Secure FTP :: FTPS On CPanel Server
Jul 7, 2008I`m going to use FTPS for one of my accounts on a cPanel Server.
Should I assign a dedicated IP to that account, then install SSL on FTP.DOMAIN.COM?
ADVERTISEMENT
Backup From Many Ftps Auto
Mar 27, 2009What software i can use to backup ftp files auto from different accounts into my pc?
View 0 Replies View RelatedPlesk 11.x / Linux :: FTPS Not Working?
Aug 20, 2014We just upgraded from Plesk 10.4.4 to 11.5.30 and can't seem to get FTPS to work.
I presume it should be running on port 990, but the server is not listening on that port (only 21 for FTP).
Code:
netstat -lptu | egrep 'ftp|990'
tcp 0 0 *:ftp *:* LISTEN 20354/xinetd
We've enabled FTPS on the Server > Security Policy page.
Plesk 12.x / Linux :: FTPs With TLS / SSL - AUTH Not Understood
Mar 22, 2015I just migrated from a CentOS 5 server with Plesk 11.5 to a new server with CentOS 6.6 Plesk 12.
All customers, resellers, domains, subscriptions and even FTP users have been migrated fine (great tool btw).
There's only one thing what I cannot get to work on the new server: FTPs (TLS/SSL), this always results in "AUTH not understood".
The security and FTP settings are exactly the same as the old server (where FTPs worked fine), so I guess something is missing on the server.
What can I do to have a proper working FTPs with TLS/SSL?
Plesk 12.x / Linux :: Backup To Personal FTP Repository Using FTPS
Sep 18, 2014The Problem:
I'm trying to set up an automatic backup to an ftp server using ftps (as configured in the personal ftp repository).
Copying the files fails however.
The things I checked:
The Plesk management website can't show the target folder's contents.
The only error I get is Error-Code "1".
The ftp server (a synology NAS) logs the ftp access: Credentials are correct, session is terminated after transferring 0 Bytes.
Each failed backup leaves a 0-Byte .tar file on the Backup folder.
If I disable ftps and go with plain ftp, everything works just fine.
Our previous generation Plesks (v11 and lower) can utilize ftps for backup (to the same ftp server) without a hitch.
Additional considerations:
Since the WebServer is on a hosted machine and file transfer has to be done across the internet, unsecured transport is not an option.
I have virtually zero Linux experience
[System Information]
Plesk Version: 12.0.8 Update #18
Operating System: Ubuntu 12.04.5 LTS
Plesk 12.x / Linux :: Configuration Of FTPS With TLS And FTP Backup Repository
Mar 8, 2015Plesk Panel 12 uses a proftpd FTP server, with the TLS module pre-installed and configured.
Many questions and/or problems arise when trying to connect to the FTP server over a FTPS connection. In (almost) all cases, the disability to connect with FTPS is due to
a) the lack of configuration of passive ports, AND
b) firewall settings, enabling connections through before mentioned passive ports.
The passive port range can be configured by
adding a line to /etc/proftpd.conf, stating: "PassivePorts <start> <end>", OR
adding a separate file with name <filename>.conf to /etc/proftpd.d/, with the contents of <filename>.conf stating: "PassivePorts <start> <end>"
And note that
- <start> is the first port of the port range, in theory any value above 1050 can suffice,
- <end> is the last port of the port range, any value below 65000 (!) can suffice,
- the extension .conf is required when using a separate config file,
- the directory location /etc/proftpd.d/ is required when using a separate config file,
- one should always limit the port range, i.e. it is not desirable to open up a lot of ports,
- it is desirable to have the <start> value above 20000, in order to prevent conflicts with other programs, using a specific port (for instance, port 8443 is also being used),
- it is not necessary to restart proftpd after configuring the passive ports.
The firewall settings have to be changed to allow connections through the passive ports that have been opened for FTPS connections and note that
- only open up the port range (not more) in the firewall settings,
- it is only necessary to open up ports in the firewall settings of the FTP server,
- it is not required to open up ports in the firewall settings of the sending server.
Many issues have been arising when setting up the FTP Backup Repository.
In general, the passive mode checkbox has to be selected, when encountering issues.
The explicit use of the passive mode allows for proper configuration of the FTP Backup Repository and note that it does not matter whether FTPS or normal FTP will be used.
How Secure Is Cpanel?
Mar 26, 2008How secure is Cpanel? What's its recent history in regards to security?
View 14 Replies View RelatedPlesk 12.x / Linux :: FTPS Not Working After Upgrade - Could Not Establish Connection
May 5, 2015For some reason FTPS is no longer working as it used to before plesk upgraded. At this point, I am not sure which Plesk upgrade caused this since I do not FTPS or ftp in general often. its enabled as it was before, even disabled and re-enabled it again. Still gives a "could not establish connection". Restarted the service via command Line with "service xinetd restart". still isnt working...
View 19 Replies View RelatedWhat Is The Secure Port Of Whm And Cpanel?
Dec 5, 2008what is the secure port of whm and cpanel?
View 6 Replies View RelatedPlesk 12.x / Linux :: Backup Via FTPS Fails With Curl Error / Login Denied
Sep 6, 2014I experienced an issue using an external backup repository on Plesk 12.0.18 machines using ftps. The ftp server uses ftps (explicit) connections.Plesk 11.5 works fine (and ordinary ftp client like Filezilla as well), Plesk 12 throws the following error when trying to add the server via the web interface:
Code:
Curl error: Login denied
Unencrypted connections will work. Plesk 11.5 machines (with the same settings) will work.
I've analyzed the problem and got so far: The backup manager tries to connect using "regular" transfer method + ssl, not ftp-ssl explicit.Is there a chance to force Plesk using explicit ftpes connections? Or is there another work around?Some additional infos about the (ftp) server: The ftp server is running ProFTP 1.3.4d, uses port 2000 for the control port and has a port range (2001 - 2100) for the passive connections.I tried to add the server using the address field of the gui IP:2000 and checkboxed "passive mode" and "ftps".
How To Secure DNS Server
Mar 25, 2009i have question about securety of our DNS Server.
View 8 Replies View RelatedSecure My Server ...
Apr 25, 2008My server hacked!
my server hacked for tow time in less than one month (both times they were similar to each other), and my previous securing company work on my server in previous hack but the server hack again!
anybody can work on my server? this is very URGENT because my server and all of our sites are down!
Is Your Server Really Secure
Mar 14, 2008so while we all obsess over hardening our servers against sophisticated hacking attempts, how many of us consider the security of our own host's control panel?
Just today i'd forgotten my login for my host's helpdesk. I couldn't find their password recovery form, so i opened their public support chat and asked support for a link to their password recovery form. Apparently they didn't have a password recovery form. Here is the chat transcript:
Support: Hello
Tom: Hi, where is your password recovery form for the helpdesk?
Support: How may i help you?
Tom: Did you see my message?
Support: Yes
Support: Let me know your email address
Tom: [REMOVED]
Support: Okay Let me check
Support: Your new password is [REMOVED]
So, the only think really stopping someone from logging into my helpdesk and posting a server cancellation ticket is a little bit of research to find my email address and a traceroute to find my host.
HOW TO SECURE YOUR SERVER
Nov 11, 2007I see that one of the most important things nowadays is the security of our servers.
I would like to know from people here that are running big and small servers what they have done to secure their servers. What tips, what softwares they have used, which applications using and are more secure than others.. generally everything that could make good in the protection and security of our servers.
Even if you asked helped from a company doing that work, what changes they have done to your servers? which options they changed?
I am making this thread so as to collect all info we know in one place.. One knows about that tip.. the other one knows another tip.. having all of them somewhere could make a tremendous difference..
Moderators please dont move that thread in any software discussion or other forum as this is one of the most active ones and also has instant relation with the dedicated servers we buy.
No Need To Secure Server
Dec 6, 2007I have a friend that works in the IT. He is about to start his own business, something in the line of network connection or something like that. I was telling him that I'm planning on getting my own dedicated server but that I have no idea how to secure the server. He told me that most linux desitributions come with their own build in firewall and that I don't need to worry about security. He told me to just ask my dedicated server provider to make sure the firewall is enabled and that's it. When he told me that I thought to myself, either this guy has no idea what he's talking about, or those guys at Webhostingtalk have no idea what they are talking about!
