Page 3 of 3 FirstFirst 123
Results 51 to 73 of 73
  1. #51
    Join Date
    Nov 2004
    Posts
    54
    Quote Originally Posted by ShieldTech
    How do you uninstall APF?
    login your root account and try this commands
    /etc/init.d/apf stop
    iptables -F
    rm -Rf /etc/apf
    rm -Rf /etc/rc.d/init.d/apf
    rm -Rf /var/log/apf_log
    rm -Rf /var/log/apfados_log
    rm -Rf /usr/local/sbin/apf
    /sbin/chkconfig --level 345 apf off

  2. #52
    Another good thing to check periodically is what binaries are setuid root (I apologize if this has already been mentioned; 50+ replies in this thread):

    find / -user root -perm -4000 -print

    Review it on a periodic basis and if anything crops up that you know you aren't using, disable it, remove it, etc.

  3. #53
    Join Date
    Sep 2005
    Posts
    145
    Restrict SSH Access


    To restrict and secure SSH access, bind sshd to a single IP that is different than the main IP to the server, and on a different port than port 22.


    SSH into server and login as root.

    Note: You can download Putty by Clicking Here. It's a clean running application that will not require installation on Windows-boxes.


    At command prompt type: pico /etc/ssh/sshd_config

    Scroll down to the section of the file that looks like this:

    -------------------------------------------

    #Port 22
    #Protocol 2, 1
    #ListenAddress 0.0.0.0
    #ListenAddress ::

    -------------------------------------------


    Uncomment and change

    #Port 22

    to look like

    Port 5678 (choose your own 4 to 5 digit port number (49151 is the highest port number)


    Uncomment and change

    #Protocol 2, 1

    to look like

    Protocol 2


    Uncomment and change

    #ListenAddress 0.0.0.0

    to look like

    ListenAddress 123.123.123.15 (use one of your own IP Addresses that has been assigned to your server)


    Note 1: If you would like to disable direct Root Login, scroll down until you find

    #PermitRootLogin yes

    and uncomment it and make it look like

    PermitRootLogin no

    Save by pressing Ctrl o on your keyboard, and then exit by pressing Ctrl x on your keyboard.


    Note 2: You can also create a custome nameserver specifically for your new SSH IP address. Just create one called something like ssh.xyz.com or whatever. Be sure to add an A address to your zone file for the new nameserver.


    Now restart SSH

    At command prompt type: [b]/etc/rc.d/init.d/sshd restart[b]


    Exit out of SSH, and then re-login to SSH using the new IP or nameserver, and the new port.


    Note: If you should have any problems, just Telnet into your server, fix the problem, then SSH in again. Telnet is a very unsecure protocol, so change your root password after you use it.
    login root in ssh , then I typed pico and got this

    ----
    root@server [~]# pico /etc/ssh/sshd_config
    -bash: pico: command not found
    -----

    anyone have idea on this ?

  4. #54
    Join Date
    Sep 2005
    Posts
    145
    my friend told my try use nano instead of pico , is there any deference between nano and pico ?

  5. #55
    Join Date
    Apr 2004
    Location
    UAE
    Posts
    62
    try: nano /etc/ssh/sshd_config

  6. #56
    Join Date
    Apr 2004
    Location
    UAE
    Posts
    62
    It's just an editor defined in the server to edit your plan text. You can define any other editor instead; every editor has its own functions. But how to re-define another editor? I don’t know.

  7. #57
    Join Date
    Sep 2005
    Posts
    145
    Note 2: You can also create a custome nameserver specifically for your new SSH IP address. Just create one called something like ssh.xyz.com or whatever. Be sure to add an A address to your zone file for the new nameserver.
    thanks for your help mohdjumah but

    after changing ssh port, I SUPPOSE to create new namsever other than ns1.abc.com ns2.abc.com ?
    Or it an OPTIONAL ? what the advantaged of it ?

    I'm really confusing here

  8. #58
    Join Date
    Feb 2003
    Location
    Atlanta
    Posts
    81

    true?

    Quote Originally Posted by 000000000
    Under Mail

    Attempt to prevent pop3 connection floods

    Default catch-all/default address behavior for new accounts - blackhole
    Is this true?
    It contradicts the settings for individual accounts discussed here:
    http://www.webhostingtalk.com/showthread.php?t=473272

    Curious,
    Terry

  9. #59
    Join Date
    Mar 2004
    Location
    London, UK
    Posts
    299
    Quote Originally Posted by bigscanner
    Is this true?
    It contradicts the settings for individual accounts discussed here:
    http://www.webhostingtalk.com/showthread.php?t=473272
    Curious, Terry
    The conclusions in that post don't look contradictory to me, but for a more 'authoritive' answer look here:

    http://www.configserver.com/free/fail.html

    - Vince

  10. #60

    Thumbs up

    Thanks everyone!
    Awesome thread!
    EXTREMELY useful!
    I could go on...LOL.

  11. #61
    Join Date
    Oct 2005
    Posts
    72
    What does it mean if I installed APF but after using it for a bit.. it blocks ALL traffic? What am I doing wrong?

