Server security should be on the top of your priority list when you own a dedicated server. So, to have a better security a third party application such as a secured firewall must be installed on your server. But, before that it is necessary to consider how much can you afford to get a secured firewall for your server.

In such a case, you should opt for a Free Open Source Firewall called as CSF (ConfigServer Security and Firewall). CSF is a firewall which is frequently updated and provides lots of options in order to strengthen your server security from well known attacks.

In order to start, restart and flush the CSF rules you need to install it on your server. If you are not sure about the CSF installation, check out the following tutorial:

How to Install CSF (ConfigServer Security and Firewall)?

Once you have successfully installed the CSF Firewall, you can proceed with the Enable, Restart and Flush process.

Enabling the CSF – Enter the following command:

csf -e

Restarting the CSF – Enter the following command:

csf -r

Flushing the CSF Rules – Enter the following command:

csf -f

Related Posts:

• No Related Posts

Snort is a network intrusion prevention and detection system for Unix, Linux and Windows Dedicated Hosting servers. Snort has the ability to perform a real-time traffic analysis and packet logging on IP networks. Most of the people use Snort to detect probes or attacks on server.

Installing Snort – a Network Intrusion Detection System is very easy. Open your command line and enter the following command to download Snort’s latest version “snort-2.9.1.2.tar.gz”.

wget http://www.snort.org/dl/snort-current/snort-2.9.1.2.tar.gz -O snort-2.9.1.2.tar.gz

Extract it using the following tar command:

tar zxf snort-2.9.1.2.tar.gz

Enter in to the directory using the following command:

cd snort-2.9.1.2

Enter the following command:

./configure

The above command configures the makefile, compiles the code, and installs the executable in the appropriate place.

Now, enter the following commands:

make
make install

It will show you the following error if the supported library is not installed.

ERROR! Libpcap library/headers (libpcap.a (or .so)/pcap.h) not found

In order to install the required library, use the following command:

yum install libpcap libpcap-devel

After the library is installed, repeat the following steps:

./configure –with-libpcap-*
make
make install

It will successfully Install Snort on your dedicated Server.

Once the installation is done, copy the <snort-2.9.1.2>/etc/snort.conf file to /etc/snort/snort.conf on your server. Edit the settings according to your requirements.

Later, download the rules from the Snort’s official site and put it in to the /etc/snort/rules folder on your uk web hosting server.

Related Posts:

• No Related Posts

Recently, we have heard a lot of hacking attempts done on to forums. If your forum was hacked, in such a case, what you should do? What do you need to know? This article is created to help you follow the correct steps on the way to relaunch.

You should be clear about one thing, if your business forum was hacked and is attacked by another person from your forum, you are held responsible for such deeds. Hence, it is necessary to quickly initiate countermeasures before you get even into big problems.

Your Forum Website:

First thing you should do is prevent the worst. Lock down your forum website. Following are the reasons to lock your forum:

• Prevent further use by the hacker
• Prevent endangerment of third parties (For example: Trojans)
• Limit the damage to their image

There are various methods to block a project, however the most known and quick method that works best is .Htaccess file. You can simply put a .htaccess file in the root directory of your project, including the following content:

Order Deny, Allow
Deny from all

Backup:

Once you are done putting the .htaccess file, you should immediately take a complete backup of your business forum. This backup also includes a backup of the database. Under any circumstances, you must not create the backups using software that was already installed on your web space. This backup can be used later for analysis, to figure out what gives the hacker access. Furthermore you need the backup as evidence, if one takes into consideration to initiate criminal proceedings.

Set New Passwords:

Make sure you reset all the passwords including FTP, web front-end web host, database, etc… Each and every password much be changed.

Find out How the Forum has been Compromised:

The most important thing ever to figure out is what gives the hacker access. If you do not have the latest forum software installed, that’s for a good place to search. Unfortunately, that is not enough if you only use the latest forum software. Each expansion pack (Mod / Hack) may represent the vulnerability. Since the extensions are usually written to be very bad, do not automatically assume that the latest version of the extension of the security hole is fixed. One reason is that most programmers who write extensions, see this as a hobby and do not have the necessary background knowledge to write security-aware software. It is therefore always practice caution when using extensions. Pay attention to the source of your extensions and refer to the person who created the extensions.

The security hole could also be an unsafe and / or cracked password of the moderators or administrators account. Therefore, it applies to all user accounts that have special privileges to assign a new password. Also, there are some possibilities of CSRF attacks (ie. cross-site request forgery also called as One-click attack) is a kind of malicious exploit of a website whereby unauthorized commands are transmitted from a trusted user of the website.

Backup or Restore Complete Reinstall of the Software:

If a  backup exists, it is enough to have the forum return to normal functionality. The only loss that is present then, is the lack of data between the last backup and the time of compromise. However, you must be aware that the security hole can still exist in the backup that has been taken.

Well, if you have no backups at hand, it looks very much out worse. In such case, the complete re-installation of the software is the only solution. Here I mean not only the forum software itself, but also all the mods / hacks that have been installed. One should not take the risk and trust that the hacker has already changed nothing in the files.

