May 16 16:00:32 server Cp-Wrap[6322]: Pushing "32121 GETDOMAINIP user.com " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6322]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6325]: Pushing "32121 LISTSUBDOMAINS 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6325]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6328]: Pushing "32121 LISTMULTIPARKED 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32121
May 16 16:00:32 server Cp-Wrap[6328]: CP-Wrapper terminated without error
May 16 16:00:32 server Cp-Wrap[6330]: Pushing "32121 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6330]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6333]: Pushing "32121 LISTDBS" to '/usr/local/cpanel/bin/postgresadmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6333]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6338]: Pushing "32121 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6338]: CP-Wrapper terminated without error
May 16 16:00:33 server Cp-Wrap[6342]: Pushing "32121 LIST 0 0 " to '/usr/local/cpanel/bin/ftpadmin' for UID: 32121
May 16 16:00:33 server Cp-Wrap[6342]: CP-Wrapper terminated without error
I'm noticed I was getting bounced email errors from a company I was sending email through and I further investigated this by running a dnsreport on my domain.
Turns out that it fails at Acceptance of NULL <> sender, Acceptance of postmaster address, and Acceptance of abuse address. The domain that I ran a test on is using a new IP that I had recently added to my Direct Admin server. None of the other domains on my server are having issues like this.
Is is possible that I need to do something to enable these new IP addresses in exim? I mean, exim obviously responds to that IP address, but it seems to be having some issues with it.
when I get a dedi server for shared hosting. I secure it as much as i can and then just incase I miss stuff etc I hire 2 other companys to check over everything. Since I bought a vps from fsckvps are there any guides to secure and optimize a vps other then the one located in the vps section? thanks. I Dont feel like spending 50+ dollars on securing a vps that costs less then 15 a month.
How secure is my VPS? Anyone who has some free time and is reading this thread could please try to do some penetration-testing or something related (I really do not know much about network security) in order to know if my server configuration could be the problem?
Do you find any way to download the full database without login on the system (cPanel or phpMyAdmin)?
I have an application that requires a Secure FTP connection to a server to work. I am having trouble connecting to one server, a windows based server, while the CentOS Linux server is working fine.
Does anyone know where I can find test Secure FTP locations so I can determine if the issue is with misconfiguration or with an incompatibility of the program with windows Secure FTP sites?
I am able to connect to both sites using WinSCP and choosing Secure FTP.
Check out this blog and suggest what thing more can be added to secure the vps and i think this information database can be helpful for newbies and intermediate users which like to secure the VPS.. which sometimes exploited due to bad scripts.
Ive been using Dreamhost for years and there great however, One of my clients needs has drastically changed and they are now required to comply with the Data Protection Act.
In particular this bit make Dreamhost a bit of a no go due to them being in California:
"Personal information may not be transmitted outside the EEA unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data."
Unless my client goes and asks all 1000+ customers they are kinda in a bit of a quandary. So here's what im looking for:
Secure UK Datacenter, eg Easynet, Blue Square etc 128mb RAM, 256mb Burstable, 20GB storage, 500GB transfer LAMP Environment Support within Business Hours Control Panel
The passfile is located in the same directory (ie. /usr/local/svn/test) and contains my users in the format:
[users] harry = harryssecret sally = sallyssecret
I then run my checkouts like so: svn checkout svn://mysite.com:7126/test
Now my question is how secure is this. I was tempted to use svn+ssh but I couldn't seem to figure out how to get it configured. Is the protection I have adequate? How easily can this be compromised? What steps should I take to lock it down further. Can I limit the connection to SVNSERVE to only come from certain specific IP's... similar to how apache does:
Order deny,allow deny from all allow from 192.153.123.12
What would be the most secure free CMS at the moment? I ask this because im looking to setup a website, and i dont have enough money to invest in a custom coded website, so to start out with ill use a free CMS, but i dont want to be hacked.
Now i know that because the CMS's are open source, they can still be hacked, what im looking for is something that is the most secure, preferably with sql injection protection.s?
I am doing the Security Check provided by Config Server Firewall.
It is giving me 3 errors, and I want to fix them, so here they are.
