Category:

Server Security

AWS Security – Dealing with Exposed AWS Access keys

by SupportPRO Admin February 16, 2024

The security of AWS access keys is paramount for safeguarding your cloud infrastructure and maintaining the integrity of your deployed AWS services. These keys grant programmatic access to your AWS environment, making them critical assets that must be handled with utmost care. In the unfortunate event that access keys are exposed or compromised, swift and strategic action is essential to mitigate risks and prevent unauthorized access, data breaches, or service disruptions. This comprehensive guide outlines the critical security measures and best practices to follow when managing an access key exposure …

0 comment

AWS Cloud cPanel General Topics Server Monitoring Server Security Technical Articles

SupportPRO Achieves cPanel SafeAdmin Accreditation

by SupportPRO Admin April 14, 2020

written by SupportPRO Admin

We are glad to inform you that SupportPRO added another jewel to our crown recently as we achieved cPanel SafeAdmin Accreditation.

0 comment

Compiling tools General Topics Linux Basics server Migration Server Security Server Tweaking Technical Articles

Network configuration in Ubuntu 18.04 LTS using netplan

by SupportPRO Admin December 22, 2019

written by SupportPRO Admin

With Ubuntu 18.04 onwards, configuring IP addresses stands different from the older versions. When comparing with the previous versions the Ubuntu is using a new utility called Netplan – another order line arrange design utility, to arrange an IP address. Netplan has been presented by Ubuntu engineers in Ubuntu 17.10 where we no longer use the “interfaces” file to configure IP address but does the task using a YAML file with all default arrangement documents found under /etc/netplan/ directory. In this blog, we will check on how to design static …

0 comment

Server Security Server Tweaking Technical Articles

CVE-2017-5638: Apache Struts 2 Vulnerability

by Bella March 16, 2017

written by Bella

Apache Struts 2 is an open-source development framework for Java applications. On March 6th, 2017, a vulnerability tracked as CVE-2017-5638 in Apache Struts 2 was made public. This vulnerability could allow an attacker to perform remote code execution with malicious Content. This particular vulnerability can be exploited if the attacker sends a request to upload a file to a vulnerable server that uses a Jakarta-based plugin to process the upload request. The attacker can then send malicious code in the Content-Type header to execute the command on a vulnerable server. …

0 comment

Server Security Technical Articles

How to Fix Dirty Cow Vulnerability – CVE-2016-5195

by Bella October 25, 2016

written by Bella

A serious vulnerability named Dirty COW has been discovered recently which has put the Linux kernel under risk. It is said that this vulnerability was noticed nine years ago (since version 2.6.22 in 2007) and remained unnoticed throughout this time. A researcher named Phil Oester was the man behind the detection of this serious threat. According to him, the vulnerability is described as a race condition where the Linux kernel’s memory subsystem handles the copy-on-write (COW) breakage of private read-only memory mappings. In this way, the attackers gain write access to …

0 comment

Server Security Technical Articles

DROWN Attack – SSLv2 Vulnerablity

by Bella July 10, 2016

written by Bella

Security researchers identified a new OpenSSL vulnerability, called DROWN( Decrypting RSA with Obsolete and Weakened Encryption ) on March 2016. This attack was focused on servers that use the more secure TLS protocol, which also supports the obsolete SSLv2.This vulnerability allows an attacker to decrypt the highly secured TLS encrypted communication if the server houses SSLv2 cipher support. DROWN was assigned the CVE-2016-0800 id by the us-nert on the march (https://www.us-cert.gov/ncas/bulletins/SB16-067 ). More than 11 million websites that use TLS were vulnerable to DROWN attack. If your website is protected …

0 comment

General Topics Linux Basics Server Security

Configuring cPHulk via WHM & command line

by Bella March 25, 2016

written by Bella

Now-a-days Brute force attacks to servers/websites are frequent. Brute force attack is generally a password guessing technique. It is a type of attack in which trying every possible combination of characters or data in order to find the decrypted message. A brute force guarantees finding the key – it’s trying every possible combination and does not rely on any potentially incomplete dictionaries or lists of possible keys. cPHulk Brute force Protection is an inbuilt protection used in WHM for preventing brute force attack. cPHulk Brute force Protection will detect and …

0 comment

General Topics Linux Basics Server Security

Installation and configuration of ‘Pyxsoft Antimalware’ in cPanel servers

by Bella March 19, 2016

written by Bella

Pyxsoft antimalware Plugin for cPanel/WHM protects your server from attacker scripts such as c99shell, r57shell, ANIShell, and hundreds more. It is a real-time Anti Malware for cPanel/WHM. Attackers can take control of your servers or can damage your customer’s data by uploading one of these scripts. Pyxsoft antimalware plugin works to protects your server in two ways: Protecting from the six server’s entrance SQL Injection Legitimate Access (SSH, cPanel etc) Web Forms FTP Brute Force Attacks Installed Trojans or shells

0 comment

General Topics Server Security Technical Articles

Multiple SSL installation on single IP in cPanel

by Bella January 15, 2016

written by Bella

As we are aware, usually installing SSL Certificate requires Dedicated IP . The cost of this address is typically being passed down to the end user. Also the IPv4 address will be filled completely if every domain require a dedicated IP. So administrators decided to use multiple SSL installation on a single IP. Thus SNI (Server Name Identification) is established. >> What is SNI : —————— Server Name Indication (SNI) is an extension to the TLS protocol that indicates what hostname the client is attempting to connect. SNI is an …

0 comment

General Topics Miscellaneous Server Security

SSLv3 POODLE vulnerability on your server and the fixes

by Bella July 22, 2015

written by Bella

The SSLv3 Poodle vulnerability which was released on October 14th 2014, is an attack on the SSL 3.0 protocol and it is completely protocol based vulnerability. POODLE stands for “Padding Oracle On Downgraded Legacy Encryption”. The padding attack happens when a plain text is converted to ciphertext. The plain text message often has to be expanded to be compatible with the underlying cryptographic structure and the leakage of data mainly occur during the decryption of the cipher text. The SSLv3 poodle vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using …

0 comment

Newer Posts

Older Posts

Server Security

AWS Security – Dealing with Exposed AWS Access keys

SupportPRO Achieves cPanel SafeAdmin Accreditation

Network configuration in Ubuntu 18.04 LTS using netplan

CVE-2017-5638: Apache Struts 2 Vulnerability

How to Fix Dirty Cow Vulnerability – CVE-2016-5195

DROWN Attack – SSLv2 Vulnerablity

Configuring cPHulk via WHM & command line

Installation and configuration of ‘Pyxsoft Antimalware’ in cPanel servers

Multiple SSL installation on single IP in cPanel

SSLv3 POODLE vulnerability on your server and the fixes

CONTACT US

Sales and Support

Postal Address