SecurityMetrics has determined that we are not COMPLIANT with the PCI scan validation requirement for our server.
The remote host is running a version of the Exim MTA which is vulnerable to several remote buffer overflows. Specifically, if either 'headers_check_syntax' or 'sender_verify = true' is in the exim.conf file, then a remote attacker may be able to execute a classic stack- based overflow and gain inappropriate access to the machine. *** If you are running checks with safe_checks enabled, this may be a false positive as only banners were used to assess the risk! *** It is known that Exim 3.35 and 4.32 are vulnerable. Solution: Upgrade to Exim latest version Risk Factor: High
HOW DO i Upgrade to Exim latest version? I am on WHM/Cpanel 11 (centos 5) I never did this before.
I have Parallels Plesk Control Panel installed on Windows Server 2008 with PHP 5.2.17. In order to install moodle, it requires PHP 5.4.4 installed. How do I upgrade to the latest PHP or to version 5.4.4, are there any standard instructions?
Here my msg. i get while trying to update via the Panel:
Code:
Unable to obtain the latest version of Parallels Installer: The required version '3.15.15' was not found on the server. This could happen because of configuration error at the download site. Failed to download the package
I noticed when installing latest version of APF 0.9.6.3 over the previous version 0.9.6.2 it will import all the variable and ports settings from conf.apf and allow_hosts.rules files of the previous version. so there will be no need to edit or configure any thing any more when upgrading APF exept setting DEVEL_MODE to 0 and restart APF.
Is it safe to upgrade to the latest Linux kernel version 2.6.19.2 (released on January 10th, 2007) ? Is there any reported problems or have anyone faced issues after upgrading?
my dedicated server is running using cPanel 11 apache 1.3.39 , php 5.2.4
i read a thread here in WHT says the " apache 2.2 with php 5.2.5 handle the load and doing high performance"
if it is true , plz anyone get the tutorials to upgrade it using /scripts/easyapache with GD libraries . and after upgrade will i have to re secure php again or what?
I'm still using Plesk 11.5.30 and MySql 5.5.39. That was discribed here how to update. But i need to have a MySql 5.6.5 (minimum) for some software (This version is over 2 years old). I'm using CentOs 6.5. and PHP 5.4.33
When I click upgrade now at the plesk panel I get following error:
Parallels Panel pre-upgrade check... WARNING: The proftpd FTP service will fail to start in case the support for IPv6 is disabled on the server. Please check [URL] .... for details.
Is it safe to proceed? I guess it shall be automatically?
I have experimented a strange behaviour on plesk linux 12.0.18 Update #33
Basically: 1. I have recompiled Apache with more file descriptors 2. Several days later watchdog did not work properly. Support requested me to remove and install wd 3. I ran the autoinstaller. All my compiled version where replaced.
Watchdog is ok now, but I have to recompile Apache.
I have been searching on forum and kb but could not find any reoccurance.
Question : Is there a way to avoid this ?
Compilation performed based on article [URL]
after having executed /usr/local/psa/admin/bin/autoinstaller --debug
[root@ns7 scripts]# rpm -qa --last | grep "Sat 21 Feb 2015" psa-watchdog-12.0.18-cos6.build1200140707.14.x86_64 Sat 21 Feb 2015 01:12:58 PM CET php-tidy-5.3.3-40.el6_6.x86_64 Sat 21 Feb 2015 01:10:07 PM CET
I have just started joining these type of forums because im planning to set up another web site and i guess that it would really help if i enter these forums to have a better judgement and make the best choice. Ive had my other hostings from go daddy and midphase but i wasnt relly happy with the results and the downtime... ive read some forums about globat, if im not mistaken my web developer has made me a website from globat for almost a year and we had minor problems.
I have recently upgraded mysql server from 5.0.75 to 5.1.31 on my Ubuntu server 9.04 32 bit. After that when I am running phpmyadmin it is printing a warning :
Your PHP MySQL library version 5.0.75 differs from your MySQL server version 5.1.31.
I'm considering switching hosting to NameCheap to save some money over my current hosting plan. I've never had a problem with their registrar service. I did a search for reviews on their hosting service. There were some negative ones a few years back when they were selling PeopleHost hosting, but they apparently have their own hosting now.
I found a few posts with issues, but there always has to be a few. However, if 3 of 10 customers have problems, it's a lot different than if 3 of 10,000 customers have problems. Anyone have an idea of how many sites they host?
Also, what's the latest word from people using their hosting services? Any good? How about response time and up time?
I am trying to install some packages on my system and sometimes they depend on different, sometimes earlier, sometimes later versions of library packages on my system.
In that situation is it better to get the source for the package and recompile it with what you have on your system?
I am assuming that the dependent libraries the packages where compiled with were what was available on the package developer's system and do not necessarily contain new features lacking in the older versions.
Will recompling such packages from the source rpms fix the problems in most cases?
One particular group I persistently come across is the libcX.so libraries.
I'm desperately trying to find a hosting service that offers Linux hosting with latest versions of php (5.2.x), mySQL (5.1) and maybe CVS or SVN?
Space or bandwidth are not an issue (500mb space will be more than I'll ever need)
This will mainly will be a development/testing place. I really need a host that actually updates to latest versions of php/mysql/apache. (not the next day the upgrade is out but some time soon at least >_<)
Things like CVS / SVN, SSH access and access to change your own php.ini settings are more than welcome but I could live without.
A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.
The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.
Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.
a website/s that you can maybe subscribe to it's emails that will notify you on hacks that are out, and how to prevent them?
I'm already aware of the ways you can secure your server first hand, but I'm talking about notifications that will keep you updated on the newest release of hacks out and etc.
