Prevent Download Manager
Jun 8, 2007Download manager software usually split files to many parts than download them at the same time. Will it makes server load higher, if yes how to limit the parts of file they can split to?
View 3 Replies
ADVERTISEMENT
Forbid Download Manager
Oct 16, 2007i want to have a htaccess to forbit user using download manage rbut i dont know the codesfor it so help?
View 7 Replies View RelatedPrevent Mass Download
Sep 21, 2006i need any thing to prevent mass download
my server is cost a huge bandwidht monthly . because mass downloading?
Plesk 11.x / Windows :: Prevent Removing Files On File Manager
Jun 4, 2014How Can I prevent users removing file web.config on FileManager?
I try set attribute read-only, but not effect.
Plesk 11.x / Linux :: Download Backup To Local Computer From Backup Manager
May 17, 2015I have multiple backups stored under server repository (subscriptions --> <domainname> --> website and domains --> backup manager).
The physical files are located at: /var/lib/psa/dumps/clients/904279/domains/<domainname>/
When I click the green arrow to download these files to a local computer (see attached image) I get a new page with title "Download the backup file". On this page I have the option to set a password on the downloaded file, but no matter what I do (password or no password) the file is not downloaded to my local PC. I don't get a pop-up box with the option to save the file. Just nothing happens ...
How To Prevent Rm -rf /
Jul 4, 2009Does anyone know anyway that "rm -rf /" can be disabled? OR any selinux rule or something to prevent this?
Or if I wanted to prevent a certain directory from being deleted like backups but something unlike chattr that someone can figure out quickly.
Im sure LOTS of people would like to know about this. Ive searched around and only somewhat useful thing I have found is an rm wrapper that sends everything to a trash file in the root of the mount point.
How To Prevent DNS Flood
May 28, 2008Can anyone share tips how to prevent DNS flood on a cPanel and Directadmin server platform on Centos?
View 7 Replies View RelatedPrevent Phishing
Jun 1, 2008I'm not that techy I'd like to ask why this person downloaded the file below before uploading some phishing webpages on my account ? I've changed my password numerious times from different computers and even from mobile phone just to check if the person can still get in. But again it is no use the person were able to upload phishing pages.
logs:
May 25 21:50:42 server100 pure-ftpd: (weblogin100@62.56.133.36) [NOTICE] /home/weblogin100//.htpasswds/update/Login.php downloaded (21251 bytes, 755.78KB/sec)
Right now I deleted all other scripts on the account and remain some htmls. Folder were also set to 644 no 777, while waiting if the person can still upload his phishing pages please help me why he downloaded the file above. I've check the file on my account and I cannot see Login.php. By the way I have a root login and only two accounts were a constant phishing victims.
How Prevent Hackers Away
Feb 21, 2007I am giving few tips on securing your server against hack attempts. You must check these inspite of other securities like firewall, rootkits detectors etc.
1. Most Important, do not disable safe_mode under php.ini. If any customer asks to disable it, turn it off on his account only, not on whole server.
As most of the time attack is done using shellc99 (phpshell) script. In case safe_mode is off on server and there are public dirs with 777 permission, he can easily hack through.
2. Compile apache with safe mode as well.
3. In cpanel under tweek settings, turn on base_dir, if someone requests to turn off, turn it off on his/her account only. As using phpshell one can easily move to main server dirs like /etc, /home.
4. Do not allow Anonymous Ftp on your server. You can turn it off from ftp config under WHM Service Configuration. If its allowed, one can easily bind port using nc tool with your server and gain root access. Always keep it disabled.
5. Make sure /tmp is secured. You can easily do that by running this command /scripts/securetmp using ssh. But do make sure, /tmp is secured. Else one can upload some kind of perl script in /tmp dir and can deface or damage all data on the few/all accounts on your server.
keeping your server secure from hack attempts.
Prevent Php Script Run As .gif Or .jpg
Oct 28, 2007Does anyone know how to prevent some shell, php script change file name from file.php to file.jpg or file.gif and upload to server and run it to attack server?
View 14 Replies View RelatedPrevent Ddos
Sep 11, 2007from 2 days ago until now my server be ddos and i stay in my computer and block ip but it is not finish is a program to do block ip automatic?
View 2 Replies View RelatedPrevent IPs Unallocated IPs Being Used
Sep 13, 2007We have been using our L2 switches functionality to only allow IPs that are assigned to a particular server to be accessed for sometime. However, the latest version of this particular switch no longer includes this feature. Moreoever, it is quite a labor intensive task which is not good for "budget" servers.
I am considering moving the rules to the main router, but am afraid of the scalability of this. Will it hold up with a few 1000 servers?
How are other hosties going about this? I have heard that some just don't bother at all, which leaves their clients open to having their IPs duplicated by others on the same subnet. This can't be good....
DDOS & IP Deny Manager
Jun 7, 2009One of my client got DDOS on his website. He has visitor tracking module in his php script so he got almost 50,000 records during couple of hours. Normally he gets around 300 unique visitors per day but that DDOS added 50,000 records in tracking table. After extracting this data I got around 400 unique IPs.
Will this work if I added all these IPs in IP Deny Manager?
Will this stop DDOS from these IPs?
Will server not treat requests from these IPs as grabadge load?
Another question is from where these attackers got so many IPs? Definitely they pay to get IPs? how much they pay? Is this very easy to get so many IPS?
Best Web-based File Manager
May 16, 2008I'm moving away from IPowerWeb after they "upgraded" to the new VDeck application. This thing is horrible. I would like to know of a host that provides the BEST web based file manager/editor.
I do a lot of PHP, HTML, SQL with complex directory structures.
WHM: Can You Delete Entries In SSL Key/Crt Manager
Aug 14, 2008how to delete the excessive SSL keys / CRT's from WHM?
I have so many of these freakin' things (from doing it WRONG the first few times) that I want to clean it up.
how do you clear out the KEYS / CRTS / Signing Requests from WHM?
Logical Volume Manager
Jun 11, 2008does anyone know if this is safe, i mean when i ordered the server they advertised 500 gb sataII but i never knew that they actually come with 2 hdd and somehow combined into one hdd like raid0
i got one 320gb hdd and second 160 gb which together it count as 500? sounds like a joke to me but anyway They installed this Logical Volume Manager and wondering if its safe or if its same as raid0?
Bandwidth Manager/monitor
May 23, 2007I will be setting up a LAN at home where there will be a few PCs connected to the network.
My idea is that I will have linux box where I will route all the traffic through to monitor it. I was wondering what would be a free solution to go "hardcore" on this. When I mean hardcore, I really mean hardcore. I want stats, packet shaper etc.. It would be a learning process for me too. The only thing is that alot of solutions out there are more enterprise and expensive.
Anyone here use or know a good solution? I was told I could use m0nowall on freeBSD. Another thing I was looking at would be Squid. But to be honest I'm not sure.
Whats a good free software that can do this? Perhaps something really cheap if there is a cost involved.
IIS Manager On Vista Does Not Work
Apr 4, 2007I have Vista Premium. I just added IIS7 to it. When I run IIS Manager I get an error window saying:
"The file that stores your list of connections and layout preferences is corrupt and cannot be recovered. The US Manager connection list and layout will return to the default state."
Then when I click on OK I get another "Failed to Connect" error window saying:
"There was an error connecting. Do you want to specify a different set of credentials?
Details could not load file or assembly 'System.web, version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3... or one of its dependencies. The system cannot find the file specified. "
File Manager Cpanel11
Jun 5, 2007One customer have problem with file manager.
he can`t see files and folders in file manager.
i go to Disk Space Usage
and give me error:
not a valid file descriptor at /usr/local/cpanel/Cpanel/DiskUsage.pm line 469
Carp::croak('not a valid file descriptor') called at
/usr/lib/perl5/site_perl/5.6.2/i686-linux/Storable.pm line 74
Storable::logcroak('not a valid file descriptor') called at
/usr/lib/perl5/site_perl/5.6.2/i686-linux/Storable.pm line 251
Storable::_store_fd('CODE(0x90a7588)', 'HASH(0x9515530)',
'GLOB(0x946a604)') called at
/usr/lib/perl5/site_perl/5.6.2/i686-linux/Storable.pm line 240
Storable::nstore_fd('HASH(0x9515530)', 'GLOB(0x946a604)') called at
/usr/local/cpanel/Cpanel/DiskUsage.pm line 469
Cpanel:iskUsage::cache_filemap('HASH(0x9515530)') called at
/usr/local/cpanel/Cpanel/DiskUsage.pm line 236
Cpanel:iskUsage:iskUsage_showmanager('', '', '', '', '', '', '',
'', ...) called at (eval 72) line 1
eval 'Cpanel:iskUsage:iskUsage_showmanager(@RARGS);' called at
cpanel.pl line 1295
main::exectag('<cpanel
DiskUsage="showmanager($FORM{'level'},$FORM{'clear'}...') called at
cpanel.pl line 4309
main::dotag(undef) called at cpanel.pl line 4198
main::cpanel_parseblock('SCALAR(0x8ea4400)') called at cpanel.pl line
4152
main::cpanel_parse('GLOB(0x90a71a4)') called at cpanel.pl line 969
Mail Queue Manager
May 19, 2007I notice that in my WHM Mail Queue Manager I get a few emails pointing to something that looks like this:
Quote:
Everyone looks like this,
1FnPkc-0000rR-VQ 516 22h Delete Deliver Now
root@host.mydomain.com
and also some emails going to root about backup etc.
I don't have any email addresses set in the "Change System Mail Preferences" options, I left it blank. Should I set a valid email address or is there any way to stop these emails being sent in the first place?
Virtuozzo File Manager
Oct 28, 2007Just wondering if anyone else has run into this.
I decided to 'tweak' a few httpd.conf settings yesterday and did so in Virtuozzo file manager.
I saved the httpd.conf file, then opened it again to check something else out.
