would much prefer a host based in the UK - we seem to get much better performance from our UK host than we did when the site was hosted in the US (our customers are almost completely UK based).

View 6 Replies


ADVERTISEMENT

Port Scanning

Apr 18, 2009

I have been receiving a lot of emails from LFD about this ip (93.190.138.129) port scanning.

I get about 3+ of these emails a day letting me know that ldf has blocked the ip temporary.

I am now wondering should I be worried about this ip port scanning?

The ip is from the netherlands where my server is hosted and was wondering if its a coincidence or not?

View 11 Replies View Related

Somebody Is Scanning My Site For PhpMyAdmin

Jul 9, 2009

I found several requests in my error log which looks like someone was scanning my site for phpMyAdmin. This was a newly created subdomain. So I checked my main site and another subdomain and they also contained similar entries. Should I do something?

[Fri Jul 03 03:23:16 2009] [error] [client 65.23.157.214] File does not exist: /var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/phpMyAdmin
[Fri Jul 03 03:23:16 2009] [error] [client 65.23.157.214] File does not exist: /var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/phpmyadmin
[Fri Jul 03 03:23:16 2009] [error] [client 65.23.157.214] File does not exist: /var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/pma ...

View 14 Replies View Related

Website Malware Scanning

Apr 8, 2009

A website I've recently been entrusted with was cracked into via brute force ftp earlier this week. Apparently the bad guys ran a script that added iframe links to every page named index.html. The iframe linked to 3 sites that prompted malware downloads.

I think I've found and removed all the affected code, however I'm looking for an online website scanner that will drill down through all the links on a given site and search the code for similar problems.

I've only found a couple of these so far and they don't seem to fit the bill; was wondering if anyone here had recommendations or experience with similar tools...

View 1 Replies View Related

IANA Scanning Ports

Dec 3, 2007

My internet security software blocked port scanning from IANA
Internet Assigned Numbers Authority. Who is this and what are they doing scanning the ports on my computer.

View 2 Replies View Related

Avoiding Port Scanning And Brute Force

Oct 28, 2009

I get a lot of messages from CSF about Port Scanning and Bruteforce detection.. Is there a way to avoid all of these attacks ? Because it tries to figure out my clients ftp or pop3 user with several usernames, i.e. administrator, postgres, mysql, httpd, and many more..

I know a little about internet security.. Is it possible to make my public IP of shared hosting untraceable ? Like this one..

Just do a ping to ebay.com or paypal.com and then you will receive RTO message or Destination host unreachable, but actually the site is running well..

View 5 Replies View Related

Scanning A Site Against Intrusions And Security Holes?

Apr 21, 2008

What do you recommend for scanning a site against intrusions and security holes?

View 1 Replies View Related

Modsecurity Clamav Upload Scanning Doesn't Work

Jul 12, 2007

So I've been working on getting the modsecurity upload scan function to work for over 4 hours now and i'm done with this junk to say the least.

Using modsec 1.9
Cpanel 10x
Apache 1.3

in the modsec.conf

SecUploadDir /tmp
SecUploadApproveScript /usr/local/apache/htdocs/upload_scan.pl

All I get in the audit_log is:

Access denied with code 406. Error verifying files: Received no output from the approver script (execution failed?) "/usr/local/apache/htdocs/upload_scan.pl" ....

View 1 Replies View Related

Disable File Attachment Scanning & Extractinig At MailScanner

Mar 9, 2007

My main goal was stopping incomingo spam.. and MailScanner is doing a great work on that.. but, it is taking too much time extracting and scanning attachments... does anyone know how to disable scanning the attachments ?

This is my top output from MailScanner running:

Code:
12:10 3 MailScanner: extracting attachments

View 0 Replies View Related

FreeBSD: Sendmail To Exchange. No Scanning E-mail Process

Aug 16, 2007

I tried to configure Sendmail as e-mail MTA with ClamAV & SpamAssassin before my local network. I can send and receive e-mail but spamassassin doesn't filter them. Do you know where I should look for?

View 2 Replies View Related

Unable To Open Spam.scanning.rules - MailScanner

Mar 5, 2007

I was trying to install mailscanner on a cpanel box using chirpy's script [url], followed every step, until this:

Code:
[root@server.yourbox.com:~]perl mscpanel.pl -i
Unable to open spam.scanning.rules for reading: file or directory doesnt exist at mscpanel.pl line 115.
On the 115 line i found this:

Code:
open (IN, "</usr/mailscanner/etc/rules/spam.scanning.rules") or die "Unable to open spam.scanning.rules for reading: $!";
The file /usr/mailscanner/etc/rules/spam.scanning.rules just doesnt exists... maybe chirpy's script is not working well installing everything its needed..

