1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Please advise

Discussion in 'Plesk for Linux - 8.x and Older' started by manbiz, Feb 13, 2005.

  1. manbiz

    manbiz Guest

    0
     
    Hi all,

    My server was hacked several times as I have installed PLESK 7.5 Reloaded.

    Please advise how to make PLESK more secure and which options to choose in hosting setup for less risk.


    Thanks for time,

    Michael
     
  2. Whistler

    Whistler Guest

    0
     
    1) What server OS do you use?

    2) I seriously doubt that it's Plesk that's your security hole, but more some OS dependent problems with software, passwords etc.
     
  3. manbiz

    manbiz Guest

    0
     
    Thanks for reply.

    I'm using REDHAT 9.
     
  4. NightStorm

    NightStorm Guest

    0
     
    Install a firewall.
    Look into APF (It's a firewall plugin that makes configuration easier, and more dependable)
    BFD (Brute Force Detection) by the same people as APF. It will detect multiple failed login attempts, and block the users IP.
    mod_dosevasive (will help to prevent httpd attacks)
    mod_security (will protect your http server from various exploits, and will therefore increase server security)
    DISABLE DIRECT ROOT ACCESS
    ^^^^^^ That one is a big one. By disabling direct root access, no user will be able to log into the server as root, unless they are ALREADY logged in as another user (you can specify which users should be permitted access in the ssh configurations). You'll want to read up on this, but trust me when I tell you it is one of the very first things to look at. In fact, you could even go deeper to only allow SSH access from your IP (assuming you're static) and your datacenter... this will assure almost no access to the SSH, and through that, make root access extremely difficult.
    Enable password security features in Plesk. This will compare various passwords to a dictionary file of common words and make sure that the password is not going to be easily guessable.
    Always use the latest possible versions of software. This includes forums (the latest php exploits targetted phpBB specifically).
    Turn off wget. I don't care how, just do it. Make it owned by root and chmod it to 700, or rename it... I don't care, but make sure no one but you can use it.Rootkit hunter. Find it. Use it.
    Telnet is evil. KILL IT.
    Here... a quick walkthrough... read through it, and it will help.
    http://forum.ev1servers.net/showthread.php?s=&threadid=30333
    The only thing I would not do in there (other than the cpanel thing) is delete admin. You don't want to do that, as admin is a user based in Plesk, and it will break your control panel... so leave admin alone.
    Oh yeah... don't give shell access to anyone that you would also not give access to your house, car, wife, and wallet.
     
  5. manbiz

    manbiz Guest

    0
     
    Thanks NightStorm.

    Your reply was very informational and helpful. I appreciate this.



    Michael
     
  6. ylon

    ylon Basic Pleskian

    23
    23%
    Joined:
    Apr 28, 2007
    Messages:
    39
    Likes Received:
    0
    NightStorm, I noted in a previous post of yours that you say that APF/BFD is not compatible with Plesk 7.5, yet in this thread you are recommending it. Has the issue been resolved?

    The previous post I saw from you is at:
    http://forum.sw-soft.com/showthread.php?s=&threadid=20002&highlight=BFD

    Thanks much as I'd like to lock things down a little better.
     
  7. phoenixisp

    phoenixisp Silver Pleskian

    27
    57%
    Joined:
    Feb 2, 2002
    Messages:
    840
    Likes Received:
    0
    ylon - in the post you refer to, Nightstorm never said the APF and BFD combo was incompatible with Plesk 7.5 - he said it was incompatible with the Plesk firewall module. You can still use APF and BFD you just have to turn the Plesk firewall off.
     
  8. ylon

    ylon Basic Pleskian

    23
    23%
    Joined:
    Apr 28, 2007
    Messages:
    39
    Likes Received:
    0
    Thanks, that clears it up. I did not consider disabling it.

    Also, after reading through the quick howto at:
    http://forum.ev1servers.net/showthread.php?s=&threadid=30333

    and digging into the conf.apf, it appears that things have changed. To add all of the inbound and outbound ports do I edit the ingress/egress ports in the conf or do I edit another file such as in the vnet directory that is mentioned in the comments?

    I'd like to keep this as simple as possible and I just have one network interface on this server.
     
Loading...