For some reason only the last 20 or 30 lines of the original httpd.conf file were showing in the file. I wasn't sure what had happened, so I tried to copy and paste the contents of the httpd.conf backup file into the httpd.conf file however, every time I saved the same thing happened, i.e., only the last 20-39 lines appeared in the saved file.
I contacted the host and was told, among other things that:
Quote:
Virtuozzo is not completely integrated with cpanel, so it is not advisable to edit files via power panel. I would recommend you to do it via SSH.
I've edited files through the Virtuozzo file manager before without any problem.
I'm just wondering whether anyone has ever had a similar issue or can explain in a bit more detail why this might have happened, as I don't quite get how the Virtuozzo integration with cpanel would cause this.
My IIS Manager In Vista Does Not Work
Apr 4, 2007I have Vista Premium. I just added IIS7 to it. When I run IIS Manager I get an error window saying:
"The file that stores your list of connections and layout preferences is corrupt and cannot be recovered. The US Manager connection list and layout will return to the default state."
Then when I click on OK I get another "Failed to Connect" error window saying:
"There was an error connecting. Do you want to specify a different set of credentials?
Details could not load file or assembly 'System.web, version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3... or one of its dependencies. The system cannot find the file specified. "
What's going on?
Prevent From Iframe Virus
May 24, 2008I need to know so idea, how to prevent iframe virus injection into the server,also is there is any mod which help in protection for iframe virus.
View 14 Replies View RelatedHow To Prevent Nobody To Move In Server
Jun 13, 2009i have my own box for my forum .. now i shared my box with friend's , but in reall they a freak friend's , just to be in safe brother, am looking to know what function i can disable in php.ini or any problem/tool to prevent anybody / attacker * nobody* permission to move in the server via his shell script..
as we know some attacker's use them own php-shell to hack site's * shared hosting *, so they can move to any account after they know the user account name * /etc/passwd * .. so as i say before is there any good functions to prevent these attacker to move in the server? so i can disable it .. or install any good tool * else modsecurity * in the system to prevent them *nobody* of that?
Mod_security To Prevent Some Script
Jul 30, 2009I try to use mod_security to prevent some script in some files,
imagine I want to block all scripts includes "test" in the body
so if code of script.php is:
HTML Code:
<html>
<p>test</p>
</html>
and someone run script.php , I want block running and show 406 error
now can you tell me how can I write this rule in mod_security 2 with apache 2?
I use SecRule RESPONSE_BODY "test" but its now working ...
How To Prevent Perl From Working
Jan 12, 2008I have a cPanel/Linux server, runing apache as a webserver.
i want to know how can i prevent perl/cgi files from working on all virtual hosts on both apache2/apache1.3!
What Can I Do To Prevent DDoS Attack
Aug 4, 2008My site was recently under a DDoS attack and was down for a few days, the attack came from Russia i believe.
The people who did it asked for $800, but of course i didnt pay. My hosting company did the best they could in order to stop the attack but it still lasted a few days and badly hurt my rankings.
I moved my site to a dedicated server, but i dont know what kind of software/hardware i need to install on it in order to prevent more future attacks, the hosting company suggested a few things but i dont know if they are just trying to get more money out of me.
Prevent User Use Custom Php.ini
Apr 26, 2008I have added some functions in php.ini for security.
But when user use their php.ini file located in their account, all functions enabled again.
How can i prevent user custom php.ini?
How To Prevent OOM (Out Of Memory) Crashes
Aug 19, 2008I have a colocated server with the following specs:
Intel Core 2 Quad Q6600 2.4Ghz
4GB RAM
400GB SATA Drive
I have a problem every few days, the server keeps hanging up and giving an "Out of Memory" message and SSH just hangs and doesn't connect. Every time i have to call out a tech to manually reboot it.
Is there a setting i can change to make SSH connect even when it is out of memory, or anything that can prevent it happening?
Prevent Directory Listing
Apr 2, 2007I've just made a transition from a VDS to a Dedicated and I'm having problems preventing directory contents from showing. In my previous server whenever I created a directory, it would automatically give a 403 when you tried to access the directory directly in your browser (which is what I want). Now when I set up directories in this new dedicated the contents of the directories display when there is either no index page or if I didn't have an htaccess file preventing it from listing the contents.
So what im asking is how did my previous server automatically set up the directories to not display the contents but use the contents and allow access to say for example pictures in the directory?
Is there a way I can have apache automatically do this for me or do I have to place a blank index page in every directory i create or have to place an htaccess file in every directory I create? How can I protect the contents with a 403 but still allow the contents to be accessed only through full path?
My Server Was Hacked -- How To Prevent This
Oct 2, 2007My server was recently hacked and I'm looking ways to secure it in the future. I use the server to host my own websites.
It was hacked to be a spam server. I traced the new files the hackers added to my "upload" directory, which is where my site members upload pics. I had set the directory to chmod 777. Could someone hack that directory solely from it being its rights being 777?
The site was custom developed in PHP, and looking through it myself, I couldn't find any security issues. But then again, I may not know what exactly to look up.
I would appreciate any general tips to protecting a server, as well as general tactics hackers use to hack a server and PHP site.