What Sort Of Security Measures Need To Placed For A Non Webhosting Server
Jan 20, 2008
Currently configuring my VPS, have been for a while now, and am relooking at the security I'll need on it. The VPS will be running something similar to a CMS/Forum site and won't be offering webhosting. Alot of the security measures around here are webhosting orientated. What security procedures does everyone suggest for my situation?
I've got APF, BFD and restricted root SSH access. Is there anything else?
View 2 Replies
ADVERTISEMENT
Jun 7, 2008
I have a dedicated server which I access via remote desktop.
The firewall is not enabled. What kind of security should I have on my server?
Ive read that if I enable Windows Firewall my remote desktop connection will be blocked & this will mean me having to contact the server company via phone etc.
View 9 Replies
View Related
Mar 4, 2007
This is my list (from my head) of things to install or do on a webhosting server to enhance security (not in any particualr order):
- rkhunter.
- chkrootkit.
- secure /tmp and similars.
- install mod_security.
- install mod_deflate.
- change ssh port.
- disable root login.
- install and tweak apf.
- install bfd.
- setup logwatch.
- add know "bad" IPs to apd list.
- enforce long and secure passwords.
- syctl.conf Hardening
- Mod_LimitIPConn
- System Integrity Monitor
- System Priority
- Process Resource Monitor
- Port Scan Attack Detection
- In php.ini, disable:
exec,system,passthru,readfile,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,popen
- Prevent Apache and bind to show their versions.
View 5 Replies
View Related
Feb 1, 2007
What does this string do? I copy and paste it into my SSH Shell and i get ip addresses and numbers next to them.
Each number means one connection?
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
View 1 Replies
View Related
Jan 26, 2008
I am renting a cheap Linux server merely to test and learn as much as possible.
The server itself is completely unsecured, as I am doing everything one at a time to learn as much as possible.
Now, a few days ago I noticed someone with a US based IP had logged into my root account. The bash log mentioned something about some network commands and I traced the IPs to my server datacenter, so no big deal I thought, but I changed the root password anyways.
Today it happened again, but this time the bash log was cleared, and in my /var/www/html folder I found a suspicious folder with eBaywhateverapi.dll in it. I deleted it, seeing as this was not normal, which led me to the conclusion my server was hacked. Since it's a cheap test server, it's no loss at all, I'm just glad it's not the server I use for my customers!
So, what I did now was this:
Removed all suspicious folders in /home
Turned off root login (made a new account which I use to su into root)
Changed the SSH port
Changed root password
Will this be enough for now, or should I do anything else?
I'm running CentOS 4
View 5 Replies
View Related
Mar 26, 2015
Why servers are being run out of memory by the 'sort' command even when the logs are small? Here's what is currently on a site:
-rw-r--r-- 2 root root 22392143 Mar 26 11:40 access_log
-rw-r--r-- 2 root root 68018869 Mar 26 10:50 access_log.processed.1
-rw-r--r-- 3 root root 67671664 Mar 26 09:50 access_log.processed.2
-rw-r--r-- 1 root root 69908 Mar 26 10:50 access_log.stat
[Code] .....
View 1 Replies
View Related
Jul 24, 2009
I hope all are fine and doing good, can somebody provide detail guide line how to test Penetration testing on linux servers and what security measures are required in against of that.
View 8 Replies
View Related
Sep 30, 2009
Over the past number of years there has been an obvious increase in credit card fraud and identity theft.
Our policies have always tried to stay a step ahead but it seems no matter what is done the occasional fraudster manages to squeeze through, costing us a lot of money. At one some point in early 2009, it got as bad as 60% of the orders we received. It ended up eating a LOT of our time just to go through each order and verify them as best we could.
What methods do you use to fight fraud?
I'll start with some of the things we do.
- Require CVV code on the credit card
- We call the customer's telephone number and verify with them. - Verify the telephone number matches the region of the address they provide
- Require the CC issuing Bank's name and number
- We often require the customer to fax a signed credit card authorization form
- GeoIP matches location of the address in the order
Obviously the big challenge is proving that the person placing the order is the actual owner of the card. I've received the correct CVV, spoken with the customer on the phone number, had the phone number match the region... non-US so I wasn't able to verify their telephone details with the issuing bank. Had the GeoIP match and still found out it was fraud.
On a side note: Am I the only one that feels banks and those issuing credit cards need to take more responsibility for a system that's clearly broken? Even after going through the process above, it can still be fraud with a chargeback issued. In those cases, the company loses the money they made, pay a fee to the payment provider, lost time for Sales Reps and Tech Reps, and of course they lose money on hardware, electricity and bandwidth.
View 14 Replies
View Related
May 12, 2009
As a personal project I've recently began thinking about setting up a CDN (sort of) with my various servers around the world. Basically, what it will do is.. From one 'management' point or portal (you can assume one physical server), each user can update/create their webpage there..
From that main node, it will have to replicate in REAL TIME:
a) userdir (public_html etc.)
b) mysql db's (circular mysql replication?)
c) Any updates to their apache.conf, php.ini etc..
Now I've been looking into several options.. drbd seems to be one that a lot of people suggest for the actual data sync, but I'm wary of implementing something like that outside of a local private LAN. I've also looked into rsync/unison which may work.. I'm just throwing this out there to see what people have tried and are using.
DNS will be handled by a GeoIP/Maxmind bind patch, and closest server will be given by my DNS servers. Closest 'mirror' of the user's site will be served via that hostname.
Anyone done this before or tried? The actual caching part of CDNs and etc. I'm thinking I could always just deal with via squid later, but for now the main guts is what I'm concerned with.
View 14 Replies
View Related
Jul 9, 2008
Is there some sort of rating guide (or site) that compares/rates performance and reliability of web hosts.
I just signed up with namecheap and the first three days were great but now it seems to be going down hill.
I've seen other sites with lists but they seem to be advertiser biased.
View 14 Replies
View Related
May 24, 2009
I am setting up a web server (2-3 websites, colo) but am wondering if setting up a mail server (IMAP/SMTP/Webmail for 4-5 mailboxes) alongside is a good practice?
Furthermore to my question, I only need SSL cert for email server and not for websites. Can this be done? Yes or no would be enough for now.
View 5 Replies
View Related
Jan 30, 2008
I really hope I'm just going batty with sleep deprivation, because this is making no sense to me. Before I clobber my poor provider with management requests, I want to see if this is typical behavior or not. I am able to send messages through my SMTP server from my laptop without using any authentication at all. It doesn't matter whether I'm using a client (tested Mail.app and Mozilla Thunderbird) or whether I'm going in via telnet. A typical session might look like this (addresses obfuscated):
asdfasdfasdf:~ ###$ telnet mail.fakedomainname.com 25
Trying ##.##.##.## ...
Connected to mail.fakedomainname.com.
Escape character is '^]'.
220 fakedomainname.com ESMTP Exim 4.67 Wed, 30 Jan 2008 00:56:03 -0800
HELO [192.168.2.1]
250 fakedomainname.com Hello reverse.verizon.net [##.##.##.##]
MAIL FROM:<nonexistentuser@fakedomainname.com>
250 OK
RCPT TO:<myvalidaddress@gmail.com>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
This should not work
.
250 OK id=1JK8kZ-0004Xx-7O
quit
221 fakedomainname.com closing connection
Connection closed by foreign host.
asdfasdfasdf:~ username$
I was expecting to see a "550 authentication required" message after it saw that "RCPT TO" wasn't a locally-hosted domain. I did confirm that the message was properly delivered to the intended Gmail address. So far, it looks like an open relay. But when
I use a third-party environment, such as the open relay checker at abuse.net, I am correctly seeing "550" messages at the appropriate places.
In other words, when anyone else does it, they get "550". When it do it from my laptop (from any client or telnet session), I'm clear to send. Just to add a little zest to the situation, when I did this same test 36 hours ago, I *was* getting "550" errors.
This doesn't seem right to me. However, my mail admin skill level is approximately zero, so I'm willing to accept that this is normal behavior and that I am overlooking the obvious.
View 2 Replies
View Related
Feb 8, 2007
I am setting up a niche recruitment website where people can put online CVs, upload PDf CVS and search for jobs. employers can post vacancies and search for potential employees. Would shared hosting be adequate for this (it has all the MYSQL databases necessary) I am just wondering what sort of demand this makes on servers. I currently have a 1and1 professional shared hosting package or do I need VPS?
View 4 Replies
View Related
Dec 30, 2008
I'm looking for a dedicated server for webhosting business. The server should have atleast 1Tb HD space and it should be in EU region. The best prices I've found so far are from hetzner.de. Can you recommed other ones?
View 12 Replies
View Related
Oct 19, 2009
I heard that HostGator is good. But they don't offer Win Server, except the Dedicated.
I need one that can run faster in China.
About the budget. It can be more or less the same as the rate that I currently paid to IX Webhosting:
10.95/month Annual
12.95/moth Semi-anual
View 12 Replies
View Related
Mar 29, 2009
<Updated and edited since the WHT crash>
I have had a VPS with Digital Linx since December 4, 2008. I am more than happy with the service I have received from them. At first, their order and billing system was a bit wonky, but now it is working just fine. I have dealt with support a few times, and they have been very quick to respond. Their MSN support person is online a LOT. At one point, there was a heavy load on the VPS. I msg'd support on MSN and they were already dealing with it. It was fixed in 5 minutes. They were also quick to set up TAP/TUN, and were really good when I said I was going to set up the VNC I am currently running.
They have added a number of good VPS images since, including 2 VNC images. With this, the offer more than most VPS providers. Their support people have always been very quick to respond, and their prices are very competitive. I am thrilled to get this level of support for the amount I pay.
I currently do not have any website hosted on that VPS. I am using it as a VNC server/remote office. But, just so you know, I am posting from it! I have reported my domainname/IP.
I highly recommend Digital Linx. They are one of the best value VPS companies I have dealt with, and I have dealt with a few.
View 3 Replies
View Related
Nov 27, 2013
After upgrading the panel from 10.4.4 to 11.5.30 Update #23, I am not able to sort domains based on the "Renewal Date" column. With 10.4.4, I was able to sort. Is there anyway I can do this on 11.5.30?
View 7 Replies
View Related
May 21, 2009
I'm running CentOS 5.x and DirectAdmin and wondering how to do the following:
- Disable compilers and other known binaries. Should I chown WGET 550?
- Prevent Shell Fork Bombs
- Best way to create partitions for tmpfs, tmp since my host forgot them?
- Any other tips on securing a DA based server? (I already have taken care of the whole SSH side of things)
View 3 Replies
View Related
Feb 27, 2007
One one of our (linux) servers spammers are king. they apparently can control anything and place spam links throughout the files.
For example spammer inserts Iframes either above or below HTML tags. (some step57 related type of virus/trojan as it seems)
Our programmer did not find where the problem is in our applications, yet he is not a security expert.
Our server admin company made us install phpuexec, we apparently have been checked on the server end and have mod_security, but we still don't know what's going on...spam continues.
View 6 Replies
View Related
Oct 9, 2007
Trying to determine what I want to put on my server for security. I have secured my /tmp, /var/tmp, and /dev/shm. I am now contemplating mod_evasive, mod_security, and/or APF Firewall.
1.) Should I install all three, or will APF Firewall, provide the same or similar security as mod_security, or vice versa?
2.) Will they all work together without conflicts?
3.) Does installing these services have any affect on overall server performance?
4.) Any other services you might recommend installing and why?
View 7 Replies
View Related
Aug 26, 2007
I have recently installed and configured my webserver. Since I think security is very important I am curious for recommendations, tips, etc.
My server:
-CentOS 4.4 (installed by provider)
-Apache 2.0.52
-Php 4.3.9
-MySql 4.1.20
-No FTP
-Mod_security is running
The firewall that comes with CentOS is switched on and allows the following ports: http, ssh, smtp.
I have installed sendmail, but it is turned off by default. I need it approx. 3 times a week for 15 minutes or so and will turn it on then.
I have barely any budget so hardware firewalls etc. aren't an option.
Furthermore it's a basic server, just like my knowledge, so advanced things like IDS aren't an option.
View 14 Replies
View Related
May 8, 2007
i want to know how can they make the directory ( u--------- )
take a look on this php shell
[url]
what i mean is they make the directory secure against any phpshell with that trick and they hide the hard disk space
how can i make this
my apache is 1.3.37 and i using fc5 and i have mod_security and cfs
View 6 Replies
View Related
Aug 31, 2008
I am considering renting a server, but got one question first.
If I sign up for one unmanaged root server with a control panel, from a provider. And just put my website on the server, and let it run there.
Is that a security risk? Is it easy for people to hack into my server, or anything like that?
View 5 Replies
View Related
Nov 6, 2009
My server has been hacked, I need you please to help learn about Unix server security to protect my server.
View 6 Replies
View Related
Nov 20, 2008
Does any body recommend we3cares server management services?
I need a very simple server management and hardening job and dont want to pay much. (not for a hosting company)
View 8 Replies
View Related
Jan 4, 2008
Currently working on securing my server and i think I'm doing quite well until I asked myself the question, have I done it right? Is there anyway to actually test how secure my server actually is? I'd rather not just wait and see if someone can hack me to bring to light what I did wrong...I was also thinking of hiring someone to secure my server but then how do I know that they've done anything different to me?
Are there any scripts or programs I can run to test server security?
View 10 Replies
View Related
Jun 3, 2008
Is there any script or method where I can test my server security?
View 2 Replies
View Related
Aug 10, 2008
after following the perfect server setup - centos5.2 guide I have setup a home server on my dsl connection and installed openfire with relative ease. I have a paid hosting server which runs my website but I want to have it access the userservice plugin of openfire to add/remove users (which is installed on my new home webserver).
After trying fopen and CURL to post GET data to my home server without any luck I did some reading and came accross the snoopy php class. The snoopy class now allows me to get the default apache test page on my home server but when i try to point snoopy to my openfire admin on port 9090 it throws up a timeout error (but i think this may be an error in the snoopy class?).
CURL and fopen allowed me to get data from google and some other sites but not from my home server.
View 2 Replies
View Related
Jun 15, 2007
what the way to protect dedicated server?
At present, My dedicated server have firewall and setting permision for each user/ data.
I have installed a anti-virus software.
I wonder that whenever my server can be hacked/ attached.
View 8 Replies
View Related
Feb 13, 2007
I'm in an environment where we have hundreds of users uploading content to a web site.
With the current system, someone could potentially run a command that would wipe out hundreds of files (and it has recently happened). We are currently looking at ways to improve security and prevent "accidents" by separating the public server into to parts.
A public server and a quality assurance server. Everyone would have access to the QA server, and the QA server would upload all changes to production.
I personally see the benefit, but don't see the problem being completely solved. Does anyone have any advice on this or link to articles or books that might help to set up a secure web server structure?
View 5 Replies
View Related
Sep 1, 2007
i have a dedicated server , some one else made the security for me, how could to be sure of its security? how could to be sure of all php functions contain risk are closed or disabled? how could to be sure of there are not any security gap?
way to understand and implement the steps.
View 5 Replies
View Related