Want To Ban Spammers? 8 Easy Steps
Feb 20, 2008
1. Install CSF
2. Install Iptables if it's not installed (apt-get install iptables on redhat/centos)
3. In WHM under "# ConfigServer Security&Firewall" click on firewall deny ips
4. Open a 2nd window, Goto Main >> Server Status >> Apache Status
5. Check if there are any spammers with lots of connections to a specific file, that's how I got a lot of the IP's.
6. Goto http://ws.arin.net/whois/?queryinput=99.225.243.201
7. Enter the IP you found at "Server Status" and enter it at ws.arin.net to get the proper CIDR which you can easily add to your CSF deny hosts file (which is open in another window)
8. Get a tea and watch the server status closely.
View 8 Replies
ADVERTISEMENT
Jan 24, 2008
I just signed up for a shared hosting plan that uses cpanel and got a simple page up and running with no problems. I need to know if there are any steps I need to take as far as security. I have read info about password protecting directories but I'm not sure if that needs to be done on directories that are already there like /etc /mail /accesslogs or just ones that I create like /myimages for example.
I don't have visitors yet and don't think I will for awhile but would still like to take all precautions early and get them out of the way.
View 4 Replies
View Related
Apr 5, 2008
When I take delivery of a dedicated server setup with CentOS and cpanel; what is the first I need to do? Is there somewhere any tutorial how help beginners on the right way?
View 14 Replies
View Related
Nov 7, 2007
I have moderate experience in administrating. I recently got a quarter cabinet, and I have 2 servers in there.
I have registered a company name, as a domain which is currently hosted at GoDaddy (www/mail) (mydomain.com)
But I have installed centos5 on one server, and called it web1.mydomain.com, added the web1 CNAME in GoDaddy's DNS control. Even did an rDNS to it through my provider.
I have installed Webmin on it to help me add virtual servers (who will be my customers)
And web1.mydomain.com has a mail server on it (Postfix).
Might even put DNS on it. These virtual servers will send emails as well (as I'll be hosting them)
But for now, what will be my next steps in getting my mail server (or the main server) accepted in the web world, for example, I've done SPF records, and rDNS. But what else do I need to do so my email is accepted everywhere?
The virtual domains will be sending mail using the postfix, and ofcourse it'll mean they're piggybacking on web1.mydomain.com, so I guess I need to do stuff so email from web1.mydomain.com will be accepted worldwide.
View 10 Replies
View Related
May 5, 2009
Can someone please provide me steps to install FFMPEG on centos5.
View 4 Replies
View Related
Jan 3, 2009
I've been with midphase/autica on a $10 reseller plan for several years, but I think it's time for a change. I have a personal site, and 2 small business websites.
I think I'm just going to sign up for a shared hosting plan, as I really don't need the separate cpanel access for each domain.
These are the migration steps as I understand them. Am I missing anything?
1. Sign up with hostgator
2. Set up main domain and 2 other domains.
3. FTP over all files and folders, including mail folders.
4. Set up email addresses with new host
5. Go to my registrar (namecheap) and change the name server from old to new (that hostgator gave me).
Is that about it? Am I missing any critical steps? Mainly, I just don't want to miss any emails. According to the chat at hostgator, once I switch the name servers, the change should be instantaneous. True?
View 11 Replies
View Related
Jul 14, 2009
I resell hosting and for the first time in 10 years, the hosting company's servers have gone down and my clients sites are currently down, including email (ouch!).
Any experience with this or suggestions on how to communicate and rectify the situation with my customers? None of them are doing major ecommerce so I don't think there is a significant loss of sales, but regardless, their site is down. I take pride in providing great service and want to be straight up with them and more than fair.
I was thinking of extending their current hosting and acquiring a backup host in the rare event that this happens again so at least their site will be live, even if email is not.
View 6 Replies
View Related
Apr 12, 2008
one of the worst things (in hosting) has happened. I received a notice this morning from lfd (configserver) that someone had logged into my server as root and it wasn’t me.
Unfortunately I didn’t notice it until eight hours later so I have no idea (yet) what happened during that period. Thankfully I don’t have any really critical data on the system that could have been stolen.
I’m in the process of restoring from a full system backup right now. After that’s done I’m going to look to see what the differences are between the files from the backup and that on the comprised drive. I’m not sure if I’ll get anything useful from the diff but hopefully I’ll find a clue as to how they got root access.
Then of course I need to get my server back up. However, I don’t want to do this until I’ve taken some steps to identify how the individual got in and take some additional preventative steps.
Here’s what I am planning on doing:
1) Check to make sure all exposed services are patched and look at some security sites to see if there are any known vulnerabilities for these services. Anyone know which sites are good to look at?
2) Change firewall to only allow ssh access from a couple specific IP addresses.
3) Disable root ssh access so I have to login via a different account and perform sudos, etc.
4)?
I’ll also look for a good server-hardening guide to see if there are some obvious things I forgot to secure.
Do any of you find folks have any other suggestions or resources that I should check out?
View 11 Replies
View Related
Oct 25, 2007
What else do I have to do?
I don't understand.
Please see attached screen-shots.
[url]
[url]
[url]
[url]
View 1 Replies
View Related
Jul 2, 2007
Is there an easy way to copy an entire directory recursively by FTP in ssh to another remote location, a shared hosting account.
View 0 Replies
View Related
Apr 7, 2007
What's the latest KVM technologies that's easy to use and have fast response time?
View 9 Replies
View Related
Sep 20, 2007
my host won't do it for me, they said I have to do it myself... Is there anyway you guys can show me how to reverse dns in centos?
View 6 Replies
View Related
Oct 12, 2006
I'd really like to set up load balancing for one of my CPU heavy apps. (it's on about 10 machines that are NOT identical, ie. some big, some small)
Currently, I just use a PHP script to direct people to various servers, but it doesn't handle balancing & failover well, and I don't like that the URL changes to www2, www3, www4, etc.
I've looked in to some simple balancers like Pen, Pound and Balance, but I can't find a crucial weighting / balancing configuration. I've also looked at DNS round robin, but that doesn't seem to be sticky, or have weighting or failover.
So, is there any simple http load balancing software that can handle my requirements?
- Stickyness
- Weighted Balancing ( preconfigured or based on responsiveness)
- Failover
View 9 Replies
View Related
Mar 22, 2007
Is it possible to install ImageMagick easy way, through rpm command? If so, can someone post command to install it? I have Linux CentOS 4.4-32.
View 1 Replies
View Related
Dec 9, 2008
As many of you may have also experienced, Easy CGI went from being one of the best hosts (I had them for 7 years and they were great), to one of the worst. They migrated to new servers and literally destroyed our site, lost data, did a search and replace of our code (yes, this actually happened), and brought our sites down completely. After about 100 hours of on-line support, chat, phone calls, emails, etc. we have to move on.
The things that were great (prior to the debacle) about EasyCGI was the Windows hosting, fast performance (FTP access was great), and the controls that were available.
I'm finding it difficult to match what we used to have. I've tried GoDaddy's VPS packages and that was a complete bust due to FTP performance (would have literally taken us months to just upload our web site ... about 10 GB total).
I tried Network Solutions, but they are only Linux and although they told us they support ASP Upload, ASP Email, and a number of other controls, now tell us that those are not supported.
I've also tried APLUS.NET and 1AND1. Same peformance issues.
anyone have any recommendations for hosting that would meet these needs?
Windows (Virtual or Shared)
30 GB + disk space
Unlimited Email
Form Mailers (CDONTS or ASP Mail)
ASP / ASP.NET / AJAX
DSN with Microsoft Access databases
Ability to work with SQL Server (not MySQL) databases
ASP Upload (or similar) that can be coded in ASP to upload files
FAST PERFORMANCE
Unlimited FTP accounts (we create a folder and FTP account for each of our customers)
Unlimited (or very high) transfers monthly (~ 1000 GB/MO +)
View 7 Replies
View Related
Nov 8, 2007
having the libxml2 library and --enable-soap when compiling php? that all?
View 2 Replies
View Related
Aug 22, 2007
Does anyone of you guys use Easy Exchange Administrator?
Hows your experience with it as well as the stability?
View 1 Replies
View Related
Jun 10, 2009
The most common way is tar the whole files and downlaod it. But as there's also mysql DB. The common way is usually take a lot of time to restore it.
View 2 Replies
View Related
Feb 4, 2008
I going to develope website which allow users to register their anonymous email address.
Lets call that domain privateemail.com
so, user is able to register address: user@privateemail.com and he provides us his valid email, lets say user@gmail.com
From now, we want to redirect all emails sent to user@privateemail.com to user@gmail.com.
Is there any easy and fast method to add such redirection into Exim (or any other MTA)?
View 1 Replies
View Related
Sep 1, 2007
What is a quick way to check if I have zend on a server? (I think I installed it, but I can't remember for sure).
View 3 Replies
View Related
May 17, 2009
Any thoughts, or opinions are welcome. Looking for options on how to stop this.
Recently I've started receiving spam that appears to originate from a hosted domain on my VPS. It appears to only be an issue with this website account and not the VPS generally.
I've disabled the IMAP service to ensure the spam was not being sent from the server. The spam continues which leaves the POP email accounts as a possibility or something else.
My hosting provider says it looks like email spoofing.
Someone seems to be using the address at foobar.com to send out spam. The method that he has employed is called email spoofing. Email spoofing is the practice of changing your name in email so that it looks like the email came from somewhere or someone else. However, you need not be concerned.
Individuals, who are sending "junk" email or "SPAM", typically want the email to appear to be from an email address that may not exist. This way the email cannot be traced back to the originator. The spammer is not using our server to send out spam, hence your email address will never be blacklisted.
There is really no way to prevent receiving a spoofed email. Remember that although your email address may have been spoofed this does not mean that the spoofer has gained access to your mailbox.
The following are headers of two spam emails. Both of these addresses are setup as forwarders and not actual email accounts. The spam came to our attention because it is being sent to addresses on foobar.com with headers as also originating from foobar.com
I changed the actual names for privacy
host.vpsdomain.com [123.123.123.123] - VPS domain
foobar.com - website account on VPS
myemailaccount@gmail.com - address foobar forwarders send to
Delivered-To: myemailaccount@gmail.com .....
View 1 Replies
View Related
Jan 26, 2007
It looks like someone spammng from our server. I have checked exim_mainlog and got the this info.
2007-01-23 03:12:32 1H99Fz-0004wl-RV => erio@erio.com R=lookuphost T=remote_smtp H=mail.erio.com [217.220.27.241]
2007-01-23 03:12:40 1H99Fz-0004wl-RV => brown2525@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> beth46@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> dstanfie@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> harris3943@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> yumyyelow@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> gloverlm@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> debilu@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> mosleyclan4@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> 61369@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> melabong@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> k_mcmull@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> anniern@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> bannaj1@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> lizzied@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> gillumd@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> pfeiferk36@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> mommyof2@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> tongem@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> whitsonswrecker@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> mmal63@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> goosynina1@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> malenat@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> jlhk@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> tawndawn@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> usnssn@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> crazybutcute0304@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> thomas0421@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> mercibw@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> crouch1966@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> pj16@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> alba93@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> sassyd69@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> bettysue57@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> jimfiscus@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> nvonalme@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> breweragency@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
2007-01-23 03:12:40 1H99Fz-0004wl-RV -> annaksimpson@bellsouth.net R=lookuphost T=remote_smtp H=mx00.mail.bellsouth.net [205.152.58.32]
In the log file is showing like this.
2007-01-22 19:11:24 1H99Fz-0004wm-Vp <= <> R=1H99Fz-0004wl-RV U=mailnull P=local S=605030
2007-01-22 19:11:24 1H99Fz-0004wl-RV <= stlawson100@yahoo.com.hk U=churchre P=local S=3558 id=23894.217.194.149.171.1169511083....el@65.xx.xx.xx
I couldn't find who is sending.
View 14 Replies
View Related
Dec 15, 2007
problem with spammers.. i installed bruteforce attack and apf but spammers still trying to use my mail server to spam.. bfa sending me 20-30 warning emails everyday like
Quote:
The remote system 200.83.230.214 was found to have exceeded acceptable login failures on xxxxxx; there was 62 events to the service exim. As such the attacking host has been banned from further accessing this system. For the integrity of your host you should investigate this event as soon as possible.
Executed ban command:
/etc/apf/apf -d 200.83.230.214 {bfd.exim}
The following are event logs from 200.83.230.214 on service exim (all time stamps are GMT -0600):
this spammers causing to load cpu very hi and freeze my server sometimes.
is there any way i can setup to only allow authenticated users to access the mail server. or any idea..
im not a hosting company hosting my websites and im a poor guy can't hire server admin.. and i have search it on google could'nt found anything..
View 5 Replies
View Related
May 27, 2008
how easy is it to set up an unmanaged vps?....
View 7 Replies
View Related
Jun 12, 2008
I want to share my recent experience with the Magento installation.
I tried to install Magento on my basic Goddady Hosting but it failed because the zend and PHP version is too hold.
I tried as well to install on one of my other customer hosting (1and1.fr)
And after a long time of uploading all the files and configuring the .htaccess files, It failed when I was on the almost last step : database information.
So I finally found a better hosting solution for Magento which works good.
This is the link for the tutorial how to set up your Magento Store
tutorial-installation-magento
View 6 Replies
View Related
Jun 12, 2008
Due to LayeredTech price hike, i'm going to cancel my server with LT within two weeks.
Does anyone know an easy way to backup all the domians and mysql database in FreeBSD/DirectAdmin? Is there a built in feature in DirectAdmin that can do that?
View 5 Replies
View Related
