• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Server Protection - best practices

G

glennj

Guest
I have just upgraded to Plesk 8 after my Plesk 7.5 server somehow was compromised and was actioning UDP attacks! :eek:

I'm not new to hosting servers, but I'm now concerned about how this happened and how best to prevent it happening again.

Naturally complex passwords and only opening ports that are being used in the firewall module are all good ideas, but what other good practices are there to protect a server?

Anyone have a good example of firewall settings for best protection?

I think this would be helpful for newbies and old hands alike.

Cheers.
 
mod_security FC4 Plesk 8

If you are running a Fedora Core 4 Plesk 8 box on Linux the yum repos are already setup in your /etc/yum.repos.d that allow you to install mod_security

See: http://forum.swsoft.com/showthread.php?s=&postid=144661#post144661

Like eilko says though, do use gotroot for the rules and information on the mod_security.conf file.

mod_dosevasive is a bit more to install though.

You can either get an ASL subscription from atomicrocketturtle or go through the steps to install it yourself. (ART is the better choice)

If you do it your self, you will have to run

yum install httpd-devel before you install it.
 
Excellent tips guys...

I now have mod_evasive installed and mod_security with all the rulesets as mentioned.

I feel a bit happier now! :D

If there's anything else worth installing please let me know...
 
You must log in or register to reply here.

Similar threads

Gary W.
Issue Server 500 Error and Plesk inaccessibility due to Full Disk - Prevention tips needed
Replies
3
Views
922
Kaspar@Plesk
Kaspar@Plesk
O
Question New installation: best practices, useful tips, suggests
Replies
9
Views
3K
Kaspar
K
A
Issue Problems with fail2ban
Replies
1
Views
1K
Kaspar@Plesk
Kaspar@Plesk
M
Question Prevent outbound spam from Plesk
Replies
7
Views
3K
Cike76
C
P
Resolved Secure Plesk by subdomain - best practice?
Replies
2
Views
3K
Pleskie
P
Back
Top