January 2010 « SYDHOST.NET

Shared, Virtual or Dedicated hosting?

Most people’s needs fit into our popular shared hosting solution, it is quite affordable, fast and stable, however, resources are shared among users and this has drawbacks in terms of performance and configuration flexibility. For example, if your application has a specific server requirement you should not expect the shared server to be re-configured to [...]

How to remove mail accounts

There is no problem to remove any added email accounts.

To delete a mail account, simply click on the [X] button next to it.

You will be taken to a page which asks you for confirmation. Click on Yes to delete the account.

Create Email Accounts

You can easily create e-mail accounts from your hosting account Control Panel (cPanel). Here is what you need to do:

Step 1: Log into your cPanel

Step 2: Once at the main page, click on the Email Accounts icon.

Step 3: In the fields provided, type the name of the account, the password and the disk [...]

Install BFD (Brute Force Detection – optional)

To install BFD, SSH into server and login as root.

At command prompt type:
cd /root/
wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz
tar -xvzf bfd-current.tar.gz
cd bfd-0.4
./install.sh

After BFD has been installed, you need to edit the configuration file.

At command prompt type:
pico /usr/local/bfd/conf.bfd

Under Enable brute force hack attempt alerts:
Find
ALERT_USR=”0″
and change it to
ALERT_USR=”1″

Find
EMAIL_USR=”root”
and change it to
EMAIL_USR=”your@email.com”

Save the changes then exit.

To start BFD

At command prompt type:
/usr/local/sbin/bfd -s

Modify LogWatch
Logwatch [...]

More Security Measures

These are measures that can be taken to secure your server, with SSH access.

Update OS, Apache and CPanel to the latest stable versions.
This can be done from WHM/CPanel.

Restrict SSH Access
To restrict and secure SSH access, bind sshd to a single IP that is different than the main IP to the server, and on a different [...]

Web Host manager and CPANEL mods.

These are items inside of WHM/Cpanel that should be changed to secure your server.

Goto Server Setup =>> Tweak Settings
Check the following items…

Under Domains
Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)

Under Mail
Attempt to prevent pop3 connection floods
Default catch-all/default address behavior for new accounts – blackhole
(according to ELIX – set this to FAIL, which [...]

Install a root breach DETECTOR and EMAIL WARNING

If someone does happen to get root, be warned quickly by installing a detector and warning at your box. You will at least get the hackers/spammers ip address and be warned someone is in there.

Server e-mail everytime someone logs in as root

To have the server e-mail you everytime someone logs in as root, SSH into [...]

Root kit checker – http://www.chkrootkit.org/

Check for root kits and even set a root kit on a cron job. This will show you if anyone has compromised your root. Always update chrootkit to get the latest root kit checker. Hackers and spammers will try to find insecure upload forms on your box and then with injection methods, try to upload [...]

Checking for formmail

Form mail is used by hackers to send out spam email, by relay and injection methods. If you are using matts script or a version of it, you may be in jeopardy.

Command to find pesky form mails:
find / -name “[Ff]orm[mM]ai*”

CGIemail is also a security risk:
find / -name “[Cc]giemai*”

Command to disable form mails:
chmod a-rwx /path/to/filename
(a-rwx translates [...]

SECURING CPANEL – WHM – AND ROOT on a VPS

This will help but as mentioned in previous posts, with a VPS you do not have access to your kernal. That is good in some ways, because if you don’t have access to it, neither to hackers or spammers (which limits what they can do). Its bad in ways, because you lose control and if [...]

Our Products

Data Centre

Partners

Software Links

Vendors