Results 1 to 10 of 10
  1. #1
    Join Date
    Oct 2002
    Posts
    46

    Protecting my stuff

    Hello and Merry Christmas to everyone!

    I'm on a dedicated managed server and I was wondering if there is a way to protect some of my scripts and databases from being seen/downloaded by my server provider... the thing is that all these scripts & DB's are being used - it's not like they are static files which I can just encrypt with PGP or something.

    These files are being executed by me and visitors to my sites - I just don't want the server provider to have administrator access to them i.e. view the source of the scripts and/or download them and have any access to the databases because I have information of business value in them.

    Any ideas?

  2. #2
    Join Date
    Jul 2003
    Location
    Castle Pines, CO
    Posts
    7,189
    If you are having these thoughts about your provider - you might want to think of changing providers.

    Usually most providers have better things to do than get the scripts / databases, etc from their clients.

  3. #3
    Join Date
    Oct 2002
    Posts
    46
    I'm ok with my provider I just want to be 100% sure that certain files will not be accessible to anyone but me...

  4. #4
    Join Date
    Oct 2005
    Location
    US
    Posts
    308
    I suggest you monitor your server.. If my provider logs in I will know.. If the server is down I will also know.. If I log in, or anyone else for that matter; I will know.
    Last edited by No1Resource; 12-25-2006 at 11:36 PM.

  5. #5
    Quote Originally Posted by No1Resource
    I suggest you monitor your server.. If my provider logs in I will know.. If the server is down I will also know.. If I log in, or anyone else for that matter; I will know.
    If you want to do this, complete the following steps:

    SSH into the server and login as root.

    Type:

    pico .bash_profile

    Scroll down to the end of the file and add the following :

    echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | awk '{print $6}'`" [email protected]

    Then Save.

    Now it will email you when anyone SSH's into your server.
    Host In Us Web Hosting Services | www.hostinus.com
    Premium Enterprise Shared Web Hosting
    Less than 80 Customers per server!
    Try us out! We want to earn your business.

  6. #6
    Join Date
    Oct 2002
    Posts
    46
    Thanks I'll definitely use that!

    But still the main question remains... yes I will know if anyone logins, maybe there's even a way to see exactly what they've been looking at - BUT how do I make sure that certain scripts and databases are protected and at the same time working?

  7. #7
    Join Date
    Nov 2003
    Location
    Amidst several dimensions
    Posts
    4,321
    If you are using php, get zend accelerator installed on your server.

    Encode your php scripts with zend encoder. This way they will be encrypted, and if someone downloads them it will be a no go. To make sure they do not run your scripts on another server that has zend accelerator, be sure to put code in it that checks domain, ip (servers) and so on and run only if they match.

  8. #8
    Join Date
    Oct 2002
    Posts
    46
    Cool man thanks

    Is there a way to do this with Perl/CGI scripts?

    btw: what about the databases... any ideas how to protect them againts being accessible/viewed by someone other than me and my scripts?
    Last edited by user21815; 12-26-2006 at 09:05 AM.

  9. #9
    Join Date
    Oct 2002
    Posts
    46
    anyone knows anything about this?

  10. #10
    Join Date
    Aug 2006
    Location
    Ireland
    Posts
    813
    i think if you have suse linux you can encrypt the hard drive, but im not sure as never did it, intersting thread (subscribes)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •