vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   General Hosting/Server Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=197)
-   -   best way to secure a server? (https://vborg.vbsupport.ru/showthread.php?t=137371)

FockerFGAA 01-24-2007 03:08 AM
best way to secure a server?
 
i want to minimize the chance of someone hacking onto our site. we run joomla as our front end and we use vbulletin 3.6.4 as our board. i know it depends a lot of mods and such and i try to keep up with the most secure ones, but other than that i am really clueless on how to secure a server. any help would be appreciated.

redspider 01-25-2007 10:43 PM
this how I set my forum "

1. I change the name of admin panel and mod panel .(need to change names also in config.php file on your server)

2. I set access password to those folders.

3. I set my self as UNDELETABLE / UNALTERABLE USERS.

4. I have a very strong password and I dont give it away to no one .

5. I encourage staff on my forum to change passwords and use a strong one .

6. I was careful on who I make part of the staff .

7. I always stay current with latest vb release.

8. I dont allow html post .

9. I dont allow html signature to people I dont know.

10. I make backups every day is done automatic by a cron on server.(is done verly late at night)

11. on the server panel I also use a strong password.
12. my shh password is also a strong one hard to guess .
13. I change shh port to another one and set firewall to let me use that port .

14. since is my server I use some other tools like APF + BFD + DDOS + Rootkit.(this can slow down your server )

my english is bad but I hope you get some ideas .

dsotmoon 01-26-2007 12:44 AM
Quote:
Originally Posted by FockerFGAA (Post 1166174)
i want to minimize the chance of someone hacking onto our site. we run joomla as our front end and we use vbulletin 3.6.4 as our board. i know it depends a lot of mods and such and i try to keep up with the most secure ones, but other than that i am really clueless on how to secure a server. any help would be appreciated.
redspiders suggestions are great, if you dont know how to secure the server itself you should look into having a server management company do it

platinumservermanagement.com
jonesolutions.com
seeksadmin.com

etc etc

firstrebel 01-26-2007 01:38 PM
When I see posts about people getting their server hacked I often wonder if they know about server security. As the last post states, if you don't know then get professional help.

You don't say if it is a *nix or Windows box and what OS and apps will be installed. You will most certainly need to put it behind a firewall.

A server can be very vulnerable if not locked down to the outside world. Weak passwords are the first thing a hacker will go for, and I refer mainly to parts of the server above the web site root and not vB forum user passwords.

Bob

FockerFGAA 01-26-2007 10:40 PM
thanks for the suggestions. ya i dont know how right know, but i am looking at learning how to do everything. currently we are on a basic shared hosting server but we are looking at getting on a vps and if we go that or the dedicated route then i will want to be able to secure the server the best i can. i appreciate the links to those server management companies as well. im preparing for the inevitable instead of waiting until i have to do it all.

s25 01-27-2007 11:08 AM
I would also recommend you to join the security mailing lists which apply to you on security focus it is handy as you get the latest exploits and vulns in your inbox (or at least those that are released)

stinger2 01-27-2007 02:16 PM
nice small tutorial redspider..thankyou

salata 02-02-2007 08:42 AM
Quote:
Originally Posted by redspider (Post 1167332)
this how I set my forum "

1. I change the name of admin panel and mod panel .(need to change names also in config.php file on your server)


i tried doing this the config.php is in forums/includes/config.php? is that the right one?

if so, i checked it and dont know where to make the changes.

salata 02-05-2007 02:24 PM
Quote:
Originally Posted by salata (Post 1172822)
i tried doing this the config.php is in forums/includes/config.php? is that the right one?

if so, i checked it and dont know where to make the changes.
bump

Jon_Simmonds 02-07-2007 07:43 PM
look for the following lines of text in the config.php file (the path you mentioned is correct)
Code:
//        ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
        //        This setting allows you to change the name of the folders that the admin and
        //        moderator control panels reside in. You may wish to do this for security purposes.
        //        Please note that if you change the name of the directory here, you will still need
        //        to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincp';
$config['Misc']['modcpdir'] = 'modcp';
you need to first rename the folders (using a ftp program is probably the easiest way) to something other than what it is, (on my old forum I used admincp->alpha modcp->beta) it does not realy matter what you choose. then edit the config.php and change the admincp/modcp to the new names you chose.

as for server management companies id recommend http://www.acunettmanagement.com/


All times are GMT. The time now is 02:45 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01040 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete