Errors In /var/log/secure
May 17, 2007
Getting these odd errors in /var/log/secure
May 16 16:00:32 server Cp-Wrap[6322]: Pushing "32121 GETDOMAINIP user.com " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6322]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6325]: Pushing "32121 LISTSUBDOMAINS 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6325]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6328]: Pushing "32121 LISTMULTIPARKED 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6328]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6330]: Pushing "32121 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6330]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6333]: Pushing "32121 LISTDBS" to '/usr/local/cpanel/bin/postgresadmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6333]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6338]: Pushing "32121 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6338]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6342]: Pushing "32121 LIST 0 0 " to '/usr/local/cpanel/bin/ftpadmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6342]: CP-Wrapper terminated without error
View 1 Replies
ADVERTISEMENT
Feb 13, 2007
I'm noticed I was getting bounced email errors from a company I was sending email through and I further investigated this by running a dnsreport on my domain.
Turns out that it fails at Acceptance of NULL <> sender, Acceptance of postmaster address, and Acceptance of abuse address. The domain that I ran a test on is using a new IP that I had recently added to my Direct Admin server. None of the other domains on my server are having issues like this.
Is is possible that I need to do something to enable these new IP addresses in exim? I mean, exim obviously responds to that IP address, but it seems to be having some issues with it.
View 5 Replies
View Related
Jul 26, 2009
how can i secure my tmp on vps?
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
it isnt work on vps and i have this error:
[root@ dev]# mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
mount: could not find any device /dev/loop#
View 4 Replies
View Related
May 5, 2009
i want to secure my /tmp and do this:
so i try this link
[url]
so:
cd /dev
dd if=/dev/zero of=tmpMnt bs=1024 count=150000
/sbin/mke2fs /dev/tmpMnt
cd /
cp -R /tmp /tmp_backup
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
but i have this error:
root@server [/]# mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
mount: no permission to look at /dev/loop#
View 4 Replies
View Related
May 13, 2009
when I get a dedi server for shared hosting. I secure it as much as i can and then just incase I miss stuff etc I hire 2 other companys to check over everything. Since I bought a vps from fsckvps are there any guides to secure and optimize a vps other then the one located in the vps section? thanks. I Dont feel like spending 50+ dollars on securing a vps that costs less then 15 a month.
View 14 Replies
View Related
Aug 7, 2008
vbulletin.com/forum/showthread.php?t=281011
How secure is my VPS? Anyone who has some free time and is reading this thread could please try to do some penetration-testing or something related (I really do not know much about network security) in order to know if my server configuration could be the problem?
Do you find any way to download the full database without login on the system (cPanel or phpMyAdmin)?
View 3 Replies
View Related
Sep 8, 2008
i'v been Installed all these In my VPS server
1)Disable Functions:
system,system_exec,shell,shell_exec,exec,passthru,escapeshellarg, escapeshellcmd,proc_close,proc_open,ini_alter,dl, popen,parse_ini_file,show_source
and Enable The Safe_Mode.
---------------------------------------
2)Hide_your_apache_Version
---------------------------------------
3)Install LogWatch in a Server
---------------------------------------
4)Mod-Security-Install
---------------------------------------
5)Root-Login (IP Sent).
---------------------------------------
6)Disable Login Root and Change SSH Port .
---------------------------------------
7)Installing eAccelerator .
---------------------------------------
8)Install Nobody Check
---------------------------------------
9)Updateing All of
/scripts/upcp
/scripts/updatenow
/scripts/sysup
/scripts/fixeverything
/scripts/exim4
/scripts/easyapache
/scripts/securetmp
----------------------------------------
but doesnt know yet what the better to secure my vps ..
and about Firewall two .. wich firewall better
CSF or APF+BFD ..
View 4 Replies
View Related
Mar 27, 2008
I have an application that requires a Secure FTP connection to a server to work. I am having trouble connecting to one server, a windows based server, while the CentOS Linux server is working fine.
Does anyone know where I can find test Secure FTP locations so I can determine if the issue is with misconfiguration or with an incompatibility of the program with windows Secure FTP sites?
I am able to connect to both sites using WinSCP and choosing Secure FTP.
View 1 Replies
View Related
Aug 30, 2007
Check out this blog and suggest what thing more can be added to secure the vps and i think this information database can be helpful for newbies and intermediate users which like to secure the VPS.. which sometimes exploited due to bad scripts.
[url]
View 2 Replies
View Related
Nov 11, 2007
Ive been using Dreamhost for years and there great however, One of my clients needs has drastically changed and they are now required to comply with the Data Protection Act.
In particular this bit make Dreamhost a bit of a no go due to them being in California:
"Personal information may not be transmitted outside the EEA unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data."
Unless my client goes and asks all 1000+ customers they are kinda in a bit of a quandary. So here's what im looking for:
Secure UK Datacenter, eg Easynet, Blue Square etc
128mb RAM, 256mb Burstable, 20GB storage, 500GB transfer
LAMP Environment
Support within Business Hours
Control Panel
View 6 Replies
View Related
Feb 4, 2007
So I just got SVN installed on my server, and now I'm wondering about the best way to go about securing it. This is what I've had done so far
the executables were installed to /usr/bin as ROOT
Then I created a directory in /usr/local/svn as ROOT to hold the svn repositories (the conf folders, etc).
I've decided that I'd like to use the SVNSERVE tool rather than have to run Apache2 which my current VPS provider does not provide any support for.
So I've run SVNSERVE like so:
svnserve -d -r /usr/local/svn --listen-port=7126
Then for each repository within the /usr/local/svn folder I've gone into the conf folder and added:
anon-access = none
auth-access = write
password-db = passfile
realm = myrealm
The passfile is located in the same directory (ie. /usr/local/svn/test) and contains my users in the format:
[users]
harry = harryssecret
sally = sallyssecret
I then run my checkouts like so:
svn checkout svn://mysite.com:7126/test
Now my question is how secure is this. I was tempted to use svn+ssh but I couldn't seem to figure out how to get it configured. Is the protection I have adequate? How easily can this be compromised? What steps should I take to lock it down further. Can I limit the connection to SVNSERVE to only come from certain specific IP's... similar to how apache does:
Order deny,allow
deny from all
allow from 192.153.123.12
View 10 Replies
View Related
Feb 22, 2007
What would be the most secure free CMS at the moment? I ask this because im looking to setup a website, and i dont have enough money to invest in a custom coded website, so to start out with ill use a free CMS, but i dont want to be hacked.
Now i know that because the CMS's are open source, they can still be hacked, what im looking for is something that is the most secure, preferably with sql injection protection.s?
View 11 Replies
View Related
Apr 15, 2007
Secure FTP?
Entirely dependent on Client Software or do we need to buy an SSL certificate and install it on our server as well?
How it works?
View 1 Replies
View Related
Jun 25, 2007
[url]
i followed the guide, after done I reboot the server then it gives me these errors:
Quote:
mounting local filesystems: Failed
mounting other filesystems: /dev/tmpMnt: No such file or directory
View 5 Replies
View Related
Apr 1, 2009
I am doing the Security Check provided by Config Server Firewall.
It is giving me 3 errors, and I want to fix them, so here they are.
Check /dev/shm is mounted noexec,nosuid
/dev/shm is not mounted with the noexec,nosuid options (currently: none). You should modify the mountpoint in /etc/fstab for /dev/shm with those options and remount
On this one I actually went and added the noexec,no suid options. Here is what i've got configured and what it looks like. (it's most likely not correct so help correct it.)
[url]
Check /etc/named.conf for DNS recursion restrictions
You have a local DNS server running but do not have any recursion restrictions set in /etc/named.conf. If the named process is using this configuration file, then this is a security and performance risk and you should look at restricting recursive lookups to the local IP addresses only
Check dovecot weak SSL/TLS Ciphers (ssl_cipher_list)
Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > MailSever Configuration > SSL Cipher List > Remove +SSLv2 or Add -SSLv2
Alright so this one I followed the instructions, and i've got everything set correctly but it still shows up on the thing. I don't think the ssl_cipher_list is even available in WHM
View 3 Replies
View Related
May 30, 2008
I don't know much of anything about server settings or errors, so I need your help. Recently one of my servers have been getting a lot of 500 error messages, and I can't pinpoint the reason or replicate the error on my end. I did some Google searching and although I found out in general what a 500 error is, I still am not clear on what exactly causes them or how to reduce them. Could it be caused by intense amounts of traffic? Is the server just being overloaded?
Also, I see that my server is throwing a lot of 404 errors for a variety of URLs on my site, however when I visit the URLs specified by the error log they work fine for me - seems like only sometimes for whatever reason the server can't find/access them and throws a 404. Again, I can't replicate it and have no clue how to fix it since the list of 404 URLs work fine when I type them in.
View 4 Replies
View Related
May 29, 2008
I have a VPS account with an hosting site. For the past 2 days i have done a lot of uploads. I have 25+ sites on this account. Today when i try to login into my sites via ftp, its showing ftp login failed for all sites.
The hosting company is still sleeping on my queries regarding this matter.
Interestingly logins for WHM & cpanel for all sites are working fine.
Any experienced members plz guide me on how to get the ftp working to upload files to my sites.
View 4 Replies
View Related
Nov 25, 2008
I see this in the domain error logs...
[25-Nov-2008 16:49:03] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so: undefined symbol: php_pdo_get_dbh_ce in Unknown on line 0
[25-Nov-2008 16:49:04] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so: undefined symbol: php_pdo_get_dbh_ce in Unknown on line 0
[25-Nov-2008 16:49:05] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so: undefined symbol: php_pdo_get_dbh_ce in Unknown on line 0
[25-Nov-2008 16:49:10] PHP Warning: PHP Startup: Unable to load dynamic library ...
Using php 5.2.6 / mysql pdo module (compiled via whm > apache update) / mysql 5
View 4 Replies
View Related
Feb 27, 2007
there is "Cannot Resolve Dns" for my site for one or 2 regions .. Everytime i check my site my site with a Website Monitoring site , i get Cannot Resolve Dns for one or two regions .. can anyone please tell me what the problem can be ..
When i go to dnsreport.com , i get Fail in Missing (stealth) nameservers
Quote:
FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNS Report will not query these servers, so you need to be very careful that they are working properly.
ns1.mysite.ws.
ns2.mysite.ws.
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).
View 4 Replies
View Related
May 29, 2007
S.M.A.R.T Errors on /dev/hda
From Command: /usr/sbin/smartctl -q errorsonly -H -l selftest -l error /dev/hda
ATA Error Count: 2
Error 2 occurred at disk power-on lifetime: 6001 hours (250 days + 1 hours) Error 1 occurred at disk power-on lifetime: 5973 hours (248 days + 21 hours)
----END /dev/hda--
This is the third time I got this message. My server is often down that SIM pretty much restart httpd, named, etc. every 2 hours.
I had no other explanation for the problem.
May 29 02:02:16 server filelimits: Increasing file system limits succeeded
View 8 Replies
View Related
Jun 29, 2007
Seen this in /var/log/messages
Jun 29 12:35:48 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=3858 DF PROTO=TCP SPT=33891 DPT=2534 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 29 12:35:49 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=17089 DF PROTO=TCP SPT=33897 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 29 12:35:52 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=17091 DF PROTO=TCP SPT=33897 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 29 12:35:53 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=39040 DF PROTO=TCP SPT=33899 DPT=2534 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 29 12:35:56 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=39042 DF PROTO=TCP SPT=33899 DPT=2534 WINDOW=5840 RES=0x00 SYN URGP=0
Here's the strange thing. The part that says "another server IP of mine" are two different OTHER servers of mine, BUT do not have cpanel nor part of the cluster. What could it be?
View 0 Replies
View Related
Jan 30, 2007
I have this when I rebooted my Centos server
Jan 31 04:39:22 servername kernel: ATA: abnormal status 0x7F on port 0xE807
Jan 31 04:39:22 servername kernel: ATA: abnormal status 0x7F on port 0xE007
What does this mean? I am using autoraid Accusys.
View 2 Replies
View Related
Nov 10, 2007
I had to reinstall xml:rss perl module via whm. Client is getting this error still
Can't locate XML/RSS.pm in @INC (@INC contains: /home/client/dir/mgmt/perl /usr/lib/perl5/5.8.5/i386-linux-thread-multi /usr/lib/perl5/5.8.5 /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl .) at /home/client/dir/mgmt/commandline/erealms.pl line 36.
BEGIN failed--compilation aborted at /home/client/dir/mgmt/commandline/erealms.pl line 36.
Using cpanel 11 stable, centos 4.5
perl -v
This is perl, v5.8.8 built for i686-linux
View 3 Replies
View Related
Nov 3, 2009
What is best method to secure the tmp?
1. /tmp mounted as noexec,nosuid?
2. creating /usr/tmp directory?
View 1 Replies
View Related
Mar 25, 2009
i have question about securety of our DNS Server.
View 8 Replies
View Related
Jun 13, 2007
I am looking for antivirus under linux like f-secure scanning php shell files scripts but free
i am facing many problems here from these shell files ....
View 0 Replies
View Related
Mar 15, 2007
recently I got a VPS from cheapvps.co.uk and so far so good. Im getting used to the VPS enviroment. I tried to follow several guides about how to secure with noexec and nosuid the /tmp and /var/tmp and it did not work.
in http : / / www . webhostingtalk .com/showthread.php?t=474681&highlight=tmp points it must be done from the hosting. Same is said in http : // kb . swsoft . com/article_130_648_en.html.
I asked the hosting to do it and they told me as I got an Unmanaged VPS they cant do it for me.
Do anyone know how can be done ? I dont want to use tmpfs as it uses main memory.
View 1 Replies
View Related
Jan 16, 2009
In terms of the secure domain, if I had a secure site and wished to access some information on a web page that was from a NON-SECURE domain or at least duplicate the non secure information on to the secure page, does the user need to click acknowledge buttons to go in and out of the secure areas? Can I copy or transfer information [eg goggle search results] onto the secure page without this necessity?
View 6 Replies
View Related
Jun 8, 2009
My requirements are 500MB, 5GB bandwidth, rails and postgres, $5-6 per month. It looks like there are many providers out there that are offer that.
However the only uploading method shared hosters seem to offer - or at least the only method they advertise - is FTP. Coming from a university and sysadmin background, I thought that anything that sends passwords over the wire unencrypted had died long ago (except HTML forms and legacy systems).
Are there any shared hosting services that allow a more secure upload method (e.g. scp, rsync-over-ssh, even webdav-over-ssl)?
View 4 Replies
View Related
Jun 7, 2008
am getting this repeated error line in in log/secure
Quote:
Jun 7 18:19:38 host sshd[15751]: warning: /etc/hosts.allow, line 7: can't verify hostname: getaddrinfo(ev1s-209-85-4-32.ev1servers.net, AF_INET) failed
Jun 7 18:19:38 host sshd[15752]: Connection closed by 209.85.4.32
here is my host.allow:
Quote:
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
ALL: localhost
ALL: 62.215.149.53
ALL: 70.84.160.0/24
ALL: 66.98.240.192/26
ALL: 216.12.192.107
ALL: 12.96.160.0/255.255.255.0
ALL: 67.19.0.0/255.255.255.0
ALL: 216.234.234.0/255.255.255.0
ALL: 70.85.125.0/255.255.255.0
ALL: 70.84.160.0/255.255.255.0
ALL: 216.40.193.0/255.255.255.0
ALL: 66.98.240.192/255.255.255.192
ALL: 209.85.4.0/255.255.255.192
ALL: 209.85.4.32
ALL: 75.125.126.8
View 2 Replies
View Related