Spam is most often considered to be electronic junk mail or junk newsgroup postings. It may be defined even more generally as any unsolicited email. Generally, spamming can happen in three ways. 1. By hacking an email account which has a simple password, which is easy to guess. 2. By uploading script on the server which sends out mails at regular intervals. 3. Via forum or newsletters scripts which are sending mass emails. A fix to a spamming issue means : * Block the IP address if it is an …
Category:
Server Security
A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems, in addition to Mac OS X. Known as the “Bash Bug” or “ShellShock,” the GNU Bash Remote Code Execution Vulnerability could allow an attacker to gain control over a targeted computer if exploited successfully. And because Bash is everywhere on Linux and Unix-like machines and interacts with all parts of the operating system, everyone anticipates that it will have lot of repercussions. How does Shellshock work? Shellshock exploits a flaw in how …
Denial-of-service attack (DoS attack) or Distributed Denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. This attack generally target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks are implemented by either forcing the targeted computer to reset, or consuming its resources so that it can no longer provide its services or obstructs the communication media between the users and the victim so that they can no longer …
DNS is a very important part in any Network. Main objective of securing DNS includes secure exchange of data between DNS servers. Securing DNS queries, Zone transferes and DNS updates can be included in securing DNS. Here, we have mentioned two methods to secure DNS. ie, Securing dns through chroot and by editing named.conf. Please make sure that you have taken the backup of named.conf 1. Securing dns through chroot :- Chroot function is a powerfull mechanism to secure the system. Chroot command uses a chroot() system call.
SSH is a tool for secure remote login over insecure networks. It provides an encrypted terminal session with strong authentication of both the server and client, using public-key cryptography. 1. Use Strong Passwords/Usernames choose passwords that contains: Minimum of 8 characters Mix of upper and lower case letters Mix of letters and numbers Non alphanumeric characters (e.g. special characters such as ! ” $ % ^ etc)
Login into you server with the root login details and run following command [root@server]# /usr/local/cpanel/bin/rebuild_phpconf –current If server is Suexec then result would look like ============== DEFAULT PHP: 5 PHP4 SAPI: suphp PHP5 SAPI: suphp SUEXEC: enabled ============== If you are not sure about Shell then you can also check the SuExec is enabled or not from your WHM. Login into your WHM and in the menu find Configure PHP and SuExec Check the drop down box for “PHP 4/5 Handler” – and if beside that it says “suPHP” – …
If you want to disable redirection to SSL connection while accessing WHM, cPanel, Webmail, please follows these steps. Login to WHM >> Tweak Setting >> Uncheck the following options under Redirection. Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc. Also you have to uncheck the following option under Security in Tweak Settings. Require SSL for all remote logins to cPanel, WHM and Webmail. This setting is recommended. Also you can disable those options from the shell. SSH to the server as root. Open /var/cpanel/cpanel.config and set …
PCI DSS (Payment Card Industry Data Security Standards) are the official security standards created by the PCI Security Standard Council to reduce payment card frauds. It provides elaborate and comprehensive standards to enhance payment card data security. The core purpose of PCI DSS this is to create as secure of an environment as possible for users to process their credit cards. To adhere by PCI DSS, service providers and merchants who sell products over the web are required to have a periodic PCI Security Scans that are usually defined by …
To disble root logina in cpanel server, make sure you add your admin user to the wheel group so that you will be able to su – to root, otherwise you may lock yourself out of root. 1. SSH into your server as admin and gain root access by su 2. Copy and paste this line to edit the file for SSH logins vi /etc/ssh/sshd_config 3. Find the line Protocol 2, 1 4. Uncomment it and change it to look like Protocol 2 5. Next, find the line PermitRootLogin yes …
How to restrict number of connections per vhost/dir and limit the bandwidth for files
written by SupportPRO Admin
By enabling ‘mod_bw’ module in apache we can control bandwidth in the server for a domain. When you find a domain using bandwidth via apache service and it need to be controlled within a certain limit and on basics of files , we can use mod_bw module in apache.