If I understand correctly, on the main physical server, we cannot install any firewall, so customers in VPS can open any port on their VPS. So, I am wondering about the security of the main server? What if someone can *hack* into the main server, and delete all VPS there? Is there any case like that before?
on HyperVM website, they suggest 64bit OS for the main server, and 32 bit OS for the guest OS. Do I understand correctly? Is it faster than 32bit OS on the main server?
is there any simple write up or method to change the main server IP in WHM/Cpanel without screwing anything up? I have some new better IPs I wish to use for the servers base IP and accounts but I'm not sure what exactly needs to be changed to make the transfer without breaking anything.
I have my main domain (domain.com) and it is where all my sites and customer sites are pointed to (ns1.domain.com and ns2.domain.com).
I just purchased a VPS and have made (domain.com) my main domain as I want it to be because of keeping the nameservers the same for my clients.
My vision is this, I will transfer all the sites from my old cPanel account to my new DirectAdmin account. I have setup a time to let my clients know not to update any content on their sites. At that time I will then download the sites from the cPanel account to the DA account. I will then move my main domain (domain.com) over as well and then change the name server registries at namecheap.
I understand some things can get lost in this switch, but ALL clients are aware of this and understand. They will still have access to the old server via the IP address to check for misdirected mail.
Is this the simplest way to get this done?
Is there a better way, with using the main domain?
Just moved to a lxadmin based system from my current plesk system and I have a dilema
Configuration Server 1: Main Web/CP/Primary DNS/Mail/etc Server 2: Secondary DNS/Backup Mail forwarding
With Plesk I generated a transfer file from named.conf (plesk runs bind/named for dns) sent that over to server 2 a couple of times a day.
Problem is I've converted lxadmin to run with bind instead and named.conf only contains an include to lxadmin.named.conf and this is empty. So where does lxadmin put its conf files for named?
I'm not restricted to using named, I'd use djbdns if there was an equally simple way of transferring the zones across to server 2
How do I add aliases to the Full hostname of the plesk server itself? I want the server to listen to 2 more names. Especially for mail, and for migratory purposes (plesk server x is a new one, the name of the old one y needs to become an alias of x later on, etc.). I'm amazed by how hard to find this is, and there is literally nothing on it that I can find!
Of course, I can add aliases via command line, but I have no intentions of having postfix and webserver config be overwritten every time the control panel is used..
I currently have a web VPS hosted with FDCServers.net and after 5 days of switching to it i am getting massive HTTP requests. When i login to WHM and hit apache status i have many requests per second by multiple IP's that are going to pages that simple don't exist. Currently my hostname for the server is set at web-01.optical-hosting.com which is what the requests are being sent to. I am also having a DNS issue because when i put http://web-01.optical-hosting.com in the web browser it displays the first account's site under "list accounts" in cpanel. Can someone please help me fix both of these issue's? i will post an apache log in a second post as it is long. Also, these are from overseas. please someone help me with this i have Aim and Msn.
Whenever I try to create a user account I get the following error
Sorry, resellers are not permitted to create subdomains of the server's main domain
My server domain is www.domain.com and reseller is trying to create a user account like new.domain.com . It was working fine a few weeks back but I think since I upgraded the cpanel and whm, it doesnt allow creation of accounts anymore.
Could someone help me to fix this error please?
I own the VPS and the reseller and all other accounts.
I have just moved away from Kloxo Hosting, and I am a bit confused as to how I go about setting Client domains to use the (Already Registered) Nameserver Records I have created on the server.
You see, when I create a customer, the template adds the domain with it's own nameservers, ex: (ns.customerdomain.com -> 0.0.0.0) I don't want this to be the case.
What I would like to achieve, is for all my client's to have their NS records pointing at the NS records I already have registered on the server.
The reason for this is, when I submit the registration document to my local registrar, I have to specify the nameserver address for the domain, however, I only have 2 IP's on the server. I cannot glue every customer's domain FQDN to an IP.
One one of our (linux) servers spammers are king. they apparently can control anything and place spam links throughout the files.
For example spammer inserts Iframes either above or below HTML tags. (some step57 related type of virus/trojan as it seems)
Our programmer did not find where the problem is in our applications, yet he is not a security expert.
Our server admin company made us install phpuexec, we apparently have been checked on the server end and have mod_security, but we still don't know what's going on...spam continues.
Trying to determine what I want to put on my server for security. I have secured my /tmp, /var/tmp, and /dev/shm. I am now contemplating mod_evasive, mod_security, and/or APF Firewall.
1.) Should I install all three, or will APF Firewall, provide the same or similar security as mod_security, or vice versa?
2.) Will they all work together without conflicts?
3.) Does installing these services have any affect on overall server performance?
4.) Any other services you might recommend installing and why?
I have a dedicated server which I access via remote desktop.
The firewall is not enabled. What kind of security should I have on my server? Ive read that if I enable Windows Firewall my remote desktop connection will be blocked & this will mean me having to contact the server company via phone etc.
Currently working on securing my server and i think I'm doing quite well until I asked myself the question, have I done it right? Is there anyway to actually test how secure my server actually is? I'd rather not just wait and see if someone can hack me to bring to light what I did wrong...I was also thinking of hiring someone to secure my server but then how do I know that they've done anything different to me?
Are there any scripts or programs I can run to test server security?
after following the perfect server setup - centos5.2 guide I have setup a home server on my dsl connection and installed openfire with relative ease. I have a paid hosting server which runs my website but I want to have it access the userservice plugin of openfire to add/remove users (which is installed on my new home webserver).
After trying fopen and CURL to post GET data to my home server without any luck I did some reading and came accross the snoopy php class. The snoopy class now allows me to get the default apache test page on my home server but when i try to point snoopy to my openfire admin on port 9090 it throws up a timeout error (but i think this may be an error in the snoopy class?).
CURL and fopen allowed me to get data from google and some other sites but not from my home server.