Security Vulnerabilities Found In HyperVM And LXadmin/Kloxo
Jun 6, 2009
Just got this email
Quote:
Dear Customers,
Multiple security vulnerabilities were discovered in hyperVM and Lxadmin/Kloxo. It is recommended that you update your hyperVM/Kloxo systems to the latest version, as soon as possible.
Details of the vulnerabilities will be posted in the coming days in our forum.
On hyperVM or Kloxo master, Run:
/script/upcp
Lxlabs Support Team
View 14 Replies
ADVERTISEMENT
May 11, 2009
I rebuilt my VPS (again) today and noticed something different. Instead of the usual "Install LxAdmin" icon in HyperVM I read "Install Kloxo."
I looked at the demo and everything looked the same. Has anyone noticed any definite differences between the two? Has anything significant changed apart from the name?
View 3 Replies
View Related
May 15, 2009
which of them is better on kloxo - lxadmin VPS?
APF or CSF OR OTHER?
View 6 Replies
View Related
Jun 25, 2009
how to add an ip to kloxo/lxadmin?
we had asked for additional ip from the host, they provided it and added it to hypervm, but we can't c the ip in kloxo, so how can we add it to kloxo?
View 3 Replies
View Related
Oct 28, 2009
Is there a way to easily install lxadmin/kloxo in veportal?
View 14 Replies
View Related
Jun 10, 2009
our hosting company asking to turn off Kloxo.
Quote:
As some of you may be aware, there are some major holes in hypervm/kloxo that have been published that may leave your VPS open to attack, or compromise. We have shut down HyperVM running on the node temporarily to completely eliminate the risk of a hacker getting in, and have preformed a security assessment to make sure no compromise happened. If you are running Kloxo on your VPS, it's strongly recommended that you disable the daemon to prevent your VPS from getting hacked or attacked. If you require any assistance, Please submit a ticket to support. Unfortunately, *** is NOT responsible for any data loss. It is strongly recommended to disable Kloxo immediately to prevent attack.
View 2 Replies
View Related
Jun 8, 2009
LxAdmin recently changed their name to Kloxo, which also introduced some new features.
I've setup a Kloxo cluster, with the main server on 1 server, and all the others (mail, dns, web) on another server - still testing it out.
Then I created a package in Kloxo with some limits and gave it a name. Then, I went into WHMCS, and added the product, and chose LxAdmin from the modules drop-down.
I then proceeded to add the package name in, and told WHMCS to "Get the available choices from the server" and then I get the following error:
Quote:
Fatal Error. Got a non-object from the server:
I've tested it with 2 different WHMCS installations
View 0 Replies
View Related
Jun 21, 2009
we know hypervm/lxadmin have some exploit. My server is ruuning with lxadmin. Is there any panel to replace it? I mean we can easily to reload OS, use File Manager like hypervm...
View 4 Replies
View Related
Jun 19, 2009
On both Xen and OpenVZ nodes, how can we block all VMs from accessing the HyperVM & LxAdmin ports?
And what ports would these be again? 8888, 8887, 7777, 7778?
View 1 Replies
View Related
Nov 14, 2008
how do you setup LxAdmin/VPS's once HyperVM OpenVZ is installed..I got it installed from the server company, and want to know how to license HyperVM's.
View 7 Replies
View Related
Jul 7, 2009
How do I get it to setup php as an apache mod?
View 0 Replies
View Related
Apr 3, 2008
I run hypervm/lxadmin and centos
My issue is that my websites I have hosted there just come and go. They will be accessible for a few minutes, then return "unknown host" errors for a while, and then come back like it never happened.
I am amusiming this is a dns issue, but I am not really sure where to start. My dns template looks ok, but past that I am lost.
View 6 Replies
View Related
Aug 10, 2008
I am wanting to backup my VPS, though the backup manager requires me to enter something for "Backup File Initial String". It is shown in ....
View 2 Replies
View Related
Aug 1, 2008
I have learnt it is harder to setup than I initially expected (since I have just moved from a shared hosting service). I am in need of some help setting up my DNS servers, as I am very confused. Here is most of the info I know:
1) I am running HyperVM
2) I've installed LXAdmin
3) I own the domain (purchased from xeodomains.com) runemart.com
4) My VPS hostname is: vps.runemart.com
5) I know my IP
6) My host has said:
'For VPS customers that have a HyperVM login you can now host forward DNS on the DNS servers rdns1.vaserv.com (US)rdns2.vaserv.com (UK'
And I am unsure what this means/how to do it.
I am not sure if I need some more information to set up my DNS, however I am sure that I can get it if I do.
Now, my questions begin. Firstly, I need to point my domain - runemart.com - somewhere. I believe I need to set up my DNS via HyperVM or LXAdmin so that they are something like: ns1.runemart.com and ns2.runemart.com. Though, is this correct? Am I able to set up my own actual domain name servers, or will my domain have to point at something like rdns2.vaserv.com?
If anyone can assist me in this I would be very greatful, as I am waiting to get my website running. This is all I will ask for now, I will take it one step at a time =).
View 14 Replies
View Related
Jun 24, 2008
Acunetix says my site has 28 XSS vulnerabilities?
For example it says calendar.pl is vulnerable and it was able to set a javascript alert as the variable calendar_view.
How can I fix this?
Vulnerability description
This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.
Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. A browser execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.
This vulnerability affects /cgi-bin/calendar.pl.
The impact of this vulnerability
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application
Attack details
The POST variable calendar_view has been set to >"><ScRiPt%20%0a%0d>alert(398096611151)%3B</ScRiPt>.
View 1 Replies
View Related
Jul 29, 2009
[url]
Upgrade if this affects you.
View 13 Replies
View Related
Jan 14, 2007
Cacti version 0.8.6i has vulnerability: [url]
Solution: [url]
View 2 Replies
View Related
Jul 28, 2009
How I can secure my server from vulnerabilities and threats and ddos attack? How can I find my server is compromised or hacked?
Which ports I should check, what commands I should fired on shell prompt? which softwares you will recommend.
View 14 Replies
View Related
May 29, 2009
Having trouble with LXadmin/Kloxo. Just bought a vps, installed Kloxo, and when i try to add a client or reseller it says i have no dns set up. then i go to set that up, and it says i dont have an ip address set up.
I went into admin>servers>ipaddresses and tried to add the ipaddress assigned to my vps but it says that it is already in use... i want to be able to host a website.
View 0 Replies
View Related
Jun 24, 2009
cent os 5 or 5.3 - which is preferred?
And will kloxo work on cent Os 5.3 64bit?
or atleast 32 bit?
View 8 Replies
View Related
Oct 24, 2009
I installed kloxo on a fresh CentOS installation, not the hostinabox template
I have high memory usage though as seen here
[url]
Apache appears to be running 2 or 3 times? How do I remedy this?
[url]
View 13 Replies
View Related
Oct 21, 2009
I Have Kloxo Runing in my Server , and i use Apache for handling php , and htaccess .
From kloxo Panel under Extra , Error Handling .
I made editing to where visitor will be taken when come to page not found , banned , ..etc
The error 404 , 403,500
But won't work , it just take User to the Apache Test page instaed takes him to the Page i spicifed..
So i edited htaccess like ErrorDocument 403 forbid.php to try redierct the users to the error pages but got same reslut instaed takes them to the apache test page .
I tried install Plesk and Try . But seems the Same thing , when user comes to not found page , or forbidden page he will be directed to Apache test page.
View 1 Replies
View Related
Apr 4, 2008
I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
View 10 Replies
View Related
Apr 1, 2009
LXAdmin is having REALLY odd DNS problems.
server has been reachable and up constantly, but DNS is NOT working for RANDOM people. No errors anywhere, no log entries, no reasons at all. Using Bind.
All my own tests, and few of friend's tests works fine, and then for a few doesn't work at all.
These problems started suddenly last week.
View 2 Replies
View Related
May 4, 2008
For those who used it for a long time now. Do you think it is suited for critical development and professional websites. What about stability .. and scalability ?
What about migrating from Cpanel. Easy?
View 14 Replies
View Related
Oct 25, 2007
my LXadmin..
1st. I have a domain registered at domainsite.com.
2nd. I want to be able to setup my site in LXadmin.
There are 5 ip's
**.**.**.33
**.**.**.34
**.**.**.35
**.**.**.36
and one default web address, **.**.**.101
1st. I went and setup a ns1.mysite.com & ns2.mysite.com
2nd. I went to my registrar and setup custom nameservers
with the above ns's and I used the first 2 ip's.
All I can see is the apache of the default "root"
I can login through ftp and see the actual files though.
I have a little offer if someone can help me. If you can help me get this working I can set you up with space 5gigs or w/e. I am totally confused, I almost feel like cancelling this account.
If anyone knows about HyperVM & LXadmin then let me know and I would love your help. You must be very serious and truthful because I am going to provide you with logins and stuff to help me....
Please help if you can. Oh and its VPS, 40 gig & 600 gig bandwidth.
View 6 Replies
View Related
Jun 6, 2007
I just playing with lxadmin.
I noticed, that FTP settings looks there quite.... strange.
I created users (let's say his name is 'usr' with few domains: domain1.com, domain2.com).
I can't just login to ftp using username usr and his pass - I need to create FTP users for all domai names - so, I can't manage more domainnames within one session. It is normal, or maybe I made something wrong - if so, how to fix that.
View 4 Replies
View Related
Jun 6, 2009
which ones best though?
View 24 Replies
View Related
May 20, 2009
I am new with VPS, i was trying to install LXA on my new VPS after rebuilding it
This is what i typed in SSH
wget [url]
sh kloxo-install-master.sh
It worked out fine initially. It went on installing, updating, downloading and so on..
But finally got stuck at this point
11:02:43 (379 KB/s) - `lxawstats4400.tar.gz' saved [1143518/1143518]
Downloading Installappdata
error reading information on service gpm: No such file or directory
rm -rf /var/lib/mysql
View 3 Replies
View Related
Oct 12, 2009
This is to receive reviews about each of them for a VPS of:
60 GB of space
1 TB of traffic
Which is better LXadmin or Cpanel?
View 14 Replies
View Related
Aug 2, 2009
We've had a request to assist a transfer from LxAdmin to DirectAdmin.
We don't mind moving all the files and MySQL manually, however our main concern is copying the old emails.
All the settings (ie. mail forwarders, cron jobs) can be re-created.
how to move the MailDir from LxAdmin to DirectAdmin?
View 3 Replies
View Related