View 5 Replies View Related

Plesk 11.x / Linux :: Cannot Create Pipe For Communication With Scanning Child

Dec 10, 2014

I'm running CentOS with Paralells Plesk bundled Paralellls Premium Antivirus (Dr Web). After the latest yum updates DrWeb continously seems to crash and be restarted by the Parallells watchdog. By default there were no logs for DrWeb, but when I enable logging to a file it gets spammed continously with the following error:

Cannot create pipe for communication with scanning childs (Too many open files)and the Drweb process runs at 99% CPU for long periods. This totally fills the disk with logs and I've now disabled logging again and Drweb is back to continously being restarted by the watchdog.

View 3 Replies View Related

Difference Between Dedicated Server And Shared Server

Apr 17, 2008

i want to know what is the difference between dedicated server and shared server. I was relaly confused in these services. Couls any one please let me know in detail about these servers?. I will be choosing one of these service.

View 4 Replies View Related

Ffmpeg On Shared Server

May 15, 2008

I am developing a phpfox site and in order to use the video capabilities I need a host with ffmpeg installed.

My current host were a bit misleading and let me think I could pay them a small sum to install ffmpeg on a shared server and that would see to it. Turns out I would need to get a dedicated server, which was quite a shock when I saw the price of that.

I would like to know if shared servers with ffmpeg are worthwhile, or is a dedicated server generally regarded as the only way to go?

If success can be achieved with shared hosting, are there any hosting companies that would be recommended. Apthost is a name that seems to crop up quite regularly, but I don't know how to tell a good host from a bad host, so I'm asking you all!

P.S. My bandwidth needs shouldn't be more than 100gb/month at the start, but that is only a rough beginner's guess.

View 10 Replies View Related

Shared Server Migration

Oct 31, 2009

I received this emails from Leaseweb

1st:

Dear Mr.

I would like to inform you about the planned migration of your shared hosting account to a new hosting environment. This concerns the domain xx***********. The migration will start on: 29-10-2009 during business hours.

2nd email:

Dear Mr.

Due to a problem with the restoration of the backup on the newermachine, we did not succeed in the transfer of your domain. So for now it will stay on the 'older' webshared enviroment. Are you OK with us to give it another run tomorrow? Please indicate a No in case this is inconvinient to you, if there is noanswer we assume that there is not a problem and we will work on thetransder again tomorrow.

3rd email:

Dear Customer,
The transfer of your webpackage to one of our new shared hosting servershas been completed.

--------------------------------------

Now my Oscommerce site is down:
Parse error: syntax error, unexpected ';' in /vhosts/xxx***********/httpdocs/catalog/index.php on line 314

I checked line 314 of index.php does not have ';'
My site admin side is working.

View 11 Replies View Related

Shared Server Load

May 13, 2009

How much shared server load allowed is reasonable? My host currently allows up to 10% before suspension.

View 13 Replies View Related

Benchmarking A Shared Server

Jan 23, 2008

I have a dedicated server with a few websites (virtual hosting) and I would like to do some load testing on it to measure what kind of performance I would get.

(This is a dedicated server with shared account not a shared hosting account)

When I browse one site it is fast but I wonder what will happen if 10 people are browsing 8 of the sites etc.

Is there any testing tools (other than Apache Bench) I can run that will test multiple site simultaneously?

Re. Apache Bench - I could run AB on the same server, on another server in the same DC or on another server in a different DC.

Which would me more accurate? Is the network a bottleneck or would the server be the bottleneck?

Also what is a 'good' time-per-request value? I want the websites to be responsive.

View 0 Replies View Related

Shared Server With Mod_php

Feb 24, 2007

I decided to stick with mod_php for my shared server. What I'm looking for is any info/links on best security implementations for mod_php.

View 4 Replies View Related

Shared Server Subnet Sizing

Sep 14, 2009

What percentage of shared hosting customers use SSL and require their own IPs? I need to estimate the subnet size for a shared server.

