I want to buy a billing software, but I am a bit scared about having all my clients in mysql on the server. How safe is it? Can hackers steal my data? Till now I had clients data stored on my PC.
View 2 Replies
i have vps and i enable the safe_mode , but now i need to turn it off becouse i need to install image uploader script and this script need safe mode off to work
so,
what can i do to secure my server while i turn off my safe mode?
what can happend if i turn off safe mode?
what is the job of safe mode?
I need a server dedicated just to emailing prospected clients.
Can anyone turn me onto a decent provider who does not mind excessive mail?
I am a host reseller and the parent company is upgrading their servers to PHP5. This may break some of my clients' sites (OSCommerce, Zen). Should we fix those sites for free or should my clients pay for the upgrade?
View 24 Replies View RelatedI had been rebuild apache, change value MaxClients in httpd.conf to 1500 and restart the server, but problem still the same
Quote:
Originally Posted by httpd.conf
MaxClients 1500
Quote:
Originally Posted by ssh
# /usr/local/apache/bin/apachectl configtest
Syntax OK
Quote:
Originally Posted by email
httpd failed @ Fri Jul 6 21:35:08 2007. A restart was attempted automagicly.
Quote:
Originally Posted by Server Status
Server Load 1.23 (2 cpus)
Memory Used 7.8 %
So my the other day one of my clients rented a Windows 2003 server. Has no idea on how to run DNS server on it and demanded us to do something about it. Since he had no management plan, we let him know that if he got himself a management plan we could help him out - but looks as though he was on a tight budget and couldn't opt in for it. Same thing happened last week and again one yesterday!
To help these customers out I was wondering if I could start a DNS service. Each client would get access to it for free regardless of their operating system or management plan. They could point their domains to the nameservers and use the DNS service to point the domain's A records to their servers.
From the start, I have been using EditDNS and still using it. But coming to think of it, its getting more unstable day by day even though they have 5 servers spread across the globe. I am planning on to move to EveryDNS. With this move, I'd like to use their services for my clients too. Rather than running my own DNS servers - I feel this could work out more efficient and reliable.
So what I am planning on doing here is more like creating private namesevers to mask EveryDNS's nameservers. Then have a custom script site built to interact with EveryDNS's APIs. Sounds like a good idea? Then my customer uses the script's interface to create/delete/edit records, etc.
Anyway I need some advice, suggestion or help in this matter. Has anyone tried this stunt out before? If so, how successful were they/you? How are your customer's reaction towards this (satisfied or not?). Does it stay efficient? (both in terms of money, time and energy spent).
Also, if anyone could suggest me any programmer who could do this for me (someone well versed with DNS/EveryDNS on PHP/MySQL) it would be nice.
Edit: I guess ServerBeach/Peer 1 already has implement this. If anyone really knows whats going on there - please share.
in getting a full list of server addons that clients generally require. i know i few, like:
Zend optimizer
Curl
Ioncube
GD
Imagemagiac
etc... but i want to know others which i dont know and which most of the clients want to have already installed on their hosts server.
I`am starting a irc company and i need help on some things:
1 - How can i prevent my clients to send DDOS on my server?
2 - How can i increase security ?
3 - Some one have a good firewall or iptables rule for ddos protection (software)
4 - Some one have the scripts like `getegg` `getpsybnc` ?
Is there a way to use ns1/ns2.yourhostdomain.com for not only your shared hosting clients but also for your linux AND windows 2003 dedicated server clients (or vps)?
View 1 Replies View RelatedI administer an Apache server under unix environment SunOS 5.10,I want to know the number of clients connected to my apache server
View 7 Replies View RelatedAlright, so I apparently messed up my email. I downloaded my email folders from my previous host's mail folder through FTP and then uploaded them to my new server's mail folder thinking it'd be an easy transfer. Yeh... didn't work, now I can't get my email through Outlook 2003 or ThunderBird. Any ideas on how to reset my mail server? I don't know if it's just the mail folder that's messed up or what.
View 9 Replies View RelatedI have noticed in a few Windows server tha the server gets hacked and there are tons of files which are mostly DVD rips and games being transferred away which results in huge amount of data transferred and bandwidth consumption increasing to as far as 29 Mbps. On further investigation, I find that all the files get stored in either the Recycler directory or the System Volume Information directories in any of the drives. Now these two directories are protected operating system files. Even if there is a windows firewall installed, there is no difference. I have even noticed that in some servers there is an automatic exception rule added in the windows firewall enabling the torrent client to communicate outside the server. This seems to be a common problem with Windows 2003 server and seems to be some backdoor of Windows allowing hackers to use the server for seeding. Has anybody come across such a problem or know the solution? Kindly help me with this.
