Results 101 to 125 of 309
-
12-04-2007, 04:18 AM #101Newbie
- Join Date
- Jan 2006
- Posts
- 7
I found APF to be quirky... but that's just me. CSF runs lean and mean and does way better than APF did on my box. I'd recommend combining CSF/LFD with MailScanner (through Chripy's site HERE.) Great way to go.
0
-
12-11-2007, 01:49 PM #102Newbie
- Join Date
- Oct 2007
- Location
- http://www.Lundro.AL
- Posts
- 18
any one have use lynis
http://www.rootkit.nl/projects/lynis.html
i have a ask for u whats the best anti rootkit
rootkit hunter or chkrootkit or zeppoo.net or a new anti rootkitLast edited by etusha; 12-11-2007 at 02:02 PM.
0
-
12-12-2007, 03:45 AM #103New Member
- Join Date
- Dec 2007
- Posts
- 4
Frynge, awesome tutorial!
0
-
12-27-2007, 02:31 PM #104Newbie
- Join Date
- Jun 2003
- Posts
- 5
Spam Assassin
Spam Assassin can take up a lot of memory and make it really hard to host just a few sites on a VPS, but there is a way around this...
Login to WHM as root, scroll down to "cPanel 10.8.1-R15" (it may be slightly different depending on what version you are using) then goto "Addon Modules" and install "spamdconf". Once it's done, refresh the WHM page, scroll down to "Add-ons" on the nav bar and then click on 'Setup Spamd Startup Configuration". Set "Maximum Children" to "2". Then hit Submit. Wait a few seconds (15-30, but usually less) for exim to restart and you're done .0
-
01-04-2008, 07:36 PM #105Newbie
- Join Date
- Jan 2008
- Posts
- 6
root logins stopped working
Hello,
I had to recompile apache now root logins are no longer being emailed to me. I pico .bash_profile and the email and everything is there. Any ideas on how to fix this? thanks,0
-
01-23-2008, 11:51 AM #106Junior Guru Wannabe
- Join Date
- Sep 2007
- Posts
- 39
if i done this steps will my security be perfect??
0
-
01-23-2008, 09:13 PM #107Junior Guru
- Join Date
- Apr 2004
- Location
- Miami
- Posts
- 221
0
-
01-24-2008, 08:22 AM #108Newbie
- Join Date
- Oct 2007
- Location
- http://www.Lundro.AL
- Posts
- 18
or burn it
0
-
01-24-2008, 08:47 AM #109Web Hosting Master
- Join Date
- Dec 2005
- Posts
- 3,110
Although this thread does have some very good information & advice, there is more that can be done to improve the security of your server.
If you are hosting something which is mission critical to security you could always consider hiring a management company to do a once-over hardening on your machine or VPS in this case. The main key to security is to ensure all packages on the server are kept upto date, and to monitor the content of your accounts.
or burn it0
-
01-27-2008, 09:16 AM #110WHT Addict
- Join Date
- Feb 2007
- Posts
- 148
Hi,
Can somebody let me know the exact steps how to harden /tmp on a VPS?
Regards,0
-
01-28-2008, 02:26 PM #111Newbie
- Join Date
- Dec 2006
- Location
- California
- Posts
- 20
0
-
01-29-2008, 06:56 AM #112Newbie
- Join Date
- Sep 2007
- Posts
- 9
Do not think of it as a skill or a trade (as with many other tips around) you need a basic understanding of Unix (file system, superstructure, executables, suid bits...) and things like this would come natural. Anyone running their own server without an operator really should, and easily could learn this.
With jiggerbit's answer you are still unsure what it really does, and if you break functionality of some other system component... It always comes back to the basics.Last edited by nixadm; 01-29-2008 at 07:03 AM.
0
-
01-31-2008, 09:53 AM #113Web Hosting Master
- Join Date
- Sep 2006
- Location
- Cardiff - United Kingdom
- Posts
- 1,569
Hello all,
My forum's can sometimes be quite laggy, and I'm not sure why. Load times are averaging at 2+ seconds. I'm on VPS hosting (I have 512Mb of memory - server stats are here).
My forums are getting the same amount of people online as usual (e.g. a bit before peak time: "Users Online: 73 Guests, 41 Users over 15 minutes").
I've carried out the optimisation tips mentioned here (i.e. I've changed the relevant settings in my.cnf and httpd.conf).
However I'm not sure what's causing this lag. I use SMF as my forum software, which is a very reliable and speedy software (other forums with millions of posts run SMF fine; I only have 800,000 posts).
Upon inspection, I found out that certain queries are lagging like mad:
DELETE FROM yabbse_sessions
WHERE last_update < 1201713265
in /home/tauonli/public_html/forums/Sources/Load.php line 2180, which took 7.59983802 seconds.SELECT data
FROM yabbse_sessions
WHERE session_id = '2ab5abd09a2bbebd79065efe0af790e4'
LIMIT 1
in /home/tauonli/public_html/forums/Sources/Load.php line 2110, which took 12.86598301 seconds.REPLACE INTO yabbse_log_boards(id_msg, id_member, id_board)
VALUES
(1058514905, 1, 1)
in /home/tauonli/public_html/forums/Sources/MessageIndex.php line 140, which took 2.8114779 seconds.
UPDATE yabbse_topics
SET num_views = num_views + 1
WHERE id_topic = 60114
in /home/tauonli/public_html/forums/Sources/Display.php line 174, which took 4.49542999 seconds.
UPDATE yabbse_members
SET last_login = 1201723759, member_ip = '88.105.13.104', member_ip2 = '88.105.13.104', total_time_logged_in = 10197033
WHERE id_member = 1
in /home/tauonli/public_html/forums/Sources/Subs.php line 556, which took 3.65229011 seconds.
SELECT
c.id_cat, b.name AS bname, b.description, b.num_topics, b.member_groups,
b.id_parent, c.name AS cname, IFNULL(mem.id_member, 0) AS ID_MODERATOR,
mem.real_name, b.id_board, b.child_level,
b.id_theme, b.override_theme, b.count_posts, b.id_profile, b.redirect,
b.unapproved_topics, b.unapproved_posts, t.approved, t.id_member_started
FROM yabbse_boards AS b
INNER JOIN yabbse_topics AS t ON (t.id_topic = 60114)
LEFT JOIN yabbse_categories AS c ON (c.id_cat = b.id_cat)
LEFT JOIN yabbse_moderators AS mods ON (mods.id_board = t.id_board)
LEFT JOIN yabbse_members AS mem ON (mem.id_member = mods.id_member)
WHERE b.id_board = t.id_board
in /home/tauonli/public_html/forums/Sources/Load.php line 631, which took 15.63650703 seconds.
Runing ps auxf gets:
mysql 20172 0.8 13.1 153012 69060 ? Sl Jan29 9:51 \_ /usr/sbin/mysqld
(0.8% CPU, 13.1% memory)
nobody 1326 1.0 2.6 56680 13900 ? R 13:00 0:02 \_ /usr/local/apache
nobody 1515 0.7 2.9 58256 15524 ? S 13:00 0:01 \_ /usr/local/apache
nobody 1681 0.7 2.6 56388 13636 ? S 13:01 0:01 \_ /usr/local/apache
nobody 2030 0.6 2.6 56468 13700 ? S 13:02 0:00 \_ /usr/local/apache
nobody 3104 0.9 2.8 57708 14944 ? R 13:02 0:00 \_ /usr/local/apache
nobody 3107 0.4 2.4 54824 12660 ? S 13:02 0:00 \_ /usr/local/apache
nobody 3108 0.7 2.5 55876 13124 ? S 13:02 0:00 \_ /usr/local/apache
nobody 3367 1.1 2.3 54244 12072 ? S 13:03 0:00 \_ /usr/local/apache
nobody 3370 0.6 2.4 55500 12672 ? R 13:03 0:00 \_ /usr/local/apache
nobody 3371 1.0 2.4 54888 12716 ? S 13:03 0:00 \_ /usr/local/apache
nobody 3384 0.9 3.0 58000 15820 ? R 13:03 0:00 \_ /usr/local/apache
nobody 3533 0.9 2.4 55276 13024 ? S 13:03 0:00 \_ /usr/local/apache
nobody 3540 1.0 2.5 56072 13608 ? S 13:03 0:00 \_ /usr/local/apache
nobody 3588 0.8 2.3 54776 12084 ? S 13:04 0:00 \_ /usr/local/apache
nobody 3598 3.8 2.6 56260 13704 ? S 13:04 0:00 \_ /usr/local/apache
nobody 3618 0.0 0.6 47104 3412 ? S 13:04 0:00 \_ /usr/local/apache
Thanks,
Tristan0
-
02-10-2008, 03:54 PM #114Newbie
- Join Date
- Nov 2007
- Posts
- 10
Nice and very useful thread, thanks for posting this!
0
-
02-11-2008, 11:29 AM #115Web Hosting Guru
- Join Date
- Feb 2003
- Location
- L.A. C.A.
- Posts
- 346
Great thread/article, thanks.
WLKNS.co - A collection of my programmer thoughts0
-
02-24-2008, 08:02 PM #116Junior Guru Wannabe
- Join Date
- Oct 2007
- Posts
- 65
tristanperry
If you use innodb tables, increase your innodb_buffer_pool_size,
and increase your query_cache_size and key_buffer_size.
Good luck.0
-
03-07-2008, 05:41 AM #117Newbie
- Join Date
- Sep 2004
- Location
- Manchester, UK
- Posts
- 22
Hi there,
Great post thank you everyone
I have installed apf on my dedi's and it works great, I have come to install it on my cpanel vps servers and my users report they can not send mail has anyone else had this problem? As soon as I stop apf the mail clears from the que.
