Prevent Users To Run Phpproxy On Server.
Dec 31, 2007is there any way to prevent users to run phpproxy or any proxy script on server (server is Linux / whm )?
View 2 Replies
ADVERTISEMENT
How To Prevent Users Change Php_value By .htaccess
Sep 20, 2007I dont want my customers to change php_value by using .htaccess, but still want to enable mod_rewrite for them. How to config?
View 2 Replies View RelatedPlesk 11.x / Linux :: Prevent Panel Users To Change Their Password
Sep 25, 2014I am looking for a way to prevent panel users i created to change their passwords.
When i try to edit user roles, i can check/uncheck capabilities, but nothing on user password change.
I've tried to search information on this but both Google and this forum are flooded by "users password change" regarding "Horde", which i don't use.
How To Prevent Nobody To Move In Server
Jun 13, 2009i have my own box for my forum .. now i shared my box with friend's , but in reall they a freak friend's , just to be in safe brother, am looking to know what function i can disable in php.ini or any problem/tool to prevent anybody / attacker * nobody* permission to move in the server via his shell script..
as we know some attacker's use them own php-shell to hack site's * shared hosting *, so they can move to any account after they know the user account name * /etc/passwd * .. so as i say before is there any good functions to prevent these attacker to move in the server? so i can disable it .. or install any good tool * else modsecurity * in the system to prevent them *nobody* of that?
My Server Was Hacked -- How To Prevent This
Oct 2, 2007My server was recently hacked and I'm looking ways to secure it in the future. I use the server to host my own websites.
It was hacked to be a spam server. I traced the new files the hackers added to my "upload" directory, which is where my site members upload pics. I had set the directory to chmod 777. Could someone hack that directory solely from it being its rights being 777?
The site was custom developed in PHP, and looking through it myself, I couldn't find any security issues. But then again, I may not know what exactly to look up.
I would appreciate any general tips to protecting a server, as well as general tactics hackers use to hack a server and PHP site.
Plesk 11.x / Windows :: Panel Don't Show Users Database In Tab Users
Sep 6, 2013The upgrade has an error when manage the users database.
PRODUCT, VERSION, VERSION OF MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE
OS Microsoft Windows Server 2008 R2 Service Pack 1 x64
Panel version 11.5.30 Update #13, last updated at Sept 1, 2013 03:30 PM
PROBLEM DESCRIPTION
In a costumer panel have a one database MSSQL, and assign to this DB 3 users, but the tab option "Users" don't work fot his costumer and show this error:
Error Javascript:
TypeError: template is null
this.template = template.toString(); in protototype.js 8472831 (lÃnea 807)
ACTUAL RESULT
Error Javascript:
TypeError: template is null
this.template = template.toString(); in protototype.js 8472831 (lÃnea 807)
EXPECTED RESULT
Show users in the tab users for database.
Irc :: Prevent My Clients To Send DDOS On My Server?
Jun 15, 2009I`am starting a irc company and i need help on some things:
1 - How can i prevent my clients to send DDOS on my server?
2 - How can i increase security ?
3 - Some one have a good firewall or iptables rule for ddos protection (software)
4 - Some one have the scripts like `getegg` `getpsybnc` ?
How To Prevent Spam Email In Delicated Server/vps
Jul 2, 2008how can I restrict how many emails can be send per domain base? I know hostgator and hostmonster can restrict their email per hour base on their domain name...
View 2 Replies View RelatedHow To Prevent Full Backup To Generated In Cpanel Server
Oct 21, 2009how to prevent full backup to generated in cpanel server
iam seen this in few host what we cant able to generate the fullback if the size of the amount is more than 1-2GB
How To Congifure Your Server To Prevent From Getting On Mail Providers Blacklist?
Dec 2, 2008What scripts/tools or configurations on a CPanel/WHM (Centos) server can you make to prevent spam from getting sent out by "clients" you may be hosting or just spam in general.
As, in the hosting industry, you are always going to have a client or two successfully send out spam, as some spam may not look like spam, but if you do not follow all the guildlines, I know regular newsletters can be consider spam.
Does The Use Of Partitions Prevent Hackers From Getting Access To The Linux Server
May 7, 2007Does the use of partitions prevent hackers from getting access to the entire Unix server?
View 2 Replies View RelatedPreventing Users From Connecting To Other Users Database
Mar 25, 2009On my server, users can connect to any database as long as they have the database user and password. This makes it easier to hack any database on the server.
What I want to do is to make the users can only connect to their own databases and not other's.
I tried changing the localhost ip address but it didn't work ( I assume I didn't do it the right way)
Bought Private Domain Name Server (DNS) To Prevent Hotmail Bouncing...am I Wrong?
