Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

forgot password?



Reply


Old
  Post #1 (permalink)   02-20-2012, 11:37 PM
HD Addict
 
Join Date: Oct 2011
Posts: 177

Status: Bullten is offline
Hello All,

Please post what measures you are taking to protect your web server and also post the new threats around.

This will surely help all of us to make changes if we haven't made in past
 
 


Old
  Post #2 (permalink)   02-21-2012, 12:46 AM
HD Newbie
 
Join Date: Jan 2012
Posts: 10

Status: myidealhost is offline
What we are doing for server security!
- By default, we have set all servers to use the latest PHP with
php_suexec enabled along with register_globals turned off. This prevents remote
code inclusion and various code poisoning.
- We are running Apache in chroot-ed environment with suExec.
- We have compiled a secure Linux kernel with grsecurity. This secures the
server against kernel exploits.
- We have sophisticated IDS / IPS systems which block malicious bots
and attackers.
- ModSecurity is installed on all of our shared servers.
- Our server are regulary scanned using rkhunter to identify rootkit
and Trojans.
- The serverspace is scanned using latest updated clamAV.
 
 


Old
  Post #3 (permalink)   02-21-2012, 05:20 AM
HD Newbie
 
Join Date: Jan 2012
Posts: 25

Status: gen.anovlis28 is offline
1) Maintain strong security on the computer that you use to manage your website

2) Choose third party scripts carefully

3) Follow accepted best practices for your website passwords

4) Keep third party scripts up to date

5) Use good security practices for SSH

6) Don't weaken your server's file and folder permissions.

7) Write your own scripts securely

8) Block suspicious activity with .htaccess
 
 
 


Old
  Post #4 (permalink)   02-21-2012, 05:57 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,011
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
we also have ConfigServer eXploit Scanner on all our servers
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #5 (permalink)   02-21-2012, 06:30 AM
HD Newbie
 
Join Date: Feb 2012
Posts: 7

Status: kool.jamespaul is offline
these tips are so awesome, hope my host has all these in mind. however goweb.de is giving me fine service till now
 
 
 


Old
  Post #6 (permalink)   02-21-2012, 10:10 AM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
Due to the nature of security, listing all the procedures that we go through and providing it as an open discussion list to the general public is not something we're prepared to do.

That being said, each of the options listed above are great starting points.
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 
 


Old
  Post #7 (permalink)   02-27-2012, 06:01 PM
HD Master
 
Join Date: Dec 2011
Location: Florida
Posts: 274
Send a message via Skype™ to SolidShellSecur

Status: SolidShellSecur is offline
We don't talk about all that we do, but we do run a series of IDS and rely on ACLs and custom security patches for services and the kernel.

Best security comes from being proactive and watching your logs.
__________________
SolidShellSecurity.com. Providing Quality Support, Secure Hosting and Amazing Services.
STAY ALERT! Sign up for our security mailing list and always know when threats come out.
 
 
 


Old
  Post #8 (permalink)   03-11-2012, 12:57 AM
HD Newbie
 
Join Date: Mar 2011
Posts: 28

Status: John-GH is offline
Keeping in the know of the latest exploits so you can protect yourself is also very important.
__________________
GarrisonHost - Premium High Performance Hosting
Shared Hosting Reseller Hosting [soon] SSL Certificates Domains
cPanel Softaculous Daily Backups Uptime and Money Back Guarantee
Contact Us | http://garrisonhost.com
 
 
 


Old
  Post #9 (permalink)   04-05-2012, 01:04 AM
HD Amateur
 
Join Date: Feb 2012
Posts: 88

Status: webhostpython is offline
Heres a nice tutorial that may help you in securing your server, and more
http://www.whmsecurity.com/linux-sec...-part-1-a.html
 
 
 


Old
  Post #10 (permalink)   04-07-2012, 08:34 PM
HD Addict
 
Join Date: Dec 2011
Posts: 142

Status: storminternet is offline
Here is another thread for checklists and to keep your server protected especially, cPanel servers.

http://docs.cpanel.net/twiki/bin/vie...rverChecklists
__________________
UK-Professional Web Hosting
Web Hosting Solutions | Cloud Hosting | Dedicated Servers
Lifetime Hosting
ISPA Award Winner:2013-Best SME Hosting | 2014-Best Dedicated Hosting
 
 


Old
  Post #11 (permalink)   04-08-2012, 02:17 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,011
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Quote:
Originally Posted by storminternet View Post
Here is another thread for checklists and to keep your server protected especially, cPanel servers.

http://docs.cpanel.net/twiki/bin/vie...rverChecklists
one thing with the cpanel tweeks is to use

Require SSL
Enabling this option requires logins from remote locations to use SSL.

you need an active SSL certificate for your servers hostname, which is no problem, but if you have resellers and master resellers they will not be happy if you enable SSL as it will tell their clients who they host with
as every cpanel/WHM on the server will show the following URL in the browser bar

cpanel: https://hostname:2083
WHM: https://hostname:2087
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 


Old
  Post #12 (permalink)   04-17-2012, 02:11 PM
HD Amateur
 
Join Date: Oct 2011
Posts: 83

Status: qhoster is offline
Firewall and changing the SSH port first from the server's default one.
__________________
QHoster.com - Unlimited-Domain Hosting | Shared & Reseller with cPanel, Softaculous
Managed Linux and Windows RDP VPS - UK, Germany and USA | OpenVPN/PPTP Enabled
Instant setup | PayPal, Moneybookers, AlertPay, Perfect Money, WebMoney ,Bitcoin
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: