1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Server Has bee taken offline to reload OS, good security guides?

Discussion in 'Security' started by floodrod, Jun 28, 2007.

  1. #1
    Hackers have rooted my box, so it is currently off line while my hosting company re-loads the OS. Doah!!!
    SEMrush
    Anyway, I was able to find a page with some dedicated server security procedures to run when I first get it back up.. Can anyone recommend any other guides to securing your dedicated server? the one I found is http://www.webhostingresourcekit.com/109.html

    Thanks
     
    floodrod, Jun 28, 2007 IP
    SEMrush
  2. clancey

    clancey Peon

    Messages:
    1,100
    Likes Received:
    63
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Many of the threads in here about servers being hacked contain many suggestions to making your server more secure. One of the bigest problems is that there are several exploits in WordPress and other popular, open source products, which will allow hackers to gain physical access to your machine.

    Some have ways of putting code in postings to forums and other interactive pages which allow them to extract hashed/encrypted user credentials. They are then trying to access the admin account and from there the physical machine. In one thread, a hacker expressed frustration that the name and password for the admin for the PHP program was not able to write to files.

    This suggests that you should never use the same name to administer your computer and your programs. In fact, none of the users/administrators of public PHP scripts should have machine accounts.

    Secondly, I think that you should change the /etc/passwd file to remove shell access from all users who do not need shell access. This is especially true of the "apache" or "www" user. You do so by switching to root and adding ":/sbin/nologin" to the line for all users who do not need to have shell access to the machine -- this is the same as command line access.

    While you are at it, you should limit the users who can use SSH to log into your machine. There are plenty of good descriptions about strengthening and hardening SSH.

    You should harden PHP by installing the suhosin patch

    Directories on your machine should only have the minimum permissions needed. Mostly, there should be no write access except for the owner.

    I have never found a single place which had all ther best ideas for seuriting each part of my servers. I have always had to go to a multitude of places and I have always had to revisit my approach to security to make sure it remained adequet.

    Most important of all -- using Linux does not make you more secure. Most websites are on Linux and thousands are compromised. Open source does not make you more secure. Not all project maintainers act quickly to patch holes and exploits and not all project maintainers are any good at coding, let alone writing secure code. If you are using other people's code, you need to take the time to review it for obvious security gaps and then fix the holes if you intend to continue using the product.
     
    clancey, Jun 29, 2007 IP
  3. eukvps

    eukvps Guest

    Messages:
    56
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Hello,

    It seems that all steps are covered in the link

    If you follow the steps , hopefully it should resolve your issue.
     
    eukvps, Jun 29, 2007 IP