Eukhost security

[SirChick]

I think this would be a good idea giving eukhost an edge.

With regards to websites i think new security measures should be added for user security for their sites... i was recently hacked into all my accounts (including banks and lost all my money) and then i preyed they didn't FTP all my php scripts because that would be 3 years worth of work lost in seconds.

So a few cool security options i think should be added:

I'd like to see easy to read logs of what ips connect to my server using FTP or other which store when they connected also and when connection was closed, and also what scripts were edited...this would allow easy roll back on only a few pages rather than a whole website.

Additionally when a FTP wants to copy or move the scripts from the server with FTP it sends an email approval to agree to it.. this would prevent hacks....and also an easy to read log of any IP's that login with our details so i can see any IPs that do not match mine....

This would be wonderful for me as protection like this will save me £££... i do hope eukhost can provide a software on servers for this option it would be fantastic!

[XXxxImmortal]

Hello there sirchick u can easily see what is going on in ur ftp

in cpanel if u go to ftp

and click ftp account

ursite.[COM]:2082/frontend/x3/ftp/accounts_pure-ftpd.html

[com] = the .com but i have to have 5 post to show the link but u get the idea
and download the results log and u can see what all happend and whats going on

hope this helps you

[SirChick]

Yeah but once some one has accessed my files and taken them theres nothing i can do even once i view the logs, thats why a email verification would be nice.

[XXxxImmortal]

you can always install a seperate ftp and configure it to scan through your system so there basically messing with ur default ftp hence cpanel BUT just a thought maybe if u installed a seperate one a diffrent ftp and secure it u will still be able to see it

[-Anti-]

> i was recently hacked into all my accounts (including banks and lost all my money) and then i preyed
> they didn't FTP all my php scripts because that would be 3 years worth of work lost in seconds

What you seem to be describing has nothing really to do with web server security as such.
You most likely had a trojan on your local computer, and someone was being sent your
username/passwords every time you used them, perhaps over a period of weeks.

To prevent this happening again I would:

- never use Internet Explorer (use firefox instead)
- use a GOOD, PROVEN antivirus (currently I use Avira)
- use a GOOD software firewall with HIPS (currently I use Online Armor)
- never run untrusted or cracked downloaded executables on the same computer you bank with
- use Firefox password manager or a virtual keyboard to evade keyloggers
- always log on from a computer you can almost guarantee is clean from viri/trojans

For SERVER security, realise that very few account hacks are done directly through ftp login.
Disable anonymous ftp if possible, and use a very strong password on your ftp account.
That's all you need to do (in conjunction with using a clean computer to log on).

Much, much more important is to have the server's firewall configured properly
(which is usually done by the host for a shared account) and to have up-to-date,
trusted, well-written scripts, that have authors who respond to security issues
when they are found.

> because that would be 3 years worth of work lost in seconds

Does that mean you don't have local backups!? My databases are backed up twice per day, and the files once per week. These are all stored locally. My local computer then has an incremental disk image taken every night to external drive. If you don't have a strategy similar to this, you absolutely will lose your web data at some point in the future.

Apologies to sound so serious, but when you're hit by a trojan as badly as you were (money stolen from your bank!!??), that should have been a wake up call to do some research and understand the security issues affecting your computer and its software, and it doesn't sound as though you've done that at all. For instance, suggesting that someone from your webhost should/could write an add-on 'notification' script for Pure-FTPD/Cpanel/Plesk is quite naive!

[diddleybow]

Its a very good site about discussion of uk based servers

[DPS Computing]

Quote:

Originally Posted by diddleybow

Its a very good site about discussion of uk based servers

A bit early for Christmas is it not?

[WelshTom]

Quote:

Originally Posted by SirChick

I think this would be a good idea giving eukhost an edge.

With regards to websites i think new security measures should be added for user security for their sites... i was recently hacked into all my accounts (including banks and lost all my money) and then i preyed they didn't FTP all my php scripts because that would be 3 years worth of work lost in seconds.

So a few cool security options i think should be added:

I'd like to see easy to read logs of what ips connect to my server using FTP or other which store when they connected also and when connection was closed, and also what scripts were edited...this would allow easy roll back on only a few pages rather than a whole website.

Additionally when a FTP wants to copy or move the scripts from the server with FTP it sends an email approval to agree to it.. this would prevent hacks....and also an easy to read log of any IP's that login with our details so i can see any IPs that do not match mine....

This would be wonderful for me as protection like this will save me £££... i do hope eukhost can provide a software on servers for this option it would be fantastic!

It's evident the cause of this problem wasn't due eUKhost's security, so there is no need to mitigate at eUKhost's end. I think it's a far better idea you improve the security of your computer/network then for eUKhost to outline the actions you've requested. After all, your propositions wont help stop attackers getting your bank password

[DPS Computing]

Quote:

Originally Posted by WelshTom

It's evident the cause of this problem wasn't due eUKhost's security, so there is no need to mitigate at eUKhost's end. I think it's a far better idea you improve the security of your computer/network then for eUKhost to outline the actions you've requested. After all, your propositions wont help stop attackers getting your bank password

Agreed. eUK security has struck the balance i believe between being secure and remaining usable .