To correct and secure the current installation, you should perform the following things:

Server Configuration

• Install latest version of PHP
• Install latest version of MySQL
• Perform operating system updates
• Always prefer using a Dedicated Hosting platform
• Increase security by Installing Suhosin PHP protection security patch.
• Install ModSecurity. Installing ModSecurity may affect the performance of the server, so it is advised to use a caching system like APC or eAccelerator.
• Disable all unnecessary services

Securing PHP

• Disable PHP extensions
• expose_php = Off
• display_errors = Off
• enable_dl = Off
• allow_url_include = Off
• disable_functions = system, shell_exec, popen, pclose, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, exec, passthru, show_source, ReadFile, escapeshellcmd, escapeshellarg
• One must be careful when disabling these functions, because so many scripts need some of these functions. So you should run tests if PHP applications still work, if one excludes these functions.

Securing MySQL Database Server

• Set password for root user
• Administrators accounts only allow localhost
• Skip database access from external computers to prevent

Securing Apache Web server

• Disable all modules that are not required
• All security-relevant setting should be integrated directly in the httpd.conf, not in .htaccess file

Monitoring Measures:

Once the forum returns to normal and is functioning normally, you should carry out more in the first term monitoring measures. If you wish you can use a special software or use Snort which is a network intrusion detection system as well as modsecurity to derive a comprehensive overview of the occurring events. The monitoring should be performed at least half an year, before it should switch back to “normal status”.

Unfortunately, it is often the case that is due to a lack of backup, the compromised system can disappear entirely from the network. A reconstruction of a business forum or any other project is often no longer feasible – either financially or because of the enormous time and effort. If the user data is gone and you don’t have backup of it, it looks very bad. When you are in this situation again from scratch, then you must not lose hope. But once you know, learn from mistakes, and make sure you backup your data offsite using an offsite backup hosting plan.

Related Posts:

• Points to Consider Before Moving to Dedicated Server
• What Type of Hosting Servers Would Be Better ?
• Tasks You Can Perform When Your Server Runs Perfectly
• What are the Strengths and Weakness of Dedicated Servers ?
• Choosing a Dedicated Hosting Solution ?

Nowadays, more and more companies are using the cloud hosting as a secure solution to keep their data safe and ensure that they can recover the data at any time if required.

Many of the experts in uk web hosting and corporate industry have agreed that this would be the right strategy, to ensure the data security, safety and restoring their data online in just few clicks would be a comfortable solution. But, if security is regularly discussed when talking about these services, we need to be sure about the physical security as well. If the data is sent via a secure connection, then at the other end of the real infrastructure they must meet very specific requirements to be considered perfectly safe (fire, flood, access, electricity, etc.)…

How to ensure the security of data ?

Only if certain criteria are met then the security of data is complete, it’s not just flow in transit. So companies should not hesitate to ask questions relating to the physical security of the data center.

Among other important questions that can be asked are:

• Who has access to server rooms ?
• How to get your does ?
• What happens if there is an situation of fire ?
• Is the data center built in a flood or seismic zone ?
• Do you have redundancy for electrical systems, air conditioning, network lines, etc… in your data center ?

Finally, never hesitate to ask for a document explaining the security measures taken for infrastructure (data center) to prevent disasters.

Related Posts:

• Let Me Help You Find the Cost of Cloud
• VMware Cloud Foundry – An Insight
• Cloud based CRM Software Tool
• Choosing the Right Cloud Hosting Service Provider
• Cloud, As Reliable and Secure as your Home Computer

Most of the times, beginners who opt for dedicated server hosting thinks that their dedicated server will run perfectly in future as well, but they don’t realize that they are fooling themselves. One thing should be remember is that whenever things are going well, it needs to take more care. If you think your dedicated web server is running smoothly without any problems, that is the time you need to perform several tasks to make sure the server runs perfectly in future as well.

There are many things you can do when your server is running quite good such as routine maintenance and increased monitoring. Except these there are few more important tasks that need to be performed.

• Running Updates: If you forgot to run non-critical updates on your web server, now its the time to make sure you run the updates successfully. Never keep the vital security updates on waiting, it might create a security hole which may harm your data.

• Removing Unwanted Files: Never keep any unwanted files on your server. For example, when you remove a specific site from your server, there are some files associated with the site. You should make sure that those items are removed from your server immediately or you must compress them and send them to your backup server. Never keep unwanted stuffs on your server.

• Monitoring Logs: It is always recommended to monitor your dedicated server logs and other important things such as network protocols, web applications and security software’s. By checking the server logs there are possibilities to find something potential that could harm your server and the sensitive data stored on it.

• Running Several Tests: You should keep testing your server through various security tests to ensure the security of your server. You can test all your fancy web applications for XSS (ie. Cross-site scripting). There are many such rootkit software that enables continued privileged access to the server whilst hiding their presence from the administrator of the server. Keep checking the rootkits. Ensure the security of your dedicated server by checking weakness in all the possible ways from passwords to databases.

Related Posts:

• Setting Up a New Dedicated Server
• Dedicated Server Hosting
• UK Dedicated Server Hosting
• Dedicated Servers
• cPanel Server Hosting