Search:
Type: Posts; User: brianoz
Search: Search took 0.08 seconds.
-
12-21-2023, 01:35 AM
- Replies
- 5
- Views
- 768
Off the top of my head, here are a few things...
Off the top of my head, here are a few things that are fairly important:
Backups - does the host do regular server-wide backups? So if the server dies with all files gone, they can recover? (DR)
... -
05-27-2023, 12:16 AM
- Replies
- 11
- Views
- 1,617
Obviously if they're hitting nonexistent script...
Obviously if they're hitting nonexistent script paths on your server, they're scanning for vulnerabilities so, knowing that, you might want to block them before they move onto scanning for other...
-
03-17-2023, 08:36 AM
- Replies
- 6
- Views
- 1,095
I'd imagine that if they don't know the new root...
I'd imagine that if they don't know the new root password, they're using puppet or something similar to reset the root password to the original password. I'd approach them and ask whether they can...
-
05-09-2021, 10:36 AM
Thread: Hey guys I need your help in Hosting Security and Technology
by brianoz- Replies
- 1
- Views
- 402
A useful tool for checking your domain setup is...
A useful tool for checking your domain setup is good is intodns.com. Try that and see what you're missing.
You might also try using a useful subject when asking for help, a subject like "hey guys... -
05-03-2021, 04:02 AM
- Replies
- 15
- Views
- 1,215
Essentially, it's impossible to absolutely...
Essentially, it's impossible to absolutely prevent this. There are some things you can do to help, but bear in mind that any sane admin will know they're going to jail if they try to destroy your...
-
04-12-2021, 09:36 AM
Thread: Wordpress Site hacked in Hosting Security and Technology
by brianoz- Replies
- 17
- Views
- 2,297
This is my current list: Critical - Keep all...
This is my current list:
Critical - Keep all your plugins regularly updated - most compromises are through old versions, since fixed; this is your single largest point of vulnerability and is... -
03-21-2021, 05:55 AM
- Replies
- 6
- Views
- 705
Lots of great questions above. The only thing...
Lots of great questions above.
The only thing I'd add, is lots of people, when working with a new business, come up with huge fancy designs and waste a lot of money. I've heard it cited that... -
02-17-2021, 11:04 AM
- Replies
- 40
- Views
- 4,771
[FEATURED] The problem is, it's all in the support. A...
The problem is, it's all in the support. A business operating on this model really isn't a business as such; they simply can't afford the thought, care, and software that enables a service to...
-
08-24-2020, 08:21 AM
- Replies
- 28
- Views
- 4,247
This is exactly what Lastpass for teams/Lastpass...
This is exactly what Lastpass for teams/Lastpass Enterprise does. It has groups and you can put individual users in any number of groups.
-
03-31-2020, 09:43 PM
- Replies
- 20
- Views
- 3,193
It's fairly common for well-speced servers to see...
It's fairly common for well-speced servers to see performance problems with just Apache. I had these for years on several servers, very intermittent, sometimes fixed by upgrade. The permanent fix...
-
01-18-2020, 11:46 PM
- Replies
- 5
- Views
- 3,035
It's always surprised me why someone doesn't...
It's always surprised me why someone doesn't charge a small amount of money to delist an IP; it would be a good way to fund a well-managed RBL.
Unfortunately RBLs have often been run by the... -
01-13-2020, 11:59 PM
- Replies
- 5
- Views
- 899
This is a bypass of a specific device (vaguely...
This is a bypass of a specific device (vaguely mentioned as "RSA SecurID"), not a general "2FA bypass".
It sounds, from the very brief mention, like the specific device may have been designed... -
11-17-2019, 04:46 AM
- Replies
- 13
- Views
- 1,642
Also, as well as telling us whether the bulk of...
Also, as well as telling us whether the bulk of the data is in the DB or the files, I'd suggest you do a trial transfer to see how long it takes and what problems you run into. Document those...
-
09-30-2019, 12:59 AM
- Replies
- 32
- Views
- 3,052
Totally agree with everyone who is saying it's...
Totally agree with everyone who is saying it's always case by case. A few thoughts that I hope I haven't missed above:
You can disinfect with the site offline and still get full WordPress access... -
07-28-2019, 10:42 PM
- Replies
- 19
- Views
- 5,793
Like everyone else above, I'd describe this as a...
Like everyone else above, I'd describe this as a secondary exploit. Once a hacker gets in, they will often plant multiple secondary exploits of different types in your site.
Often, those... -
07-28-2019, 10:32 PM
- Replies
- 7
- Views
- 952
Of course, if a home network could ever be...
Of course, if a home network could ever be guaranteed to be secure, you probably don't need SSL as much; but then, it's not unreasonable to say that no home network is secure. The reality is for...
-
05-23-2019, 09:26 PM
- Replies
- 3
- Views
- 673
You've posted this on a 10 year old thread;...
You've posted this on a 10 year old thread; probably worth starting a new thread rather than reopening one on something different from that long ago.
It's probably from a plugin though, try using... -
05-23-2019, 09:20 PM
- Replies
- 8
- Views
- 973
From a system point of view, this is a bad thing...
From a system point of view, this is a bad thing to do - why do you need to run a job every 10 seconds? It's going to slow things down, and the potential for a really bad slow down is multiplied...
-
05-03-2019, 06:16 AM
Thread: Attachment Issue in Hosting Security and Technology
by brianoz- Replies
- 2
- Views
- 498
Many of us have attachment issues. Sign. :) ...
Many of us have attachment issues. Sign. :) :)
-
04-15-2019, 09:19 PM
- Replies
- 21
- Views
- 2,387
As an additional step, it's probably worth it to...
As an additional step, it's probably worth it to install Wordfence and use it to check all your site files. Wordfence compares against the original files so should detect anything you've missed or...
-
03-29-2019, 12:14 AM
- Replies
- 6
- Views
- 1,167
As Sparek and jokus and maybe others above have...
As Sparek and jokus and maybe others above have said, this is the weakness of multi-domain hosting in one cpanel account. That's basically why it's only recommended for very small sites (eg...
-
02-16-2019, 05:34 AM
Thread: General SysAdmin Books in Hosting Security and Technology
by brianoz- Replies
- 3
- Views
- 975
Perl is useful, and allows you to do stuff that...
Perl is useful, and allows you to do stuff that is generally possible in shell, but much harder. It's not necessary to know it really well, even being able to modify it is something.
If you are... -
02-07-2019, 07:04 AM
Thread: General SysAdmin Books in Hosting Security and Technology
by brianoz- Replies
- 3
- Views
- 975
I think you need to start by designing a syllabus...
I think you need to start by designing a syllabus first - which is simply a list of the key topics and subjects you need to cover. Once you have that, it should be a matter of checking topics off...
-
01-21-2019, 07:40 AM
- Replies
- 46
- Views
- 5,665
You don't have to memorize ssh keys, you use an...
You don't have to memorize ssh keys, you use an agent which then allows passwordless login where your keys are registered. When you finish for the day, you clear out the key and password.
-
09-20-2018, 10:41 PM
- Replies
- 10
- Views
- 1,091
As others have said, some sort of WAF at the...
As others have said, some sort of WAF at the server level is critical. This prevents sites getting infected in the first place. In an unprotected server, it's common after a year or two to have...
Results 1 to 25 of 1000