Website Hosting

Meta

Secure your PHP Settings for a dedicated server.

When it comes to secure your server based on PHP applications you should consider following setting as it’s the one of the main sources for servers and user accounts getting compromised. Thus you need to lock down PHP, securing php and securing php.ini
You need to know how you can edit php.ini file which is the main configuration file for PHP. You need to login into shell and typing in the following:
# php -i |grep php.ini

Turn on safe_mode :
Using Safe mode you can easily lock down the security and functions based on PHP. You can find more details on php safe_mode at PHP.net  where they describe it as , “The PHP safe mode is an attempt to solve the shared-server security problem. It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren’t very realistic, many people, especially ISP’s, use safe mode for now.” Thus its always recommend that you enable safe_mode on your servers, especially in shared environments. Which will stop exec functions and others functions that can easily prevent a security breach.

Disable Dangerous PHP Functions :
There are many cases where servers are compromised due to use of insecure PHP scripts. Such scripts can be considered as an entry point for most hackers thus you should use all such scripts very carefully. PHP has a lot of potential to mess up your server and hack user accounts and even get root access of your server. as a preventive measure just edit your php.in file using following action.
Search the php.ini file for:
disable_functions =
Now add following PHP functions in the above code :  “ disable_functions = dl,system,exec,passthru,shell_exec “  also make sure you Turn off Register Globals within your php.ini file which will ensure you total security for your server.

Posted under Reseller Hosting, Technology Updates, cpanel hosting tips

This post was written by on January 5, 2009

Tags: , , ,

Server protection : APF IP Banning

Most dedicated server owner may experience some kind of user-initiated attacks or DDos attacks for their servers so as precautionary measure you should know few settings using which you can prevent such culprit away from your server.

First of all you need to get reliable dedicated webhost who can offer you secure hardware and services, secondly try to install APF firewall on your server to prevent such unauthorise attacks for your server and lastly you should know how to ban specific IP from accessing your server. This can be somewhat tricky, you need to get IP address which is trying to create problem for your server and once you have manage to get such IP you can easily ban such IP from accessing your server. you just have to add this IP in your APF Firewall setting.
*) Login to your server as root
*) Now you need to add IP which is creating problem for your server Within APF Firewall, you simply need to enter apf –d <ip>
*) By default, rebooting server will resets all your IP bans, thus its always recommend to use APF firewall for your dedicated server – with APF, there is an easy workaround. Just open the deny hosts file scroll to the bottom of the file and paste in the IP address you want to ban.
Just save and exit using Ctrl+X then Y, this will save all edited settings as default.
*) Lastly just restart your APF and thats all you have successfully banned the culprit IP which is hammering your server and overloading it.

468 x 60 a Server protection : APF IP Banning

Posted under Linux cPanel Hosting, Reseller Hosting, cpanel Hosting, cpanel hosting tips

This post was written by on December 27, 2008

Tags: , ,

Server security having SSH access.

Dedicated Server with SSH access can create problems for your server can it can be hacked easily thus as owner of your server you need to protect it from intruders accessing your server. You can follow following steps for securing your server having SSH access.
Its always better and recommended to bind sshd to a single IP which should be different from your serve main IP address and should be on different port then 22.
Just follow below steps for securing your SSH server.

SSH into your server using root as your login. You need to use following command at command prompt :  pico -w /etc/ssh/sshd_config
You need to find following section
#Port 22
#Protocol 2, 1
#ListenAddress 0.0.0.0
#ListenAddress ::
Uncomment and change  #Port 22 to look like Port 3999 (You can choose any 4 to 5 digit port number  as per your choice (49151 is the highest port number)
Uncomment and change  #Protocol 2, 1 to  Protocol 2
Uncomment and change  #ListenAddress 0.0.0.0 to  ListenAddress 198.32.78.112 (You need to use any one of your own IP that has been assigned to your server)

For some reason if you want to disable direct ROOT login you need to follow following instructions :
Find following code :
#PermitRootLogin yes  and uncomment it and make it look like PermitRootLogin no
You need to save this using Ctrl O and then exit using Ctrl X.
Now its time to restart SSH. You can restart SSH using following command at command prompt type: /etc/rc.d/init.d/sshd restart
You need to exit SSH and need to relogin to SSH with new IP and using new port.

Posted under Linux cPanel Hosting, Reseller Hosting, cpanel Hosting, cpanel hosting tips

This post was written by on August 31, 2008

Tags: , , ,

VPS Hosting at:

Categories