1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Server Protection - best practices

Discussion in 'Plesk for Linux - 8.x and Older' started by glennj, May 19, 2006.

  1. glennj

    glennj Guest

    0
     
    I have just upgraded to Plesk 8 after my Plesk 7.5 server somehow was compromised and was actioning UDP attacks! :eek:

    I'm not new to hosting servers, but I'm now concerned about how this happened and how best to prevent it happening again.

    Naturally complex passwords and only opening ports that are being used in the firewall module are all good ideas, but what other good practices are there to protect a server?

    Anyone have a good example of firewall settings for best protection?

    I think this would be helpful for newbies and old hands alike.

    Cheers.
     
  2. eilko

    eilko Regular Pleskian

    28
    73%
    Joined:
    Aug 1, 2001
    Messages:
    468
    Likes Received:
    4
    Location:
    Enschede, Netherlands
    servers are usually hacked by faulty webscripts. I would recommend to use mod_security. See www.gotroot.com for a how to.
     
  3. glennj

    glennj Guest

    0
     
    How about mod_evasive? Anyone use it?
     
  4. phatPhrog

    phatPhrog Guest

    0
     
    mod_security FC4 Plesk 8

    If you are running a Fedora Core 4 Plesk 8 box on Linux the yum repos are already setup in your /etc/yum.repos.d that allow you to install mod_security

    See: http://forum.swsoft.com/showthread.php?s=&postid=144661#post144661

    Like eilko says though, do use gotroot for the rules and information on the mod_security.conf file.

    mod_dosevasive is a bit more to install though.

    You can either get an ASL subscription from atomicrocketturtle or go through the steps to install it yourself. (ART is the better choice)

    If you do it your self, you will have to run

    yum install httpd-devel before you install it.
     
  5. glennj

    glennj Guest

    0
     
    Excellent tips guys...

    I now have mod_evasive installed and mod_security with all the rulesets as mentioned.

    I feel a bit happier now! :D

    If there's anything else worth installing please let me know...
     
Loading...