View 14 Replies View RelatedWhat is the best option in the php setting does keeping the php function safe mode on or off?
View 12 Replies View Relatedi need to enable php safe mode on for my joomla and i came across this
Quote:
When the php safe mode is turned off globally by default at our server end, you can still override the setting to turn it ON for only your domain by just insert the following line inside the ".htaccess" file (at Linux server):
Code:
php_value safe_mode "1"
my joomla .htaccess file:
Quote:
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
My /tmp on my cPanel hosting server is nearly full, and I was wondering if it is safe to remove all the contents in /tmp, if not, what can I delete to clear up the space?
View 6 Replies View RelatedMost of my files are 755 as permission. Is this safe?
How about putting all files under 644 permission? What is the best permission so that all files are safe from intrusion?
I have a script that needs safe mode off to run, the script writers have said safe mode is disabled as default and not required and even disabled in php 6
Now I'm not to fimular with Safe mode, all I know is most scripts are wrote to work with this on
Should i switch safe mode on or off . Right now i am using it as on some one told me if i switch it off then server can easily hack but becoz i switch it on im having too much problem specially users of sites having problem of uploading and wordpress also have issue and some more script what you say what should i do?
View 9 Replies View Relatedhow can i make "safe mode on/off" using .htaccess?( in SharedHosting )
View 1 Replies View RelatedI would like to know as to whether or not you have php safe mode turned on? If you do, please specify why, and would you allow your clients to turn it off?
View 13 Replies View RelatedI'm a customer and don't know much about server management, so like title says, is it okay to put php.ini in public_html?
View 14 Replies View RelatedI searched but couldn't find much - should you run PHP with safe mode on or off on a shared (Linux) server?
View 3 Replies View RelatedI am trying to install gallery 2.3 and it requires exec() to be enabled for some functions. Is it safe to enable it in php.ini?
In php.ini file I see this, disable_functions = symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd
I have CentOS running on my VPS.
As with many sites. my site was hacked recently. my host was so negative about this. they didn't notice the hack attempt although it took the hacker 9 hours to break through.
after that I made some search on my host to find that it is not a real host at all. they are just resellers to another company. I was very disappointed, Then I decided to go to a better host who can protect me from hackers.
I read some threads about 'hacker safe host' but they all in general don't give a real name of trusted 'anti-hackers' companies.
can you guide me to some of the famous hosts?
if you can't my friends got a VPS hosted with WestHost. he offered me to move my site to his VPS. is west host trusted about hackers?
i have a cpanel server.. can any one tell me how to allow safe mode to a specific domain?
View 1 Replies View RelatedI am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.
It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...
I am running my VPS on direct admin panel, my disk space is going low, so i am deleting few junk / log files
Kindly let me know
1) is it safe to delete data of this directory -
/var/log/httpd/domains
The File names in above directory are such as - " domain.com.bytes "
As it is occupying 600 MB space
2) where can i delete much junk / temp files, to free up space.
To Install www.awbs.com scripts to my server
How Can I Do This Following to one site on My server
safe_mode Off
allow_url_fopen On
session.auto_start Off
tell Me that i can do that from httpd config
I have found on one webhost that they have very cool feature:
Here is what they say:
Quote:
Browsing through any webhost related forum will reveal that giving safe mode off poses extreme security risk to the server. Because it offers hackers a great advantage to access any other members account or read their sensitive files which usually contain passwords.
But then some genuine scripts won't work with safe mode ON. Meaning you could turn it on per member requests but that takes lots of labor.
So we completely reprogrammed the safe mode PHP source code and recompiled it. As a result ours safe mode OFF is light-years safer & hacker-proof then standard PHP v5 safe mode ON.
So all our members are getting safe mode OFF, with harder security then those hosts who offer Safe Mode ON.
So now I am wondering, how they did that? I have searched forums and Google for lots of different keyword but haven't found anything.
I believe a lot of you running Apache as nobody and having php save mode OFF. It there any way you protect yourself? phpsuexec is not a solution now as it increasing load.
I am trying to assist a customer install a Dolphin CMS but it returns some "open_basedir restriction in effect" on /usr/local/bin/php (it needs the path to the PHP binary).
If I put /usr/local/bin/php in httpd.conf -> php_admin_value open_basedir "..." it seems to work and it finds the required binary but...is this safe?