Check /dev/shm is mounted noexec,nosuid /dev/shm is not mounted with the noexec,nosuid options (currently: none). You should modify the mountpoint in /etc/fstab for /dev/shm with those options and remount On this one I actually went and added the noexec,no suid options. Here is what i've got configured and what it looks like. (it's most likely not correct so help correct it.) [url]
Check /etc/named.conf for DNS recursion restrictions
You have a local DNS server running but do not have any recursion restrictions set in /etc/named.conf. If the named process is using this configuration file, then this is a security and performance risk and you should look at restricting recursive lookups to the local IP addresses only
Check dovecot weak SSL/TLS Ciphers (ssl_cipher_list) Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > MailSever Configuration > SSL Cipher List > Remove +SSLv2 or Add -SSLv2 Alright so this one I followed the instructions, and i've got everything set correctly but it still shows up on the thing. I don't think the ssl_cipher_list is even available in WHM
I don't know much of anything about server settings or errors, so I need your help. Recently one of my servers have been getting a lot of 500 error messages, and I can't pinpoint the reason or replicate the error on my end. I did some Google searching and although I found out in general what a 500 error is, I still am not clear on what exactly causes them or how to reduce them. Could it be caused by intense amounts of traffic? Is the server just being overloaded?
Also, I see that my server is throwing a lot of 404 errors for a variety of URLs on my site, however when I visit the URLs specified by the error log they work fine for me - seems like only sometimes for whatever reason the server can't find/access them and throws a 404. Again, I can't replicate it and have no clue how to fix it since the list of 404 URLs work fine when I type them in.
I have a VPS account with an hosting site. For the past 2 days i have done a lot of uploads. I have 25+ sites on this account. Today when i try to login into my sites via ftp, its showing ftp login failed for all sites.
The hosting company is still sleeping on my queries regarding this matter.
Interestingly logins for WHM & cpanel for all sites are working fine.
Any experienced members plz guide me on how to get the ftp working to upload files to my sites.
there is "Cannot Resolve Dns" for my site for one or 2 regions .. Everytime i check my site my site with a Website Monitoring site , i get Cannot Resolve Dns for one or two regions .. can anyone please tell me what the problem can be ..
When i go to dnsreport.com , i get Fail in Missing (stealth) nameservers
Quote:
FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNS Report will not query these servers, so you need to be very careful that they are working properly.
ns1.mysite.ws. ns2.mysite.ws. This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).
Jun 29 12:35:48 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=3858 DF PROTO=TCP SPT=33891 DPT=2534 WINDOW=5840 RES=0x00 SYN URGP=0 Jun 29 12:35:49 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=17089 DF PROTO=TCP SPT=33897 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0 Jun 29 12:35:52 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=17091 DF PROTO=TCP SPT=33897 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0 Jun 29 12:35:53 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=39040 DF PROTO=TCP SPT=33899 DPT=2534 WINDOW=5840 RES=0x00 SYN URGP=0 Jun 29 12:35:56 server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=(my server ip) DST=(another server IP of mine) LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=39042 DF PROTO=TCP SPT=33899 DPT=2534 WINDOW=5840 RES=0x00 SYN URGP=0
Here's the strange thing. The part that says "another server IP of mine" are two different OTHER servers of mine, BUT do not have cpanel nor part of the cluster. What could it be?
Jan 31 04:39:22 servername kernel: ATA: abnormal status 0x7F on port 0xE807 Jan 31 04:39:22 servername kernel: ATA: abnormal status 0x7F on port 0xE007
I am looking for antivirus under linux like f-secure scanning php shell files scripts but free i am facing many problems here from these shell files ....
recently I got a VPS from cheapvps.co.uk and so far so good. Im getting used to the VPS enviroment. I tried to follow several guides about how to secure with noexec and nosuid the /tmp and /var/tmp and it did not work.
in http : / / www . webhostingtalk .com/showthread.php?t=474681&highlight=tmp points it must be done from the hosting. Same is said in http : // kb . swsoft . com/article_130_648_en.html.
I asked the hosting to do it and they told me as I got an Unmanaged VPS they cant do it for me.
Do anyone know how can be done ? I dont want to use tmpfs as it uses main memory.
In terms of the secure domain, if I had a secure site and wished to access some information on a web page that was from a NON-SECURE domain or at least duplicate the non secure information on to the secure page, does the user need to click acknowledge buttons to go in and out of the secure areas? Can I copy or transfer information [eg goggle search results] onto the secure page without this necessity?
My requirements are 500MB, 5GB bandwidth, rails and postgres, $5-6 per month. It looks like there are many providers out there that are offer that.
However the only uploading method shared hosters seem to offer - or at least the only method they advertise - is FTP. Coming from a university and sysadmin background, I thought that anything that sends passwords over the wire unencrypted had died long ago (except HTML forms and legacy systems).
Are there any shared hosting services that allow a more secure upload method (e.g. scp, rsync-over-ssh, even webdav-over-ssl)?
am getting this repeated error line in in log/secure
Quote:
Jun 7 18:19:38 host sshd[15751]: warning: /etc/hosts.allow, line 7: can't verify hostname: getaddrinfo(ev1s-209-85-4-32.ev1servers.net, AF_INET) failed Jun 7 18:19:38 host sshd[15752]: Connection closed by 209.85.4.32
here is my host.allow:
Quote:
# # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. #
