I will be storing personal customer information in mysql, so security is driving all my requirements. I was thinking the architecture will be :-a dedicated web server within a DMZ and placed behind a firewall and border router.
a dedicated database server inside the internal network behind another firewall, All running Linux
building out and management of the servers to be done by hosting provider or third party Please feel free to comment on this setup.
QuestionsIs a reverse proxy a benefit for security.
Am I right in saying that a reverse proxy hides the OS and server details from prying eyes and provides another layer of security
if a reverse proxy server is a benefit, is it normally the default architecture at most reputable hosts.
But do i need to speak to the datacenter to add the reverse dns entries for my domain on their nameservers? What about if i host my nameservers offsite, but then have my webserver/mailserver etc inside the datacenter? Would i need to request the datacenter where the nameservers are hosted to add the reverse ip entries for the domain, and then the request the same from the datacenter for my web/mail servers to add the reverse entries?
Maybe somebody here can shed light on this issue. I have a VPS that is hosted at the Colo4Dallas datacenter. I have purchased a block of 5 IP addresses, and then requested reverse dns zones be added for each IP.
The original 2 IP addresses that came with it, adding reverse DNS zones were no problem, it was done within a day. For some reason though, these additional 5 IP addresses they are having a horrible time with getting the zones added. My host that I have the VPS through said they put the ticket in, and Colo4Dallas is saying they may not be able to add the reverse DNS entries for some reason. I could not get any technical detail yet though because they are still working on it.
My question to everyone here is.... why? Granted I do not know *THAT* much about the datacenter-side of things, but it would seem to me that an IP is an IP, and if you could add the zones for the original 2 IP addresses, why is it not as easy with an additional 5? I *have* to have reverse dns entries for these IP's for email reasons for my customers that will be on these IP addresses.
Can anyone shed some light on what the technical problem could possibly be?
However, the default web page is blank. Now my site has been DDoSed for the last 3 days. Does this mean they are attacking the site from the IP, because I do see many genuine access to the correct Vhost but no body should access the site via the IP.
Especially... why is the client, my on server ip that accesses?
My domain is currently under massive DDoS attack by failed e-mail messages - there are currently 10 failed messages send to me in 1 second. Almost every mail comes from different IPs, is there anythink I can do?
Are there any scripts out there that can protect URLs? For an example I am trying to protect a megaupload.com URL with a masking URL and making sure that the masking URL is only access by a referral site. Can this be done?
Last days my site was hacked to the main page has been added the "iframe" tag with path to the virus loading. I don't know how somebody could edit the original page and insert this code to the html body. This time I have updated this page from archive but I would be glad to know how to protect my site in future. Could somebody advice me fast and effective methods?
what is the best way to protect whm and cpanel from unwanted login?
If i change the port they still can sniff, is there away to put another layer to protect it or assigned specific ip to be able to login ? I'm on a dedicate server and only hosting for 1 site so there no customer that i should worry about.
can i change /whm and /cpanel to something else just to hide it form novice users.
how to pwd protect directories with when using no control panel, I am planning to change the login details of the protected directories every few days as well as its top secret data, so I would like to know how to protect directories with pwd, I know how to do using control panel such as cPanel r Plesk but I am having no control panel at this interface
I intend to share the files under this protected directories only to my team, so plz help me with codes if there are any
I am having a lot of trouble with spammers and hackers. I am currently hosting my site on a windows server.
[FONT='Calibri','sans-serif']What is the best tool that I can use to protect my web-site? The tool should be easy to use and require no JAVA or Pearl and other programming languages as I am not familiar with them.
Today i was informed that some of Apache instances are vulnerable for serving content while client is constantly pressing F5 button in browsers - once is pressed CPU load is increasing, page became slow etc. (it's dynamic content served by back-end Tomcats). In the same time i see errors with connection between Apache and Tomcats' instances.
Is there any good way to protect Apache against it ?
I recently bought an SSL certificate to protect user data. I installed the cert in WHM. But when I go to my website in https://, my browser says (Safari canít open the page [url] because Safari canít establish a secure connection to the server ď*domain name*Ē.)
Do you know what's happening and how to fix it? I've never dealt with SSL before, so this is very frustrating.