After deciding to opt for a dedicated server, you may think, what should be the next step ? There are lot of things to do, but not all of the tasks are necessary to implement immediately. Following is a list of actions you need to perform in first few hours on your new dedicated server.

1) There are some possibilities that your new server may not have the latest operating system updates.  You may also need to install a preferred operating system by yourself if you have purchased the server, which will require necessary updates. If you have leased a managed dedicated server from a uk web hosting provider, then your provider may have install the updates as well. But, sometimes they may imagine that you need a server with standard install, without any latest updates. So, check for latest OS updates.

2) Before adding any data on your server, make sure you have applied correct security measures such as installing a good firewall, malware software, etc… For more information about securing your server, go through this article: How to prevent and secure your server against attacks ?

3) Determining various networking settings is important as well. The settings includes nameserver settings, default DNS settings, server hostname settings, etc…

4) Though you are the whole sole owner of the server, but you may change your mind in future and allow other users to access your server. Assuming that, you need to set user policies so that the access to server is limited accordingly.

5) Ensure that you server is completely scalable, so that in future even if you plan to host resource intensive applications, you have enough space to host it. Also, you need to plan your hosting resources according to your website future growth. In future, you may wanted to host multiple mission-critical websites, so be ready and planned for it.

6) Make sure you choose a good control panel to manage your server. The control panel should be able to install the most compatible software’s such as Apache and MySQL. Choose a control panel that has a user-friendly interface.

7) One of the most important things you should always do is to backup your data all the time either on daily or weekly basis. Even if you it won’t need it, still backup everything on your server. For better data security, investing in offsite backup plans is worth. The offsite backup hosting plan ensures that your data is always secure on an offsite server.

8 ) Don’t forget to setup system, port and website monitors. Setup email alerts that can be sent to your email or cell phone if something goes wrong in your server.

9) Keep updating yourself with latest server technology and tips, which will help you to optimize your server for better performance.

Related Posts:

• Dedicated Servers Backup Hosting Solution
• Business Continuity and Data Backup
• 5 Advantages to go for Dedicated server hosting
• Why web businesses needs dedicated hosting
• What is IP address, subnet mask and gateway

Public & Private Cloud Security

“Cloud”, not just a term anymore, it has shaken the entire IT world and is now being considered to be the future computing methodology. A lot of research is being done in this area at almost every levels. Based on the Gartner Analysis, by the year 2013, the revenue generated through cloud is expected to cross $150 billion. There has been an increasing number of companies that have plunged into this field and are working towards further securing the cloud hosting offerings. From an IT persons perspective, there cannot be an environment that would be 100% secure. But, yes, certain security measures can be taken when switching over to cloud and analyzing the security threats at different levels. Switching over to a cloud can instead be considered to be better secure than the traditional in-house solutions. When opting for a cloud hosting (Public as well as Private Cloud ) alternative offered by a company, it is necessary to consider the security protocol’s they use with their service offering and weighting this a level higher than the price at which these solutions are offered.

Security Concerns about Public Clouds

With regards to the cloud hosting environment, specifically with public cloud, an end user customer gets to experience an environment that is largely automated. The users can upload and control the applications and data placed in the cloud environment.

There exists a large difference in the visibility and the control that is achieved with Public and Private Cloud solutions. One needs to give up a certain extent of control over the processing location when using the public cloud. Whereas with private cloud, there are lesser number of individuals that share resources but have a better control. Certain recommended practices can be adopted by an organization to manage the security related threats when using both the cloud hosting environments.

Best Practices of Cloud Hosting

Constituting the identity management controls can be considered as an important first step. Every member in an organization must adhere strictly to the rules laden for password creation protocols. It is quite disturbing to see the large number of individuals using passwords that are very easy to guess/crack, for example: abc123, password, qwerty etc. To add more to the surprise is its use at the highly sensitive data access points.

The information can be stored at a single location by implementing LDAP controls and administering the credentials.

Once this process is adhered within an organization, one can get onto analyzing the tasks that have been outsourced to a third party firm. It is your responsibility as a business owner, to ensure that the third party firm to whom you’ve outsourced the tasks, follows your security protocols and helps you keeping your mission critical data safe from leaking out to unwanted sources. You must look for a provider that uses the most reliable data encryption tools for keeping your data safe and secure. They must also be capable for making use of the latest and most trusted firewalls and intrusion detection and alarming system with their solution offerings.

Judicial Aspects of Cloud Storage

Various legal constraints comes bundled with data storage, specifically about the personally identifiable information or PII. Despite the fact that the data is placed in the Cloud, the rules are still applicable on the servers geo-locations. Few nations alike the one’s in Europe, have laden strict data security norms which poses limitations to the data storage locations and to the destination where it can be moved. Hence opting for a Cloud Hosting provider who is well aware of these rules and regulations and adheres to it as well, should necessarily be chosen.

Choosing the Right Cloud Hosting Partner

A number of different SME’s have started to try their luck by offering Cloud hosting and computing services. These necessarily need not have the essential expertise, skilled professional staff or required hardware peripherals. Therefore, it is your duty to ask the potential service provider certain queries and faq’s which can make you aware about their knowledge, expertise and their market standings. Also check for the locations where the company is operational and the locations of their backup servers, ideally the dc should be at a safer distant location to handle disaster recovery requirements if needed.

Summary :
Choosing a reliable Cloud provider who is known to have implemented the standard security measures for public, private cloud as well as shared cloud can be beneficial for your business website to achieve a safer experience. The host should be efficient and willing to adapt to newer and better tools of secure storage and management for their Cloud offerings. Additional and improved security measures should be adopted as and when they are released by the related technology vendors. This should help you keep your data safer in the clouds and safeguard your customers data from thefts and leaks, hence ensuring optimum trust and security.

Related Posts:

• Security in a Cloud
• Private Cloud – An Ideal Business Solution
• Cloud for SME-Small or Medium sized Business
• An Evaluation of the Private Cloud vs Public Cloud
• Is the Cloud Hosting Secure?

PHP stands for Hypertext Preprocessor is a powerful and popular server-side scripting language which is used for serving dynamic web pages. It is very simple to code and debug and supports several databases like MySQL, MS SQL and Oracle.

But, have you ever pondered that some of the PHP functions can be very dangerous for your server and data stored on it ?

When the PHP code is used in an improper way or any insecure php code, potentially it can messed up with a web hosting server and can simply be hacked by hackers. Insecure PHP code can literally harm your server data at the level you cannot even imagine it.

Using the insecure PHP code, as a security hole hackers could enable some very dangerous and powerful PHP functions and can take control over your web hosting server. There are many such php function which should be disabled in the PHP configuration file. Let’s check out the functions that should be disabled in the php configuration file right away on your web server.

Following is a list of dangerous php functions:

apache_child_terminate
apache_setenv
define_syslog_variables
escapeshellarg
escapeshellcmd
eval
exec
fp
fput
ftp_connect
ftp_exec
ftp_get
ftp_login
ftp_nb_fput
ftp_put
ftp_raw
ftp_rawlist
highlight_file
ini_alter
ini_get_all
ini_restore
inject_code
mysql_pconnect
openlog
passthru
php_uname
phpAds_remoteInfo
phpAds_XmlRpc
phpAds_xmlrpcDecode
phpAds_xmlrpcEncode
popen
posix_getpwuid
posix_kill
posix_mkfifo
posix_setpgid
posix_setsid
posix_setuid
posix_setuid
posix_uname
proc_close
proc_get_status
proc_nice
proc_open
proc_terminate
shell_exec
syslog
system
xmlrpc_entity_decode

On the cPanel servers where PHP handler is configured to use DSO, PHP runs under nobody ownership. This may become a security hole and create major issue if you have given 777 permission. The 777 permission enables the “nobody” user to read, write and execute the file. So, its better to be careful with the permissions.

It is always recommended to set the permission to 755, so that no one can edit or change the files. The PHPsuexec function disallows the php scripts to run as 777 permissions and the files cannot be read as well. This function should always be enable for ensuring the maximum security.

PHP functions such as “exec” and “system” are always used to execute the external programs. Even a shell command can also be executed. If these two functions are enabled then a user can enter any command as input and execute into your server. The user can also delete all of your data simply by giving “rm -rf *” command. Even the user can enter any command simply by using (;) in the argument area. Thus, it is better to disable the “exec” and “system” functions in your php.ini configuration file.

Enter the following command in ssh to find your php.ini file:

root@server [~]# php -i | grep php.ini

Mostly, you will get it in the /etc/php.ini directory or you may also get in /usr/local/lib/php.ini

Enter the following command to edit the file using your favorite editor. I have used VI editor here:

root@server [~]# vi /etc/php.ini

Search for the following text “disable_functions” in the php.ini file.

disable_functions: is a directive used to disable the insecure php functions.