View 14 Replies View RelatedCPanel/WHM: How To Setup Secure Subdomain
Mar 20, 2007I am really getting confused now. Some people tell me it is possible to set up a simple subdomain and add a SSL-certificate to this, while others tell me I have to set up a new account for the subdomain (subdomain.domain.com) in WHM and assign it to it's own IP-adress.
So, my queston is what is the best way to set up a secure subdomain, like [url]? I have already purchased a SSL-certificate for secure.domain.com.
Which Is The Best Company To Secure My Web Server
May 23, 2008Which is the best company to secure my web server?
View 8 Replies View RelatedSecure Apache Server
Sep 8, 2007Is anyone have a ebook or article about secure linux server and apache .
I want to secure own server and my vps customer
my linux system : Centos
also i have cpanel control panel
Secure Server From Scanner
Dec 4, 2008i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.
my server os : linux Centos 5
How To Secure Harden The Server
Mar 27, 2007I have a unmanaged server, and i want to have it secure harden.. how do i do it?
View 5 Replies View RelatedHow Do I Secure A Streaming Server
Jul 27, 2007I would like to know if it's possible to secure a server used only for streaming.
Here is what I have on my server :
- Gentoo,
- FlashMedia Server,
- and the following services are enabled : ftp, ssh, named and web ssl
Is it possible for instance to install Mod_security?
Reliable, Secure, Non-oversold, Non-cPanel Host
Jan 3, 2009I've used many webhosts over the years and have run into various issues from which I've compiled my key wants:
Reliability - availability of mail & web are both just as important - I've had a few hosts who have great HTTP uptime, but mail can go down for hours and is not covered by any SLA. Prefer clustered solutions using a NAS, or at the least RAID-1 (or 10). I recognise downtime is inevitable, I care more about the impact of single component failure and recovery time.
Control Panel/Security - I'd prefer the host to have a custom control panel (i.e. not cPanel/WHM, Plesk/Parallels, DirectAdmin, H-Sphere etc). I really like DreamHost's panel, in particular their model of arbitrary combinations of shell users and domains underneath them. I like to use this to separate installs of untrusted software (such as MovableType, Wordpress, Gallery, Joomla) into their own user accounts so that if one gets compromised it doesn't hose everything. Need multiple domain hosting.
Disk - 2GB sufficient, 3-4GB preferable.
Bandwidth - 10GB or more (I don't really use more than 2GB but prefer not to worry about overage)
Price - I'm happy to pay US$20-30 for a premium service.
Support - I'm technically savvy and only need for support to be responsive to technical questions & issues (i.e. reporting downtime).
To provide some background - I'm currently a customer of both DreamHost and Media Temple (gs). DH sucks because their uptime is completely unpredictable, I have kept it only because their user/domain model is convenient for toying with untrusted software. (mt) was to be the ideal host but reliability of their (gs) service is crap despite all the claims about superior architecture. Additionally they don't allow separation of users/domains and I don't want to host multiple 3rd party apps in the one account. To their credit (mt)'s support is extremely responsive and the company as a whole are very transparent about outages but they simply have too many technology issues.
How To Secure Your Plesk Based VPS Server
Mar 25, 2009I came across this very detailed step-by-step tutorial on how to secure a Plesk based VPS. It's up-to-date and was just written so the info is accurate.
Here's the link to the full tutorial: ...
How Can I Secure My Server Against Spam Attacks?
Mar 25, 2008I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
How To Secure A FreeBSD Server For Shell?
Mar 13, 2007For hosting irc and shells i heard that the best choice for OS is the FreeBSD..
I would like to know if there are any toturials or if someone can write one.. (or give some tips) of how can i secure a machine running FreeBSD and used for irc + shells!
For example how can i install a firewall, a rootkit etc etc..
Also what about putting users at jail? (not allowing them see other dirs except theirs) how can i do that?
Also what about dont allow users use some commands like dmesg, ping, traceroute, and also how can i make them when they do ps -aux to only see their processes (to not be able see the other processes from other users..)