I have made sure these are open in the config file TCP/UDP 25, 110, 143, 465, 993, 995.
Any ideas?
Kind regards,
Rick0
-
04-25-2008, 11:59 AM #118Junior Guru Wannabe
- Join Date
- Feb 2008
- Posts
- 39
what about sql injection thru the cpanel? i got hacked a few times like these.
0
-
04-26-2008, 05:29 PM #119Junior Guru Wannabe
- Join Date
- Jan 2008
- Posts
- 50
Great post. Thanks!
Now I'm sure I'll stick with shared accounts and going to stay away from VPS as long as I can
=)0
-
04-27-2008, 03:59 AM #120Web Hosting Master
- Join Date
- Mar 2002
- Location
- UK
- Posts
- 1,265
When I use:-
At command prompt type:
pico .bash_profile
Scroll down to the end of the file and add the following line:
echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | awk '{print $6}'`" your@email.com
Save and exit.
-bash :mail command not found
-bash :echo: write error: Broken pipe
cPanel 11.18.3 R21703
Centos 5
Any idea why it breaks it?0
-
04-30-2008, 06:06 AM #121Junior Guru Wannabe
- Join Date
- Nov 2006
- Location
- San Francisco
- Posts
- 33
tmp can be secured to be noexec in 1 minute, no reboot required. Nothing can execute there - /var/tmp remains a risk - unless that is mounted separately also:
/dev/VolGroup00/LogVol02 /tmp ext3 defaults,nosuid,noexec 1 2
edit the /etc/fstab file, then do a mount -o remount and it will remount /tmp and you are set - just don't be in /tmp when remounting.Last edited by greggster; 04-30-2008 at 06:06 AM. Reason: spelling
Mochabomb - Web Design + Hosting for Geeks
0
-
05-16-2008, 02:42 PM #122Newbie
- Join Date
- May 2008
- Location
- Baghdad
- Posts
- 27
thanx for this nice post
0
-
05-18-2008, 10:57 AM #123Newbie
- Join Date
- Mar 2008
- Location
- Hong Kong
- Posts
- 19
Another great tool against ssh brute force is deny hosts. It uses host.deny file which may be more appropriate for VPSs as the number of iptables rules is usually limited by the VPS provider.
0
-
05-20-2008, 10:39 PM #124Junior Guru Wannabe
- Join Date
- Nov 2006
- Location
- San Francisco
- Posts
- 33
Portsentry is one tool that has spared a lot of hacking attempts - I have the same IP's daily trying to get in - here is one way to thwart:
1. Setup Portsentry (against the recommendations) to scan up to port 65000 or so - I saw a lot of scans start at port 1026 - portsentry is default setup to port 1024, so raised to 65000 and allow 3+ port scans before blocking - that way there are less false alarms or in case someone forgets port 22....
2. Change your ssh port to the 2000+ range - remember to open your firewall for this new port..
3. Keep port 22 open on firewall - and now its a honeypot of sort - got to remind users to use the new non-standard port, but script kiddies fall right into it.
4. Anyone port scanning is only looking to harm, so they get dropped completely for a while and cannot do any more harm. Bye bye.
Here we see people start on port 1026 a lot - on a typical portsentry install, Squid, VNC and other services lack a layer of protection that FTP, SMTP have - with this setup - not no more:
From 221.6.145.18 - 2 packets to udp(1026,1027)
From 221.208.208.86 - 2 packets to udp(1026)
From 221.208.208.92 - 2 packets to udp(1026)
From 221.208.208.95 - 2 packets to udp(1026,1027)
From 221.208.208.97 - 2 packets to udp(1026,1027)
From 221.208.208.99 - 4 packets to udp(1026,1027)
From 221.208.208.212 - 4 packets to udp(1026,1027)
From 222.84.225.189 - 2 packets to tcp(5900)
From 222.187.221.27 - 4 packets to tcp(7212,8000)
From 222.216.28.40 - 2 packets to tcp(5900)
And a word about security through obsecurity - technically a lot of existing security is through obsecurity - just differing levels of randomness - port, 8 character password or 1024 character certificate. If someone knew what port a service is running on, or knew a password, or knew the SSH key - either 4, 8, or 1024 characters - they have access. These random characters is why cracking works. Its only a matter of time before the port/password/certificate is found out if being cracked - even if its 20 years - at some point the attacker quits for an easier target. Again, if we can slow down the hacker, they will move on - or the script will move on. Think car alarms, 3 locks on front the door of an apartment, "The CLUB" - all there to say "move on to an easier target".Mochabomb - Web Design + Hosting for Geeks
0
-
06-13-2008, 02:55 AM #125New Member
- Join Date
- May 2008
- Posts
- 4
0