Results 1 to 11 of 11
Thread: Hackers & Spammers
-
05-31-2014, 07:56 PM #1Junior Guru Wannabe
- Join Date
- Mar 2005
- Location
- arizona
- Posts
- 81
Hackers & Spammers
Every once in a while I get a script uploaded to one of my sites and usually the host of my reseller account notices before I do and lets me know. I think they usually notice as there is something sending out a large volume of emails.
I know you should keep your scripts updated which some of my clients don't do too often but what other measures could I take so I could monitor or prevent this from happening?
If I moved all the sites in my shared reseller account to a VPS would that give me more options?
I have a domain where I upload & test a lot of scripts & sample sites and experiments with opencart & wordpress and that site seems to get something uploaded from time to time no matter how hard my cpanel password is.
Any tips appreciated, thanks!!VirtualGeorge.com
-
05-31-2014, 08:34 PM #2Aspiring Evangelist
- Join Date
- Dec 2011
- Location
- Montreal
- Posts
- 431
From my point of view your webhosting company should protect you, I mean to check anything is uploaded and remove abusers, in real time, acting before not after.
Yes and no. If is a managed VPS maybe you'll be in the same situation like reseller, you are practically based on your hosting provider. If is managed by you, and you are a good sysadmin the situation will be different, you can write scripts to check if one user is abusing and automatically remove, suspend, block emails etc.
You can restrict access to that domain (folder) by IP, by password etc.
Regards
-
05-31-2014, 10:45 PM #3Junior Guru
- Join Date
- May 2009
- Location
- Indonesia
- Posts
- 217
Moving to vps give you more option to control but it will be a pain if you don't know how to protect your vps and you must learn a lot how to protect your vps. Managed or fully managed is the best option.
-
06-01-2014, 12:51 AM #4Disabled
- Join Date
- Jun 2005
- Posts
- 3,455
Welcome to one of the things hosting companies have to deal with.
If you have a Reseller account or VPS its nice if the provider looks those things for you (in case of a managed VPS, otherwise they donīt have access) but in either way, you are really responsible for your customers and their accounts.
The hosting company would be responsible for you, but not for what your customers do, since they never entered an agreement with them or pay them, they are your customers.
-
06-01-2014, 10:14 AM #5Aspiring Evangelist
- Join Date
- Dec 2011
- Location
- Montreal
- Posts
- 431
Yes, but only the hosting company have access to server security, so they are responsible for server security and what is uploading to the server (to avoid hacking, abuse, overloading etc) and they can automatically respond to any threat, not after the thing happen, before. Of course if the security of those servers are more important than money.
Regards
-
06-01-2014, 10:55 AM #6Web Hosting Master
- Join Date
- May 2009
- Location
- Ft. Lauderdale, Florida
- Posts
- 1,783
Install cfs firewall on your vps (free) There you can place restrictions.
U.S.A. High Resource allocation global cloud hosting serving 310,000 clients since 2008 | Offering both cPanel & DirectAdmin
WebsitePlex.com | Instant Activation | Alpha, Master, Reseller & Cloud Hosting
Recurring Affiliate Program Pays 20% of total revenue for life | 30 Day Trial
-
06-01-2014, 02:15 PM #7Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
For WHM reseller users the mail delivery reports available within WHM can be used to keep an eye on mail volume (especially important for new accounts). However, some providers won't have this option enabled for resellers.
WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
06-03-2014, 03:07 AM #8Junior Guru Wannabe
- Join Date
- Mar 2005
- Location
- arizona
- Posts
- 81
What tools could I use to scan files on the server of a cpanel/resller shared hosting account? Or is that something the host would have to do on a shared hosting account?
Or is there something I could use to scan the files locally? Say if I download a backup from the server then what could I use to scan the files locally?
I guess tools designed for pcs like malware bytes & superantispyware etc are more for windows pc operating systems and not for website files?
I had a large directory that was infected, I had a lot of different sites I was working on installed in different sub-folders and put the initial mockup sites all on one domain and some installations just for testing different themes & plugins. So my host had me delete everything and downloaded a backup.
So wondering what would be the best way to scan & detect any malware before I restored any backups.
Thanks for all the great advice!!VirtualGeorge.com
-
06-03-2014, 03:16 AM #9Junior Guru
- Join Date
- May 2009
- Location
- Indonesia
- Posts
- 217
csf + cxs is great combination for preventing and clamav + maldet would keep your server clean. Works for me great.
-
06-03-2014, 02:00 PM #10Junior Guru Wannabe
- Join Date
- Mar 2005
- Location
- arizona
- Posts
- 81
Ok I will get a vps so I can use some of these tools.
Someone mentioned restricting access to my ip only but since I am on dsl my ip changes every time I re-connect or does that matter?
On another somewhat related question, when I move my clients to a vps the mailserver address is going to change. Years ago when I would make a move it didn't matter because everyone just used their domain for the mailserver so no one would even know. But now a lot of mail clients auto detect the server address for them so they don't enter their domain like mail.domain.com. So after a move to a VPS the mail will stop working if using the server address.
I know I have some clients that use IT support guys to come in and setup mail on their pc's in the office and their cell phones for them. So now they are going to have to need the IT guys to update everything again when I make the move
I guess there is no way around that right? But if I tell them we are upgrading with improved speed & security maybe they won't mind?
thanks!VirtualGeorge.com
-
06-03-2014, 08:28 PM #11Web Hosting Master
- Join Date
- Apr 2009
- Location
- New York City
- Posts
- 5,169
Watch out when choosing a vps provider be sure to always see what they cover if it's a managed solution your looking at. It's always best to manage the server yourself because this way you can make sure your server is always up todate and running in top notch best performance. From time to time it always happens a worker slacks up and forgets or just doesn't do something that can be important and it can effect
Similar Threads
-
Hackers & host security
By mistervb in forum Hosting Security and TechnologyReplies: 23Last Post: 03-28-2009, 08:24 PM -
how to protect your website from hackers/spammers
By Bonnie24 in forum Hosting Security and TechnologyReplies: 5Last Post: 09-29-2007, 08:38 PM -
hackers..spammers..oh my!
By bryonhost1 in forum Hosting Security and TechnologyReplies: 1Last Post: 09-27-2007, 02:32 PM -
security for server spammers/hackers
By king620 in forum Hosting Security and TechnologyReplies: 2Last Post: 06-09-2005, 03:55 AM -
Spammers, Hackers, or complete conartisits.
By WingServers in forum Running a Web Hosting BusinessReplies: 15Last Post: 09-02-2003, 02:02 PM