Archive for November, 2006
Telnet sends clear text passwords and usernames through logins and should be disabled on all web servers and replaced with SSH.
Some hosting providers are not disabling telnet by default but you should ensure that it has been turned off as it’s a great security risk to your servers. TELNET server listens for incoming messages on port 23, and sends outgoing messages to port 23.
Continue Reading »
Disable Telnet
cPanel/WHM/WebMail Login Script for Multi Servers
There are 2 files involved:
- dologin.php
- login.php
The first file (dologin.php) takes care of redirecting user to the correct server depending on his choice of cPanel/WHM/Webmail. All secure as well as insecure ports are supported. Any port which you don’t want to use, just remove it from the pulldown menu and rest should work without any changes.
Continue Reading »
cPanel/WHM/WebMail Login Script
First, if you already tried to install ImageMagick unsuccessfully, you need to uninstall it for this to work properly. To uninstall ImageMagick, go to your ImageMagick source directory and type:
$ make uninstall
1. ImageMagick needs a few support libraries to install properly. You can check for the header files in /usr/include and /usr/local/include to see if each library is installed. If you don’t find one or all of them then they will need to be installed.
tiff.h
png.h
jpeglib.h
Howto Prevent the IIS SMTP Virtual Server from Relaying E-mail Messages
1) Start Internet Information Services Manager or open the Internet Information Services (IIS) snap-in.
2) Expand Server_name, where Server_name is the name of the server, right-click Default SMTP Virtual Server, and then click Properties.
3) Click the Access tab, and then under Access control, click Authentication.
4) Click to select either or both the Basic authentication and the Integrated Windows authentication check boxes, click to clear the Anonymous access check box (if it is selected), and then click OK.
By doing so, authentication is required before access is granted to the SMTP virtual server. In this case, if the user or computer does not successfully authenticate, the user or computer cannot send mail to the server.
Allowing the root user to login directly is a major security issue, we’ll show you how to disable it so you can still login as root but just not directly, reducing the security issue.
This will force a hacker to have to guess 2 seperate passwords to gain root access.
(you do have 2 seperate passwords for admin and root right?)
What happens is you’ll first need to login as your admin user in SSH, then switch to the super user with the su command to get root.
We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys. If you’re using cPanel make sure you add your admin user to the ‘wheel‘ group so that you will be able to ‘su -‘ to root, otherwise you may lock yourself out of root.
1. SSH into your server as ‘admin‘ and gain root access by su
2. Copy and paste this line to edit the file for SSH logins
$ pico -w /etc/ssh/sshd_config
This is the down and dirty on resolving your “expired license” woes.
Please let us know if you think there should be any additions.
1. Is the license expired?
This is the most obvious cause and simple to verify. Check http://verify.cpanel.net with the server’s IP.
2. Is the server’s hostname a fully qualified domain name?
I like to check this one and the whether the hostname resolves locally with this command:
Continue Reading »
cPanel Expired License Checklist
For those running their own nameservers ONLY!
If your like us, you are probably just about as fed up as us, seeing LAME SERVER appearing in your /var/log/messages file on a daily basis. I get hundreds of these message cluttering my logs daily so here is what you can do to remove their existance.
First, lame server as defined:
If you run a nameserver, you may see an error about a “lame server”. New administrators of DNS servers often ask what this is, what it means, and whether it’s a problem. There is no cause for concern. The lame server is one that is advertised to have authoritative information about a domain, but doesn’t. This can happen in a few different ways, but it’s usually not worth the trouble to track down the administrator of the other domain.
Let’s do it!
Continue Reading »
Howto Remove The Logging of Lame-Server
- May 2007 (1)
- February 2007 (3)
- January 2007 (1)
- December 2006 (15)
- November 2006 (30)
- October 2006 (3)
Loading ...