Results 1 to 11 of 11
  1. #1
    Join Date
    Mar 2005
    Location
    arizona
    Posts
    81

    Hackers & Spammers

    Every once in a while I get a script uploaded to one of my sites and usually the host of my reseller account notices before I do and lets me know. I think they usually notice as there is something sending out a large volume of emails.

    I know you should keep your scripts updated which some of my clients don't do too often but what other measures could I take so I could monitor or prevent this from happening?

    If I moved all the sites in my shared reseller account to a VPS would that give me more options?

    I have a domain where I upload & test a lot of scripts & sample sites and experiments with opencart & wordpress and that site seems to get something uploaded from time to time no matter how hard my cpanel password is.

    Any tips appreciated, thanks!!
    VirtualGeorge.com

  2. #2
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by Virtualgeorge View Post
    I know you should keep your scripts updated which some of my clients don't do too often but what other measures could I take so I could monitor or prevent this from happening?
    From my point of view your webhosting company should protect you, I mean to check anything is uploaded and remove abusers, in real time, acting before not after.




    Quote Originally Posted by Virtualgeorge View Post
    If I moved all the sites in my shared reseller account to a VPS would that give me more options?
    Yes and no. If is a managed VPS maybe you'll be in the same situation like reseller, you are practically based on your hosting provider. If is managed by you, and you are a good sysadmin the situation will be different, you can write scripts to check if one user is abusing and automatically remove, suspend, block emails etc.


    Quote Originally Posted by Virtualgeorge View Post
    I have a domain where I upload & test a lot of scripts & sample sites and experiments with opencart & wordpress and that site seems to get something uploaded from time to time no matter how hard my cpanel password is.
    You can restrict access to that domain (folder) by IP, by password etc.

    Regards
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  3. #3
    Join Date
    May 2009
    Location
    Indonesia
    Posts
    217
    Moving to vps give you more option to control but it will be a pain if you don't know how to protect your vps and you must learn a lot how to protect your vps. Managed or fully managed is the best option.
    i2DOTNET
    ▪ Fast and Reliable Webhosting
    ▪ Los Angeles, Amsterdam and Indonesia Data Centers

  4. #4
    Join Date
    Jun 2005
    Posts
    3,455
    Welcome to one of the things hosting companies have to deal with.

    If you have a Reseller account or VPS its nice if the provider looks those things for you (in case of a managed VPS, otherwise they donīt have access) but in either way, you are really responsible for your customers and their accounts.

    The hosting company would be responsible for you, but not for what your customers do, since they never entered an agreement with them or pay them, they are your customers.

  5. #5
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by nibb View Post

    The hosting company would be responsible for you, but not for what your customers do, since they never entered an agreement with them or pay them, they are your customers.
    Yes, but only the hosting company have access to server security, so they are responsible for server security and what is uploading to the server (to avoid hacking, abuse, overloading etc) and they can automatically respond to any threat, not after the thing happen, before. Of course if the security of those servers are more important than money.


    Regards
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  6. #6
    Join Date
    May 2009
    Location
    Ft. Lauderdale, Florida
    Posts
    1,783
    Install cfs firewall on your vps (free) There you can place restrictions.
    U.S.A. High Resource allocation global cloud hosting serving 310,000 clients since 2008 | Offering both cPanel & DirectAdmin
    WebsitePlex.com | Instant Activation | Alpha, Master, Reseller & Cloud Hosting
    Recurring Affiliate Program Pays 20% of total revenue for life | 30 Day Trial

  7. #7
    Join Date
    Feb 2006
    Posts
    5,393
    For WHM reseller users the mail delivery reports available within WHM can be used to keep an eye on mail volume (especially important for new accounts). However, some providers won't have this option enabled for resellers.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  8. #8
    Join Date
    Mar 2005
    Location
    arizona
    Posts
    81
    What tools could I use to scan files on the server of a cpanel/resller shared hosting account? Or is that something the host would have to do on a shared hosting account?

    Or is there something I could use to scan the files locally? Say if I download a backup from the server then what could I use to scan the files locally?

    I guess tools designed for pcs like malware bytes & superantispyware etc are more for windows pc operating systems and not for website files?

    I had a large directory that was infected, I had a lot of different sites I was working on installed in different sub-folders and put the initial mockup sites all on one domain and some installations just for testing different themes & plugins. So my host had me delete everything and downloaded a backup.

    So wondering what would be the best way to scan & detect any malware before I restored any backups.

    Thanks for all the great advice!!
    VirtualGeorge.com

  9. #9
    Join Date
    May 2009
    Location
    Indonesia
    Posts
    217
    csf + cxs is great combination for preventing and clamav + maldet would keep your server clean. Works for me great.
    i2DOTNET
    ▪ Fast and Reliable Webhosting
    ▪ Los Angeles, Amsterdam and Indonesia Data Centers

  10. #10
    Join Date
    Mar 2005
    Location
    arizona
    Posts
    81
    Quote Originally Posted by i2DOTNET View Post
    csf + cxs is great combination for preventing and clamav + maldet would keep your server clean. Works for me great.
    Ok I will get a vps so I can use some of these tools.

    Someone mentioned restricting access to my ip only but since I am on dsl my ip changes every time I re-connect or does that matter?

    On another somewhat related question, when I move my clients to a vps the mailserver address is going to change. Years ago when I would make a move it didn't matter because everyone just used their domain for the mailserver so no one would even know. But now a lot of mail clients auto detect the server address for them so they don't enter their domain like mail.domain.com. So after a move to a VPS the mail will stop working if using the server address.

    I know I have some clients that use IT support guys to come in and setup mail on their pc's in the office and their cell phones for them. So now they are going to have to need the IT guys to update everything again when I make the move

    I guess there is no way around that right? But if I tell them we are upgrading with improved speed & security maybe they won't mind?

    thanks!
    VirtualGeorge.com

  11. #11
    Join Date
    Apr 2009
    Location
    New York City
    Posts
    5,169
    Watch out when choosing a vps provider be sure to always see what they cover if it's a managed solution your looking at. It's always best to manage the server yourself because this way you can make sure your server is always up todate and running in top notch best performance. From time to time it always happens a worker slacks up and forgets or just doesn't do something that can be important and it can effect

Similar Threads

  1. Hackers & host security
    By mistervb in forum Hosting Security and Technology
    Replies: 23
    Last Post: 03-28-2009, 08:24 PM
  2. how to protect your website from hackers/spammers
    By Bonnie24 in forum Hosting Security and Technology
    Replies: 5
    Last Post: 09-29-2007, 08:38 PM
  3. hackers..spammers..oh my!
    By bryonhost1 in forum Hosting Security and Technology
    Replies: 1
    Last Post: 09-27-2007, 02:32 PM
  4. security for server spammers/hackers
    By king620 in forum Hosting Security and Technology
    Replies: 2
    Last Post: 06-09-2005, 03:55 AM
  5. Spammers, Hackers, or complete conartisits.
    By WingServers in forum Running a Web Hosting Business
    Replies: 15
    Last Post: 09-02-2003, 02:02 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •