Results 1 to 25 of 25
  1. #1
    Join Date
    May 2004
    Location
    Lithuania
    Posts
    1,038

    What kind of scripts do you ban on your server? (pls, name it)

    Hello everyone,


    Wanted to ask, what king of scripts do you ban in your server? Forums, wap chats, proxy servers .. you name it.


    Thank you

  2. #2
    Join Date
    Apr 2005
    Location
    San Francisco, CA
    Posts
    1,029
    PhpBB (any version) - MUST ban if you don't want find your server spamming, DDoS-ing, installing fake PayPal/Ebay sites.

    Also my suggestions is Mambo, PostNuke and PhpNuke as well.

    Gallery script it OK, as long as customers keep latest version.

  3. #3
    I think steven-v's answer is way paranoid. I've been running Mambo on a few sites and haven't had them exploited or attacked in any way. The same goes for PHP-Nuke. If you have mod_security on your system or equivalent and you keep the rules up you don't have to worry about PhpBB. They're pretty vigilant on closing holes and offering help on the forums should a hole be exploited.

    You need to make sure that on your TOS and AUP that you put the onus on your customers to keep the scripts they run up to date and that they know they will pay if they should let somone exploit.

    As for scripts that I wouldn't allow you need to be vigilant for proxy type scripts that will bounce email to an open smtp. Many spammers will try to install those. Those can be named anything so watch new customers for a while. They wont waste any time installing them as soon as they have access. Make sure you make it clear that those types of scripts are unacceptable in the TOS and AUP as well.

    Just my two cents.

  4. #4
    Join Date
    May 2005
    Location
    Bay Area
    Posts
    1,211
    I too think that his answer is a bit paranoid, however I can understand with the phpBB thing. I had fantastico on one of my servers and people would always install the phpBB script - I think maybe half of those boards got hacked? It was terrible, so I personaly will never use the board just because I know they get hacked easily.

  5. #5
    Join Date
    Apr 2005
    Location
    San Francisco, CA
    Posts
    1,029
    So, nobody disagree with PhpBB selection ?

    Other scripts I banned because even on "clean" servers without PhpBB - only with Mambo/PostNuke (from PLESK Reloaded installations) I still got bunch of junk trying to run ircbots from /tmp and by tracing back found that got in a system thru some of Postnuke files and CURL.

    Today we chmod 700 of fetching utils and don't see anything for while (in addition to securing /tmp)

    Some peoples told me about Mambo - that this is OK to keep it, may I will re-activate in future.

    P.S. Mod_security was been installed from the beginning, but some how sometimes it's get thru - we update/add rules on weekly basis, but customers complain that some of their scripts it not working anymore - here is bad part of mod_security.

  6. #6
    Join Date
    Jul 2002
    Posts
    3,352
    Originally posted by steven-v
    PhpBB (any version) - MUST ban if you don't want find your server spamming, DDoS-ing, installing fake PayPal/Ebay sites.

    Also my suggestions is Mambo, PostNuke and PhpNuke as well.

    Gallery script it OK, as long as customers keep latest version.
    that's like over 50% of free/opensource scripts that you just banned. there should be a better way. if you banned all those free/opensource scripts...you're turning away a big chunk of customers.

  7. #7
    Join Date
    May 2002
    Location
    Internet / Colorado
    Posts
    1,652
    Originally posted by steven-v
    PhpBB (any version) - MUST ban if you don't want find your server spamming, DDoS-ing, installing fake PayPal/Ebay sites.
    What is wrong with PHPBB? The latest version is pretty sound from what I hear?
    Like passive recurring revenue you can retire on?
    You focus on building your brand, we handle all support, billing, and more.
    Pressed.net - Start your own Managed WordPress Hosting Company

  8. #8
    Join Date
    Jan 2002
    Location
    Boston
    Posts
    5,010
    We ban flat file based forums (Due to resource usage issues) and any type of phpshell type script.

  9. #9
    Join Date
    Feb 2003
    Location
    Connecticut
    Posts
    5,441
    GreyMatter can cause load spikes--I'd look into banning that.

  10. #10
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,998
    • Matt's FormMails -- ALL versions;
    • Jack's Formmail.php
    • All IRC, psybnc and bots
    • PHP-Nuke <-- also banned at the network level actually, not just our rule
    • Post-Nuke
    • Flat-file forums
    • Cataloging type scripts, which constantly poll Internic and Google, to create their own database (which is usually then used by the client to scout domains, launch attacks on vulnerable sites, etc.) We're not a search engine nor are constantly-running scripts a fair use of resources.


    Any current, up-to-date installation of phpBB is fine. Current, up-to-date Mambo is fine. The key is that scripts need to be kept patched.

    In general terms, no insecure script is allowed, period. A script with a known exploit just has to be disabled immediately... ya' can't let holes sit there and be abused, it'll only hurt everyone. That's not fair to everyone else on the box.

    Also all scripts are monitored and any script found to be cause load spikes or performance issues, is addressed. We work with the client to identify what is going on and what our options are. Usually the site just needs tweaking/optimizing.



    Bailey
    Last edited by bithost(NET); 06-17-2005 at 08:39 PM.
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

  11. #11
    Join Date
    May 2002
    Location
    Internet / Colorado
    Posts
    1,652
    What are you guys using to monitor all this banning?

    custom scripts?
    Like passive recurring revenue you can retire on?
    You focus on building your brand, we handle all support, billing, and more.
    Pressed.net - Start your own Managed WordPress Hosting Company

  12. #12
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,998
    No, paying attention to what people upload. The server e-mails each night if a script that is capable of sending e-mail, has been uploaded. We read that e-mail and investigate any script we're not sure about.

    Fantastico advises every time a script is installed that way. And, cPanel has an auto-updater for any scripts set up directly through cPanel.

    WHM has a background process killer which takes care of the bots. The server e-mails you when the bots are cancelled so we know where to go and whom to contact.

    Between those 4 things, it accounts for a good 90%-plus of the scripts on the box.

    Bailey
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

  13. #13
    Join Date
    Nov 2001
    Location
    The South
    Posts
    5,403
    perl based forums

    flat file forums regardless of language

    any sort of irc service, be it bouncer, proxy, or whatever

    any sort of web proxy

    the webmail addon for postnuke, that darn thing was responsible for at least half of the spam complaints we got last year until I did a search and destroy and added it to my TOS.

    formmail.php and formmail.cgi - people simply can't be bothered to secure these so we banned them outright.
    Gary Harris - the artist formerly known as Dixiesys
    resident grumpy redneck

  14. #14
    Join Date
    Jul 2002
    Posts
    3,352
    hey how do you ban file btw, is it from web server or ftp server?

  15. #15
    Join Date
    Feb 2003
    Location
    Connecticut
    Posts
    5,441
    Can't be FTP server if you have a control panel that allows file uploads.

    Maybe a cron job?

  16. #16
    Join Date
    Feb 2005
    Location
    Rochester, MN
    Posts
    916
    phpbb and most of the other scripts mentioned are fine, just make sure you secure your server. Insecure servers are the problems not the scripts, it shouldn't matter what your clients upload to your servers if your servers have been hardened properly.

    you can ban file types from most ftp servers if you want to go about it that way.
    Area51.mn VPS, Dedicated & Colocated Servers.
    Area51 Computers Custom Servers & Gaming Systems. (Since 1998)
    NetAffect Email & Web Hosting Services. (Since 1996)
    Quality Systems & Service Since 1996

  17. #17
    Join Date
    Jun 2003
    Location
    Proud She-Geek
    Posts
    1,722
    Originally posted by Kiamori
    you can ban file types from most ftp servers if you want to go about it that way.
    The only problem with that is if someone *really* wants to upload a certain file they'll just rename it with a different extension so they're able to upload, and then name it back when they're done.
    <?php echo "Signature here"; ?>

  18. #18
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,998
    We run Chad Keep's FindFormmail script on a cron, which automatically disables the exploitable formmails, no matter what they're named. The script looks deeper than the filename.

    (This script allows Matt's 1.92 but it does catch all the exploitable versions as well as Jack's Formmail.php)

    Bailey
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

  19. #19
    Join Date
    Dec 2004
    Location
    New York, NY
    Posts
    10,574
    Originally posted by bithost(NET)
    We run Chad Keep's FindFormmail script on a cron, which automatically disables the exploitable formmails, no matter what they're named. The script looks deeper than the filename.

    (This script allows Matt's 1.92 but it does catch all the exploitable versions as well as Jack's Formmail.php)

    Bailey
    Got a link to that script? I'd love to get a copy!

    Thanks,
    MediaLayer, LLC - www.medialayer.com Learn how we can make your website load faster, translating to better conversion rates for your business!
    The pioneers of optimized web hosting, featuring LiteSpeed Web Server & SSD Storage - Celebrating 10 Years in Business

  20. #20
    I think that spamming scripts should be banned, and any type of resource consuming script, such as anything that could be abused by the users, or to hack the server/other sites users...

    I do think if you do ban somethings you will loose customers, i do like phpbb, but do keep it up-to-date, that is a must, because if you dont you will be hacked.

  21. #21
    Join Date
    Feb 2005
    Location
    Rochester, MN
    Posts
    916
    Originally posted by P-nut
    The only problem with that is if someone *really* wants to upload a certain file they'll just rename it with a different extension so they're able to upload, and then name it back when they're done.
    most decent ftp servers also prevent this if they have filters to block certian file types. however many of the cheap ones do not.
    Area51.mn VPS, Dedicated & Colocated Servers.
    Area51 Computers Custom Servers & Gaming Systems. (Since 1998)
    NetAffect Email & Web Hosting Services. (Since 1996)
    Quality Systems & Service Since 1996

  22. #22
    Join Date
    Jun 2005
    Location
    Canada
    Posts
    2,493
    Originally posted by steven-v
    PhpBB (any version) - MUST ban if you don't want find your server spamming, DDoS-ing, installing fake PayPal/Ebay sites.

    Also my suggestions is Mambo, PostNuke and PhpNuke as well.

    Gallery script it OK, as long as customers keep latest version.
    Extremely paranoid. Yes it is right to fear those are exploitable but that's what a lot of people use. I use all 4 of those mentioned on numerous sites and I am fine so far.

    PhpBB: It may be exploitable but as long as you have a good defence you are fine. Everyone loves an instant install free forum which is easy to use and has some cool skins for it.

    I have version 2.2 of phpbb, my friend works for them and was the first to exploit it. He says with some new security upgrades they are making it a lot harder to be hacked, but make sure your users know not to make some simple passwords that can be cracked be someone useing Access Driver, or any other brute forcer.

    Don't forget to get a Business Number so you are not liable to be sued.
    Last edited by PixelManual; 06-19-2005 at 10:03 PM.

  23. #23
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,998
    Sure thing...

    Chad Keep's FindFormmail Script
    http://www.door-county.net/dev/findformmail.txt

    Use and distribute freely, please honor his legacy by keeping his credit intact.

    Bailey
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

  24. #24
    Join Date
    Sep 2004
    Location
    Flint, Michigan
    Posts
    5,765
    Originally posted by steven-v
    PhpBB (any version) - MUST ban if you don't want find your server spamming, DDoS-ing, installing fake PayPal/Ebay sites.

    Also my suggestions is Mambo, PostNuke and PhpNuke as well.

    Gallery script it OK, as long as customers keep latest version.
    You should look into mod_security.
    Mike from Zoodia.com
    Professional web design and development services.
    In need of a fresh hosting design? See what premade designs we have in stock!
    Web design tips, tricks, and more at MichaelPruitt.com

  25. #25
    Hi,

    most scripts listed are for linux/php onces.

    any script that are not safe for Windows platform if you are only runnning asp and asp.net

    cheers
    Joel

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •