Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

Hosting Discussion > Web Hosting Forums > Hardware and Server Configuration > Three security problems on my server. How do I fix it?
forgot password?



Reply


Old
  Post #1 (permalink)   09-25-2007, 06:26 PM
HD Newbie
 
Join Date: Sep 2007
Posts: 23

Status: nman14 is offline
Ok, I have had three problems in the past. The first was I had someone sending spam emails from my server and the provider shut my server down. ( not even giving me time to make backups) The second problem I have had was a hacker getting into my server and starting to delete many accounts. I rebooted the server and changed the pass before he could get to them all. And the last problem I sometimes have is clients using too much of my servers resources. Now lets get to the questions:

1: How do I stop people from sending spam emails? Is there a way to set how many emails can be sent out in an hour? If so how do I set it? (Cpanel/whm Linux fedora)

2: I had a firewall installed when the hacker got into my server but not BFD. Could this have been the problem? I also had somewhat of a week password. (xxxxxx##) What can I do to prevent this from happening again?

3: How do I limit the amount of recourses an account can use?

any help would be great. Thanks!
 
 
 


Old
  Post #2 (permalink)   09-26-2007, 08:45 AM
HD Wizard
 
Join Date: Sep 2004
Location: Pennsylvania
Posts: 1,628

Status: ANMMark is offline
hello nman14, and welcome to HD.

I will run down through your questions in order.

Q1a: How do I stop people from sending spam emails?

A: If you figure this one out, let us all know.

Q1b: Is there a way to set how many emails can be sent out in an hour? If so how do I set it? (Cpanel/whm Linux fedora)

A: Absolutely. Log into WHM. The first section on your menu on the left should be "Server Configuration". Under that section, click "Tweak Settings". You will find a setting there for: "The maximum each domain can send out per hour (0 is unlimited):". Simply adjust this as you see fit.

Additionally, check the box next to "Prevent the user "nobody" from sending out mail to remote addresses (PHP and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec respectively.)"

Q2: I had a firewall installed when the hacker got into my server but not BFD. Could this have been the problem? I also had somewhat of a week password. (xxxxxx##) What can I do to prevent this from happening again?

A: Firewalls are not the end all of security. Some firewalls can be easily bypassed, and if the hacker can crack your password, there is no amount of Firewall protection that will help you, because a firewall can then be disabled by an experienced hacker. Start with the basics, and make your password stronger. Use letters, numbers, and symbols in your password. These are much harder to crack and can even take brute force attacks decades to determine the correct calculation and formula.

Q3: How do I limit the amount of recourses an account can use?

A: This is done when creating your hosting packages, and can also be done when you edit a user's account via WHM.

The best thing to do is read WHM/CPanel's documentation as it outlines much of this already.
__________________
Mark
NIC™ - Network Innovative Concepts - Get ready for R.A.I.N.
Protect your website from hackers NIC™ - SiteLock
 
 
 


Old
  Post #3 (permalink)   09-26-2007, 03:28 PM
HD Wizard
 
ldcdc's Avatar
 
Join Date: May 2004
Location: Ploiesti
Posts: 3,112

Status: ldcdc is offline
Quote:
The best thing to do is read WHM/CPanel's documentation as it outlines much of this already.
It looks to me like the OP also needs someone to manage that server.
 
 
 


Old
  Post #4 (permalink)   09-27-2007, 05:57 PM
HD Newbie
 
Join Date: Sep 2007
Posts: 23

Status: nman14 is offline
When I say limit resources, I mean Ram and CPU usage. Thanks
 
 
 


Old
  Post #5 (permalink)   09-27-2007, 06:11 PM
HD Wizard
 
Join Date: Sep 2004
Location: Pennsylvania
Posts: 1,628

Status: ANMMark is offline
Similarly, you would login to WHM, and go to the Security section, and then Modify Apache Memory Usage.

This will calculate your memory usage based on past usage, and set new safe limits. Once you do this it will add a few extra lines to httpd.conf which will outline the new limits in bytes, and if you're comfortable editing httpd.conf, you can lower the limits manually, etc.
__________________
Mark
NIC™ - Network Innovative Concepts - Get ready for R.A.I.N.
Protect your website from hackers NIC™ - SiteLock
 
 
 


Old
  Post #6 (permalink)   10-03-2007, 01:26 PM
HD Newbie
 
Join Date: Sep 2007
Posts: 23

Status: nman14 is offline
thanks for the help. Any more info would be great!
 
 
 


Old
  Post #7 (permalink)   10-31-2007, 07:34 AM
HD Amateur
 
Join Date: Sep 2007
Posts: 53

Status: indyamail is offline
I assume you have a dedicated server -

1: How do I stop people from sending spam emails? Is there a way to set how many emails can be sent out in an hour? If so how do I set it? (Cpanel/whm Linux fedora)

-- Spamassasin/MailScanner/ClamAV (Or all 3). for controlling spam.
-- Get your SPF Records done, same for Domainkeys and SenderID
-- WHM Tweak Settings option will let you limit/cap the outbound emails per hour (per domain)

2: I had a firewall installed when the hacker got into my server but not BFD. Could this have been the problem? I also had somewhat of a week password. (xxxxxx##) What can I do to prevent this from happening again?

-- Install CSF Firewall or APF with antidos protection
-- Make sure WHM's security tweaks are all in place and enabled
-- Make sure server is secured or find someone (A server admin) for the same
-- Consist root passwords (or any passwords) using both upper and lower case alphabets, numbers and symbols like ($ or @).

3: How do I limit the amount of recourses an account can use?

-- WHM Reseller Settings
-- CPanel Modify Account
-- WHM - install mod security & mod bandwidth.

Hope this helps.
__________________
IndyaMail.Com - Proud to Be Indian, Proud to Be Worldwide.
IndyaMail VPS, Resellers and Shared Hosting
IndyaMail Email Service
 
 
 


Old
  Post #8 (permalink)   02-14-2008, 07:54 PM
HD Newbie
 
Join Date: Aug 2004
Posts: 34
Send a message via AIM to kevins Send a message via MSN to kevins Send a message via Yahoo to kevins

Status: kevins is offline
Maybe IPSentry, cheap and works great.
 
 
 


Old
  Post #9 (permalink)   02-15-2008, 06:41 AM
HD Wizard
 
Join Date: Sep 2004
Location: Pennsylvania
Posts: 1,628

Status: ANMMark is offline
kevins, I believe the OP was looking for assistance, not product placement, or product/service suggestions.
__________________
Mark
NIC™ - Network Innovative Concepts - Get ready for R.A.I.N.
Protect your website from hackers NIC™ - SiteLock
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: