All Entries Tagged With: "security"
Changing /cpanel to something else
Issue :
How can you access cPanel like, say, http://domainname.com/xyz ? This is for security purposes.
Solution :
This can be done but not recommended as it would not be of much effect security-wise.
Even if you change it, cPanel/WHM would still run on the standard ports (2082/2083 & 2086/2087) which is known to everyone. If you [...]
How to prevent SFTP users from viewing server files and folders
Issue :
SFTP users can view server files and folders by simply changing the path to ‘/’. How can this be avoided?
Solution :
SFTP means FTP access over SSH.
You will have to chroot the individual users in order to prevent them from viewing files outside their chroot jail.
Normal FTP access has chroot isolation [...]
32 million passwords leaked!
We all know about the huge password breach that happened last month. Click here to read an article on this by Slashdot with some amazing statistics.
Access Denied: Referrer Check
Issue :
Following message occurs every time when trying to connect to an own dedicated server from other servers.
Access Denied: Referrer Check
Functions in cPanel / WHM are available only directly through the cPanel and WHM interfaces or through our XML API. It appears that this request is coming from a referring site and might [...]
Rkhunter and Chrootkit installation
Rkhunter Installation
Rkhunter is a tool used to check trojans, rootkits, and other security problems.
Here are the installation steps:-
root@server1 [~]#wget http://downloads.rootkit.nl/rkhunter-1.2.7.tar.gz
root@server1 [~]#tar -zxvf rkhunter-1.2.7.tar.gz
root@server1 [~]#cd rkhunter-1.2.7
root@server1 [~]#./installer.sh
You can scan the server by using the following command:-
root@server1 [~]#/usr/local/bin/rkhunter -c
You can update the rkhunter database by issuing the following command:-
root@server1 [~]#rkhunter –update
Chrootkit Installation
Chrootkit is a [...]
Security Issue : Apache info being displayed on non-existent pages
Issue :
When an user tries to access a non-existent page or when a new account is created and no index page is uploaded then the following information can be viewed :
Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8 Server at domain.com Port 80
Fix :
Disable the Server Signature via WHM >> Main >> [...]
Nessus : Vulnerability scanner
Nessus is one of the best vulnerability scanning tool available today. It is available free of cost for personal use. It can detect potential vulnerabilities in an individual system or a network.
In the Unix/Linux environment, Nessus consists of two parts :-
nessusd – It is the daemon which does the scanning.
Nessus – the client which controls [...]
PCI Compliance
Today, I am going to discuss how we at InstaCarma were able to help one of our clients in achieving PCI Compliance and hence increase their customer base..
Now, this client is basically a provider of e-commerce based hosting solutions. They deal with plenty of sensitive and important data. Hence, becoming PCI Compliant was mandatory for [...]
Moodle security fix released
Moodle 1.9.5 and Moodle 1.8.9 – update has been released to patch some security issues. Four serious security vulnerabilities (1 critical, 3 major) have been discovered and fixed recently. There are no reported exploits yet, and they do not affect all sites, but still it is recommended hat you upgrade your sites to these latest [...]
