Paranoid security

[jc8654]

The way I would suggest doing it would be to have some kind of forum entry or similar saying something like if you are having security/error issues with a CMS find more info here. Basically, in that section say google the program name and the error - that's the way I normally find out what the issue is as there are too many programs out there for support to know how to fix them all...

[eUKhost.com]

Quote:

Originally Posted by jc8654

The way I would suggest doing it would be to have some kind of forum entry or similar saying something like if you are having security/error issues with a CMS find more info here. Basically, in that section say google the program name and the error - that's the way I normally find out what the issue is as there are too many programs out there for support to know how to fix them all...

Yes.

All senior staff members from our support department have started posting list of common errors on our internal forum. We will make one single article out of all those errors and include link to that article in welcome email for new customers.

[DPS Computing]

Good idea Jonathan. Google is God for sorting out problems!

[vladimir]

Quote:

Originally Posted by jc8654

The way I would suggest doing it would be to have some kind of forum entry or similar saying something like if you are having security/error issues with a CMS find more info here. Basically, in that section say google the program name and the error - that's the way I normally find out what the issue is as there are too many programs out there for support to know how to fix them all...

In two of the three cases there were no errors reported by the server and in the third case the error was rather unhelpful 403. I wouldn't complain if mod_security or suhosin reported anything but they didn't.

[DPS Computing]

Quote:

Originally Posted by vladimir

In two of the three cases there were no errors reported by the server and in the third case the error was rather unhelpful 403. I wouldn't complain if mod_security or suhosin reported anything but they didn't.

Unfortunately that is down to the developers of the respective software and not eUKhost .

[eUKhost.com]

try searching any error in google with following keywords :-

site:.eukhost.com "your error comes here"

You will find solution for every error on our forums. We will be adding a search box on our website which will take you to all articles on our forum related to the error.

[DPS Computing]

Sounds like a great idea Mark. I will definitely use that feature .

[jc8654]

I think I'll still use Google as it includes eUK as well as other sources of info.

[DPS Computing]

Quote:

Originally Posted by jc8654

I think I'll still use Google as it includes eUK as well as other sources of info.

Other sources?? Other websites???....

lol

[Richard]

Well I'm just posting a short message to test the paranoid security. It says "Welcome back Richard" at the top so i should be logged in. Last time I posted a quick reply I got told I wasn't logged in.

[Richard]

Why does this box tell me to "Please click one of the Quick Reply icons in the posts above to activate Quick Reply." when if I click on a quick reply button I get taken to the full fat reply page, and quick reply seems to be activated anyway?

Anyway back to the topic. I've had a full raft of problems with mod_security, mostly since switching to a reseller package. These include getting locked out every time I tried to execute an admin function on my forum (Perl, not php), and not being able to access my sites from one browser. These were eventually resolved and my sites have been running smoothly for some time. However I have to agree with Vladimir that the security measures were a bit heavy handed and needed to be backed off quite a lot.

One of my sites did get hacked but I think that was a straightforward ftp login hack and I have now set a stronger password.

[eUKhost.com]

Hi Richard,

mod_security has been designed to block execution of insecure code and there's nothing that can be done to force mod_security to block insecure code of one application and allow similar code of other. We have tweaked mod_security to allow applications which can never result in hacking of websites through browser based injection, but mod_security won't stop mysql or ftp based injections. We have different set of rules in my.cnf and csf.conf to prevent mysql or ftp hacking. What happened before couple months with all those FTP password hacking attempts was due to weak passwords set on some shared hosting accounts. We had to disable main cpanel account FTP access on most of our cpanel shared hosting servers due to this problem.

We now have better protection against such FTP hijacks and our servers are safe enough against the browser based or mysql injections due to the high level of security we have on our servers.

It hardly takes some time to remove bad code from your website, but it takes long time to recover lost data once your website gets hacked and the backup you get turns out to be 1 week old.