Once you find the “disable_functions” directive in the configuration file, modify the disable_functions=”” as shown below:

disable_functions = “apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, mysql_pconnect, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode”

The above mentioned changes can be applied on both Linux as well as Windows servers.

Once you modify the php.ini configuration file, you will need to restart the Apache web server on Linux server and IIS web server on Windows server for changes to take effect.

After disabling the above dangerous php functions, you may encounter a problem with your web applications. For example: when you disable the “shell_exec” and visit Fantastico in the cPanel, you may see the below error:

Warning: shell_exec() has been disabled for security reasons in /tmp/cpanel_phpengine.*.* on line *

In this case, you should run the following from SSH:

/scripts/makecpphp

The above command will install a copy of PHP to use with the cPanel/WHM backend and its addons like Fantastico.

Related Posts:

• How to choose a best hosting solution?
• Importance Of Having Highest Quality Web Hosting UpTime
• Consider Some Of The Advantages Of Using Dedicated Web Hosting Solution | Part 2
• Consider Some Of The Advantages Of Using Dedicated Web Hosting Solution | Part 1
• Dedicated Web Hosting Services | Part 3

When it comes to the servers security, it basically has to do with the firewall and the filters connecting the servers. Its the responsibility of the server administrator to blacklist the spammers, close the unnecessary ports and block the unwanted connections. On a day-to-day basis, there are a lot of malicious activities and brute force attacks that a server faces, you can check such activities in the servers logs. Hence the server and your data is constantly under threat if it isn’t protected with a reliable firewall.

One of the most trusted and a highly reliable Firewall is CSF or ConfigServer Security and Firewall. This can be easily integrated with WHM/cPanel and is widely preferred by hosting providers to protect the Linux hosting servers.

This Firewall is supported on the following Linux distros:

• RedHat v7.3, v8.0, v9.0
• RedHat Enterprise v3, v4, v5 (32/64 bit)
• CentOS v3, v4, v5 (32/64 bit)
• Fedora Core v1 to v14(32/64 bit)
• openSUSE v10, v11 (might need custom regex patterns for certain functions )
• Debian v3.1, v4, v5, v6 (might need custom regex patterns for certain functions )
• Ubuntu v6.06 LTS, v8.10, v9.10, v10.04 LTS, v10.10 (might need custom regex patterns for certain functions )
• Mandriva 2009, 2010 (might need custom regex patterns for certain functions )
• Slackware v12.2 (might need custom regex patterns for certain functions )
• Gentoo (might need custom regex patterns for certain functions )

Moreover CSF is compatible with :

• Virtuozzo (need appropriate iptables configuration on host server )
• VMware
• Xen
• VirtualBox
• OpenVZ (need appropriate iptables configuration on host server )
• MS Virtual Server

Features of CSF – ConfigServer Security and Firewall for Linux

1. Straight-forward SPI iptables firewall script
2. Daemon process that checks for login authentication failures for:

• Courier imap, Dovecot, uw-imap, Kerio
• openSSH
• cPanel, WHM, Webmail (cPanel servers only)
• Pure-ftpd, vsftpd, Proftpd
• Password protected web pages (htpasswd)
• Mod_security failures (v1 and v2)
• Suhosin failures
• Exim SMTP AUTH
• Custom login failures with separate log file and regular expression matching

3. POP3/IMAP login tracking to enforce logins per hour
4. SSH login notification
5. SU login notification
6. Excessive connection blocking
7. UI Integration for cPanel, DirectAdmin and Webmin
8. Easy upgrade between versions from within cPanel/WHM, DirectAdmin or Webmin
9. Block traffic on unused server IP addresses – helps reduce the risk to your server
10. Alert when end-user scripts sending excessive emails per hour – for identifying spamming scripts
11. Suspicious process reporting – reports potential exploits running on the server
12. Suspicious file reporting – reports potential exploit files in /tmp and similar directories
13. Directory and file watching – reports if a watched directory or a file changes
14. Block traffic on the DShield Block List and the Spamhaus DROP List
15. BOGON packet protection
16. Pre-configured settings for Low, Medium or High firewall security (cPanel servers only)
17. Works with multiple ethernet devices
18. Server Security Check – Performs a basic security and settings check on the server (via cPanel/DirectAdmin/Webmin UI)
19. Allow Dynamic DNS IP addresses – always allow your IP address even if it changes whenever you connect to the internet
20. Alert sent if server load average remains high for a specified length of time
21. mod_security log reporting (if installed)
22. Email relay tracking – tracks all email sent through the server and issues alerts for excessive usage (cPanel servers only)
23. IDS (Intrusion Detection System) – the last line of detection alerts you to changes to system and application binaries
24. SYN Flood protection
25. Ping of death protection
26. Port Scan tracking and blocking
27. Permanent and Temporary (with TTL) IP blocking
28. Exploit checks
29. Account modification tracking – sends alerts if an account entry is modified, e.g. if the password is changed or the login shell
30. Country Code blocking – Allows you to deny or allow access by ISO Country Code
31. Port Flooding Detection – Per IP, per Port connection flooding detection and mitigation to help block DOS attacks
32. DirectAdmin UI integration
33. Updated Webmin UI integration
34. WHM root access notification (cPanel servers only)
35. Newly added in version 5: lfd Clustering – allows IP address blocks to be automatically propagated around a group of servers running lfd. It allows allows cluster-wide allows, removals and configuration changes
36. Newly added in version 5: Quick start csf – deferred startup by lfd for servers with large block and/or allow lists
37. Newly added in version 5: Distributed Login Failure Attack detection
38. Newly added in version 5: Temporary IP allows (with TTL)
39. Newly added in version 5: IPv6 Support with ip6tables

How to Install CSF (ConfigServer Security & Firewall) ?

You must have an SSH access of the server first of all. Dedicated Hosting, Cloud Hosting, VPS Hosting servers offer you with this access.

Step a : SSH into your server
Step b : Download CSF from “http://www.configserver.com/free/csf.tgz”

wget http://www.configserver.com/free/csf.tgz

Step c : You must now extract the downloaded file

tar -xzf csf.tgz

Step d : Upon extraction, you must proceed with installing csf using the following command

cd csf
sh install.sh

Once it has been installed, you can find it under the WHM’s menu >> Plugins >> ConfigServer Security&Firewall.

Upon accessing the CSF page, you must proceed according to the guidelines given by the wizard. You must now configure the Firewall level depending on your requirements. Once done, please turn On the CSF from the Firewall Configuration and set “TESTING” to 0.

Related Posts:

• No Related Posts

Various methods of server hacking, cracking, malwares, spamming, virus infections etc. still exists in our highly advanced online industry. Though, there are various steps that the server administrators take to avoid unethical activities on their servers, yet attackers and individuals find some or the other ways to carry out their destructive tasks. But its not always true that every attacker and hacker possess the necessary skills and take away the credit for fooling the server security measures taken by the administrators. There are occasions when due to some sort of human error, the server administrator have left a loop hole during the process of server hardening and have left-out some section on the server,weak. The attackers are always in search of such weaknesses to barge into the server and the network. Even a newbie server administrator is expected to know about these weaknesses and work on it accordingly.

Below listed are few common areas where admins usually lack or might miss out :

A. Simple passwords

Most web server administrators set simple to guess passwords to their servers, foolishly assuming that no-one has the time to guess it or attack their servers. They may be partially correct, though the hackers of the new generation waste no time in trying to guess the passwords, rather they are equipped with better software’s that run few permutations and combination’s. If such a software is able to guess the password of your server, the result is a heavy loss and destruction of your data, which you might never ever be able to retrieve.

Hence it is highly suggested to choose a password that is tough to be guessed. Password encryption can be one of the methods to avoid anybody from guessing your password.

B. Exposed Root account

As most of you must be aware, the root account allows the complete control over the server, it is utmost important to keep if safe and away from anyone’s reach.

C. Test or Guest accounts

If you wish to offer a test account to someone whom you wish to make the performance of the server known, then offering it for a limited period of time is advisory. But, if you have offered such an account created on a dedicated hosting server with all the rights, then you are inviting trouble for yourself as there are an estimated six billion hackers active in the online world today. Though if you do have a guest account, you better have it strengthened with a strong password as well.

D. Sacrificial lamb scripts

Previously, when online security was still in its phase of evolution, almost all the out-of-box server installation used to come with a form mail script that was considered to be secure (ofcourse now we know that it was just an assumption). Surprisingly, such scripts are still being used till today. Hence, one must get assured that such scripts are detected, neutralized and deleted forever from the server.

Related Posts:

• No Related Posts