View 5 Replies View Related

How To Install Shared Ssl In Cpanel Server

Apr 19, 2009

how to install shared ssl in cpanel server

View 2 Replies View Related

RAID-10 In A Shared Hosting Server

Oct 26, 2009

I`m building some Xeon Nehalem servers for shared hosting with cPanel. The servers will be:

Dell PowerEdge R410
Xeon Nehalem E5502
12GB DDR3 RAM
3ware raid controller

But for shared hosting, is it worthy to have a RAID-10, or would a RAID-1 be enough?

We have some Xeon E3xxx servers running with RAID-1 hosting more than 1000 accounts, we hadn`t had any IO/load problem so far.

View 13 Replies View Related

How Many Shared Accounts You Have On You Dedicated Server

Nov 8, 2009

few inter linked question!

how many shared account do you have on your dedicated machine?

and what machine you have got?

ever faced hardware failure ? how many a month or year
what saved you or ruined you

View 2 Replies View Related

Time For A New Shared Server Host

May 21, 2008

I have been with Page-Zone for a couple years now. Just the past year I have had little problems with them.

-For instance once I was trying to update my website and their server went down. I thought it was something on my end so I started trouble shooting it for an hour and then it came back up.

-Another time the users on my website were without e-mail for a week, because they changed IP address.

-And finally the e-mail accounts couldn't receive any e-mails from Comcast, MSN, or Hotmail accounts. So I ended up setting up a Google Aps account for us to use for e-mail.

Granted they are very cheap but I have been having many problems with little support. Also today I just noticed that in the whois it lists Network Solutions as the technical contact. Are these things that I should be looking for a new host for?

View 14 Replies View Related

Zeus On Shared Server - Some More Questions

Apr 25, 2008

I was reading this

vbulletin.com/forum/archive/index.php/t-6868.html
but that was quite some time back.

If any user has current experience of using Zeus w.r.t

- running of standard vbb, photopost etc
- zend and / or ioncube
- some php scripts need url rewrite, is it possible
- creating subdomains when the host does not provide it

View 0 Replies View Related

Dedicated Server Vs Shared Hosting...

Aug 12, 2008

I am working on creating a social networking website. It will have approximately 2500 members with about 1/2 using video. I spoke to 2 different programmers through rent-a-coder. One told me to get a dedicated server through GoDaddy that runs me about $120/mo. The other programmer told me that there was no way that I would need that much and I could get a shared hosting package for $10-$20/mo and that would work fine. He said that a dedicated server wouldnt be necessary unless I was getting a ton of hits to my site or needed to host multiple sites. I inquired about it with GoDaddy and when I mentioned I was doing a social networking site, they said I would need the dedicated server. I am hiring someone to build the site since it is beyond what I am capable of, so I am clueless on who is correct.

View 14 Replies View Related

Finding All Sites On A Shared Server

Sep 26, 2007

One of my clients sites has just been hacked and im pretty sure its through the hosting and not the scripting, although the host us not being very helpfull.

What I want to do is see what other sites are on the shared account to see if any of them are having problems. As a coincidence the server has 'gone down' not long after being hacked which makes me think the host has pulled it.

I remember years ago (at least I hope I didnt dream it) that a website told me all the other sites on my server, probably by using some kind of reverse lookup on the IP, servers are not my strong point so I dont know.

where I can find this tool,

View 3 Replies View Related

Can I Feel Secure On A Shared Server

Apr 29, 2008

I have a small reseller account but all the domains are managed by myself. Security has not been a problem because the sites are simple, but now I have a need to deliver and recieve private files. I know how to keep the website itself secure writing my own sessions, using explicit variables, storing sensitive data outside of the web directories and that sort of stuff but it is my 'neighbors' that bother me. If one of them gets hacked or I get a bad neighbor sharing the server I do not want them to have access to my files and passwords.

A few years ago I wrote a browsing script that I found out had the ability to escape my own area and roam freely around every area on the server with unlimited access to every file. When I complained about it, the server admin said that I had nothing to worry about. When I pressed the issue I was told that nobody could invade my files because it was against the rules to go into other people's account. It turned out most server administrators left things open to eliminate scripting problems for their users and there was really no way to lock down a server without breaking a lot of scripts. At the time I moved to a more secure server but they eventually opened things up because of too many complaints and help requests.

Have things changed? Have they worked out the issues with shared servers? Is there a way to tell if my host has implemented proper safeguards (if any viable ones exist)?

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved