CPanel Data Migration And New Server Security Setup
Dec 4, 2008
I just signed up for dedicated server at Softlayer with cPanel, mySQL and CentOS. I'm moving a site that is on a VPS with WHM. I know that cPanel has a transfer site feature.
I was considering hiring a service to migrate my site and to harden my server. Is this necessary or should I simply move it via cPanel? Things are tight and I don't want to incur an unnecessary cost if I don't have to. I defer to the members here at WHT for your recommendations.
I have a new Server (CentOS Linux 7.1.1503) and will migrate the Data from my old Server (Ubuntu 14.04 LTS) with the Migration Manager. Both Servers running with Plesk 12.0.18
After i entered the Server-IP and the Login-Data for the old Server i became this Error on the new Server:
Fehler: launchpad error (Error code = 2): == STDERR ==================== Cannot request remote agent status using command line /var/cache/20150518173107557/PleskX.pl: UNIVERSAL->import is deprecated and will be removed in a future perl at (eval 25) line 3. UNIVERSAL->import is deprecated and will be removed in a future perl at IPC/Run.pm line 1060. UNIVERSAL->import is deprecated and will be removed in a future perl at IPC/Run/IO.pm line 78. UNIVERSAL->import is deprecated and will be removed in a future perl at IPC/Run/Timer.pm line 161. Died at AgentConfig.pm line 23. ==============================Click to expand...
Ubuntu 12.04.4 LTS Panel version 11.5.30 Update #45
The data stored in roundcube webmail (like contacts and signatures ), located in the database table "roundcubemail", is not transferred when migrating the whole server, customer or the domain that uses it. Also in the backup server, account, domain this data is not included.
I think it's a real problem if a customer with many mailboxes, who only uses roundcube, needs a backup or wants to migrate to another server. Ok, this data could be exported in rounbcube with a few mouse clicks, but it´s not very comfortable. In my opinion this should be included in the backup and also in the migration process (migration manager).
I am working towards launching a site that, among other things, will be a repository for sensitive data on war crimes. As these crimes are ongoing, and occur in a location where assassinations are endemic, I need to develop a comprehensive security strategy that takes into account all levels of the interface between end user / witness and the site / database itself.
I have considered, but am open to insight and advice on, the following:
1. Data security laws in given countries, in order to ensure the privacy and integrity, as much as possible and away from political / state interference, of data communications. Concerns include the interception of data in transfer and the security of stored data (the United States and the UK are almost certainly cancelled out in this regard. Canada appears significantly better, though Greece, it appears, has the greatest level of legislative protection).
2. Encryption as a technique to ensure the security of transfered and stored data. I am particularly interested in best practice advice on encryption.
3. Javascript as a means to establish a more secure interface between the end user (i.e., the browser interface) and the secured database into which sensitive data will be inputed. Has anyone used this, or other techniques of overcoming the inherent insecurity of the browser interface?
4. Various best practices concerning php, MySQL and Apache security. Any and all advice, or guidelines, welcome.
5. Considerations relative to dedicated hosting, and also colocation hosting as an option.
In general, my problem is to ensure that the identities of witnesses, so much as is technically conceivable, can be protected from extra-judicial interference or surveillance. Nothing about this site will be illegal in any way. The problem is that the witness testimony will be about the actions of a powerful state that has demonstrated its disrespect for law.
Ideally I'd find in these forums a few individuals with whom I could discuss these technical matters off-forum. At the same time, general responses would be values.
The site that I'm building is non-profit (indeed zero budget) and does not represent any political party. It's a people's initiative, against aggressive violence and in support of international law.
Just have some questions regarding server settings and security
1) What will happen if Open_basedir in php.ini is changed to Open_basedir = /home:/tmp ?
2) What will happen if all hosted users in passwd file are set to /sbin/nologin ??? Dose it effect running the web site?
What are the effects if Sync if set to /sbin/nologin default is /bin/sync shutdown if set to /sbin/nologin default is /sbin/shutdown halt if set to /sbin/nologin default is /sbin/halt news if set to /sbin/nologin default is empty netdump if set to /sbin/nologin default is /bin/bash Mysql if set to /sbin/nologin default is /bin/bash mailman if set to /sbin/nologin default is /bin/bash cpanel if set to /sbin/nologin default is /bin/bash
3) How to make /bin/bash in passwd file is the default path for each new user added (automatically) in cpanel/whm server
4) What is the effect if base64_encode and base64_decode if been added in disable functions?
5) How to secure host.conf and nsswitch.conf to prevent DNS lookup poisoning and also provide protection against spoofs?
6) How to secure the system configuration file sysctl.conf to prevent the TCP/IP stack from syn-flood attacks?
This morning BlueSquare/Poundhost sent out an email to all their customers, announcing a special deal to all current customers, that sounds great right? Sure, except the CC'd instead of BCC'd all of their clients in on the email.
Since then everyone who's email address stards with anything up to the letter B - around 100-110 addresses - received an email containing the ****** image with the message
Followed by this from BlueSquare:
Quote:
Earlier today an email was sent out to all customers providing details on a dedicated server special offer. Unfortunately this email was sent out using the CC field and not the BCC field. This was not a breach of security, but a genuine mistake on the part of the sender who was not aware of what had happened until the email had been sent, and as such the sender has been suitably reprimanded.
We realise the seriousness of this error and have now taken automatic steps to ensure this cannot happen again by limiting the maximum recipients on our outgoing mail server to a small number, as well as updating and limiting staff on the use of the mail list system.
We are aware that some of our more unscrupulous competitors may have already obtained a copy of this email list and may contact you in due course. If you do receive an unsolicited email, to reduce further unwanted spam, please use the unsubscribe option which they are legally obliged to include.
I was wondering what people in Australia use with regards to data centers. Do you go local in Australia or are overseas data centers just as good, with regards to speed?
If local what do you guys use?
If overseas, where do you get the fastest bandwidth to Australia, etc.
Hi there, i have few question for the best suited DNS Setup for our compagny.
We have tree server located in montreal. Two are running web services, one of them is only for dns ( home server ).
Two main server have Whm/Cpanel. One run Cpanel Dns only.
Main server have 7 ips each Dns server, only have 1
Let say we use domain xxx.com Right now we have ns1/ns2/ns3/ns4 point to server1 ns5/ns6/ns7 point to server2
We have no Nameserver that point to our dns only server for now. I'd like to advoid runing DNS Service on all of them, maybe having two slave one master would be fine. Question: What would be the best suited dns setup with my current config for best responding time and fast replication?
We are about to open a data center in India. Can u please someone guide us to setup a data center. I require some article, reference for all setup and from scratch.