May 12, 2009While I am used to reselling and domain registration stuff, I am totally new to DNS stuff..I tried many searches and readings without hope.
that's why I need your help.
We have a problem that makes both incoming and outgoing emails from our website's email server not going or received, without any failure message or error message on both sides: the sender and receiver.
We talked to our webhosting company- they do not own, but host on a dedicated provided by Iweb in Canada - and they told us a quick solution for this:
To buy a private IP address, therefore our websites with them will not get blocked as spammy IP, setting us away from the dozens of sites they have on the same server IP (as domaintools reverse IP reported: xx other sites hosted on this server).
The company I work for agreed on this solution immediately as we are loosing customers for this problem.
They charged us 8$ a month for this "private ip".
We had the same problem for another day after their solution, when I checked domaintools, I found our websites are still on the same IP of the company. I called them, and the Admin there told me: it's a hidden CNAME setting that is not shown to public because it's "private" and the delay happenned because we had to contact Hotmail staff and wait for their reply to include it in their safe list, but others as Gmail and Yahoo do not require contacting them and will go through automatically."
My question is:
- What is Private IP/ Private DNS?
- Why and how it is used to prevent false blocking/bouncing?
- Does that mean they had to sell it to every domain, while their IP is not on blacklists (I checked it).
- Is Private IP just an internal setting or it has to be bought from a large ISP
like regular/public IPs? and if just some settings, is this price fair? we pay 120$ annually for hosting one site with them.
- They told us they put our other two sites on theis same new private IP. How can this be possible?
- I cannot understand: Hotmail can prevent our emails from reaching inboxes, but can it also prevent its users emails from reaching us?? Is this issue a Private-IP related??
- What do you think the real problem is, and what advice(s) should I follow to have our emails going and coming smoothly in the future?
Note: We don't send unsolicited emails ever. We only have a 1500-member mailinglist that we send a newsletter to, once every few months.
Our daily email traffic is about 10 to 20 messages in and out.
Can My Server Specs Can Handle 300 + Users?
Apr 11, 2008I have a video sharing site running Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz with 2 gb RAM and 400 gb Hard Disk.
the server load average increase up to 89,00.00.....
and the users online in my site is around 190 online.
do i need quad core server to maximize my site?
How Can I Limit That Users To Not Take The Server Resources
Jan 27, 2007I have more than 200 users in my server but thier is 2 user take the server resources
how can I limit that users to not take the server resources?
Apache :: How To Install Web Server For All Users
Nov 25, 2014I am trying to deploy siteminder web agent on apache web server.They have a pre-req which says that while installing apache server, "install as a service, available for all users" "When an Apache-based web server is installed using a single user account, the Agent configuration cannot detect the Apache-based web server installation."
I don't see any msi installer anymore for apache web server, which had this option to select while installing.Now all i see is a zip file and i just have to unzip as part of installation. With this when I install httpd as a service, it is not detected by siteminder agent.So how can I set this "install as a service, available for all users" after installing from zip file?
One Server - File - Two Users Editing It, Third Errors Out
Sep 25, 2009There is 1000MBPS network set up between three computers and server.
Server has files which program saves.
Program is being run in three different computers.
Each computer tries to get into same file (eg last bill) that was created before. First computer goes in within seconds. second minutes and third just crashes. No matter which computer runs it first, last one crashes.
So called "server" is running on Windows XP pro since it just needs to keep one program files. However I cant find out whats causing file sharing over network bug that crashes access to same file if connection from many computers.
Users Cannot Connect To Remote MySQL Server
May 8, 2009I have a few users that have a hosting account with me and are trying to connect to their own MySQL servers elsewhere. Both said that they are able to connect to the MySQL server with other hosting accounts but not the ones hosted with me. I asked if they had setup permissions to allow remote connections from my server and they confirmed that they did.
What am I missing? Do I need to configure my firewall somehow? I figured the connection is just using port 80 since it's from an PHP script right?
CPanel Users: Server Management By Phone. Would You Pay For It
Apr 24, 2008I am trying to get a feel out there if cPanel users would pay for a service say $5.00 - $10.00 a month where they can call in to a number and have access to their system. They would be able to reboot the server, restart services, stop and start services, get server statistics etc.
View 5 Replies View RelatedShow Number Of Users Connected To Server
Feb 23, 2007I've tried the uptime ssh command but that only shows how many users are currently connected to the server via ssh. Does anyone know a command to show how many active http connections there are? I'll use php to run the command and print it to the users browser so they can see how many users are on each server. Very similar to what gamershell do.
View 9 Replies View RelatedWindows Server 2008 - How To Manage FTP Users/passwords
Nov 1, 2008I have setup a test server at home, Datacenter edition 2008.
Now, is there a way to allow only a certain username and password combination to access an FTP session/site?
Multiple Domains On A Dedicated Server, Plesk, Users And Apache
Jul 1, 2008In my old server (VPS) I had my dir structure as:
sitea.com was pointing to
/home/me/public_html/sitea
siteb.com was pointing to
/home/me/public_html/siteb
On my new server, I have root permissions and used Plesk to create two domains sitea.com and siteb.com . Now plesk asks for a user to be created for each domain, so created usera and userb for sitea and siteb respectively.
Now as root on my server I created the dir /home/me/ and untarred the whole backup from old server to new server and I have dirs :
/home/me/public_html/sitea and /home/me/public_html/siteb
In apache configuration in file:
httpd.include_sitea under
dir /var/www/vhosts/sitea.com/conf/httpd.include
I changed the document root to /home/me/public_html/sitea
So I thought I am all set. But it does not work. When I try sitea.com in the browser it works but for all subdirs, for eg sitea.com/images it says Access denied.
This is because the dirs I created are owned by root.
So the owner of /home/me/public_html/sitea needs to be usera for this to work ?
Again for siteb to work I need to change the owner of /home/me/public_html/siteb to userb ?
This will be painful ? At least I should be able to change the owner of /home/me/public_html/ to one owner and ensure all sites under that work fine. How do I do that ?
I think the problem is clear by now. Its that I want all my sites to work off from .../public_html/ sub dirs.
Plesk 12.x / Windows :: Grant ALTER DATABASE Permission To All Microsoft SQL Server Users
Jun 19, 2014In Plesk 12.0.18 #4 I checked Grant the ALTER DATABASE permission to all Microsoft SQL Server database users . The problem is I cannot rename database tables or other functions with myLittleAdmin for SQL provided with Plesk.
My question is: Am I doing something wrong or is needed to upgrade the myLittleAdmin license to Full version?
How To Prevent Rm -rf /
Jul 4, 2009Does anyone know anyway that "rm -rf /" can be disabled? OR any selinux rule or something to prevent this?
Or if I wanted to prevent a certain directory from being deleted like backups but something unlike chattr that someone can figure out quickly.
Im sure LOTS of people would like to know about this. Ive searched around and only somewhat useful thing I have found is an rm wrapper that sends everything to a trash file in the root of the mount point.
How To Prevent DNS Flood
May 28, 2008Can anyone share tips how to prevent DNS flood on a cPanel and Directadmin server platform on Centos?
View 7 Replies View RelatedPrevent Phishing
Jun 1, 2008I'm not that techy I'd like to ask why this person downloaded the file below before uploading some phishing webpages on my account ? I've changed my password numerious times from different computers and even from mobile phone just to check if the person can still get in. But again it is no use the person were able to upload phishing pages.
logs:
May 25 21:50:42 server100 pure-ftpd: (weblogin100@62.56.133.36) [NOTICE] /home/weblogin100//.htpasswds/update/Login.php downloaded (21251 bytes, 755.78KB/sec)
Right now I deleted all other scripts on the account and remain some htmls. Folder were also set to 644 no 777, while waiting if the person can still upload his phishing pages please help me why he downloaded the file above. I've check the file on my account and I cannot see Login.php. By the way I have a root login and only two accounts were a constant phishing victims.
How Prevent Hackers Away
Feb 21, 2007I am giving few tips on securing your server against hack attempts. You must check these inspite of other securities like firewall, rootkits detectors etc.
1. Most Important, do not disable safe_mode under php.ini. If any customer asks to disable it, turn it off on his account only, not on whole server.
As most of the time attack is done using shellc99 (phpshell) script. In case safe_mode is off on server and there are public dirs with 777 permission, he can easily hack through.
2. Compile apache with safe mode as well.
3. In cpanel under tweek settings, turn on base_dir, if someone requests to turn off, turn it off on his/her account only. As using phpshell one can easily move to main server dirs like /etc, /home.
4. Do not allow Anonymous Ftp on your server. You can turn it off from ftp config under WHM Service Configuration. If its allowed, one can easily bind port using nc tool with your server and gain root access. Always keep it disabled.
5. Make sure /tmp is secured. You can easily do that by running this command /scripts/securetmp using ssh. But do make sure, /tmp is secured. Else one can upload some kind of perl script in /tmp dir and can deface or damage all data on the few/all accounts on your server.
keeping your server secure from hack attempts.