  12. #62
    I try to edit the .bash_profile and it says "Could not open file for writing: Permission denied.". Chmod is set to -rw-r--r--. I tried to chmod it and it says "changing permissions of '.bash_file': Operation not permitted.

    HELP!

  13. Quote Originally Posted by 000000000
    A Beginner's Guide to Securing Your Server Part 1 of 3 (Security Inside WHM/CPanel)


    These are items inside of WHM/Cpanel that should be changed to secure your server.



    Goto Server Setup =>> Tweak Settings


    Check the following items...


    Under Domains

    Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)


    Under Mail

    Attempt to prevent pop3 connection floods

    Default catch-all/default address behavior for new accounts - blackhole


    Under System

    Use jailshell as the default shell for all new accounts and modified accounts



    Goto Server Setup =>> [/b]Tweak Security[/b]

    Enable php open_basedir Protection

    Enable mod_userdir Protection

    Disabled Compilers for unprivileged users.



    Goto Server Setup =>> Manage Wheel Group Users

    Remove all users except for root and your main account from the wheel group.



    Goto Server Setup =>> Shell Fork Bomb Protection

    Enable Shell Fork Bomb/Memory Protection



    When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.



    Goto Service Configuration =>> FTP Configuration

    Disable Anonymous FTP



    Goto Account Functions =>> Manage Shell Access

    Disable Shell Access for all users (except yourself)


    Goto Mysql =>> MySQL Root Password

    Change root password for MySQL



    Goto [b]Security[b] and run [b]Quick Security Scan[b] and [b]Scan for Trojan Horses[b] often. The following and similar items are not Trojans:

    /sbin/depmod
    /sbin/insmod
    /sbin/insmod.static
    /sbin/modinfo
    /sbin/modprobe
    /sbin/rmmod
    Great Guide

  14. #64
    Wow, I'm amazed at the quality info on this board, you guys now what you are talking about big time. I just got PMON up and running ... thanks for that rasputinj.

  15. #65

    How about anti spam issues

    Dear all,

    Good day guys.

    Is there any skill regarding antispam to learn ?

    Thanks

  16. #66
    Quote Originally Posted by ejc
    I try to edit the .bash_profile and it says "Could not open file for writing: Permission denied.". Chmod is set to -rw-r--r--. I tried to chmod it and it says "changing permissions of '.bash_file': Operation not permitted.
    HELP!
    Are you logged in as root? You need to be to be able to access.
    ••• Like us on Facebook to qualify for discounts! •••
    ••• http://www.sprintserve.net •••
    ••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
    ••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••

  17. #67
    I just turned on antispam about 2 weeks ago on my main site. I might recommend turning on the spam box for about a week or two, just to make sure you aren't getting any false positives. I can say that in the last two weeks, I have had not a single false positive for spam, and I am confident soon to turn of spam box and just let it do its thing. Bye Bye spam!

    misterdmc
    webmaster
    http://www.123hostingsolutions.com

  18. #68
    I just turned on antispam - spam assassin - about 2 weeks ago on my main site. I might recommend turning on the spam box for about a week or two, just to make sure you aren't getting any false positives. I can say that in the last two weeks, I have had not a single false positive for spam, and I am confident soon to turn of spam box and just let it do its thing. Bye Bye spam!

    misterdmc
    webmaster
    http://www.123hostingsolutions.com

  19. #69
    Join Date
    Mar 2006
    Posts
    102
    super but when i start APF my server stop 5 mins block everything !

  20. #70
    Note 1: If you would like to disable direct Root Login, scroll down until you find

    #PermitRootLogin yes

    and uncomment it and make it look like

    PermitRootLogin no
    -----------------------------------------------------------------------------------------------------

    i did the permitrootlogin to no but i can still logging with root ?? any idea's ?

    Regards
    Khaled Mohesen

  21. #71
    Join Date
    Mar 2006
    Location
    Servers
    Posts
    1,590
    Hello yes you need to restart ssh daemon :


    # service sshd restart




    Thanks.
    QHoster.com - Web Hosting with DDoS Protection | Shared & Reseller in Europe/North America
    Linux/Windows RDP VPS 13 Locations : UK, US (5 states), Mexico, Canada, Bulgaria, Lithuania,
    Italy, France, Germany,Netherlands, Switzerland, Rissia, Singapore | OpenVPN/PPTP Enabled
    INSTANT | PayPal, Skrill, Payza, Bitcoin, WebMoney, Perfect Money, Ukash, CashU, paysafecard

  22. #72
    Join Date
    Mar 2006
    Posts
    102
    APF Blocks All the traffic..!! What is wrong

  23. #73
    Join Date
    Mar 2005
    Location
    Cardboard box
    Posts
    1,027
    Quote Originally Posted by crzy
    APF Blocks All the traffic..!! What is wrong
    Are you still able to access your server? If yes, reproduce what you have done so far. Otherwise, contact your support.

Page 3 of 3 FirstFirst 123

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •