Usually, some of the open source applications may not function properly as the mod security is enabled on the server. It can be enabled or disabled in both the ways either via .htaccess or from WHM control panel. However its necessary to have ConfigServer ModSecurity Control (cmc) Plugin already installed in your WHM on dedicated server.

In this tutorial we are going to show you Steps to Install ConfigServer ModSecurity Control (cmc) for your WHM:

Step 1: Log in to your dedicated server via SSH using root login.

Step 2: Make sure you download the latest version of ConfigServer ModSecurity Control (cmc) from the following source:

http://www.configserver.com/free/cmc.tgz

Step 3: Untar the GZip’ed Tar format file with the following command:

tar -xzf cmc.tgz

Step 4: Now, change the directory to the extracted folder:

cd cmc/

Setp 5: Simply execute the installer entering the following command:

sh install.sh

Step 6: Once it is installed, you can login to your WHM control panel and scroll to the bottom of the left hand menu and there you will find the “ConfigServer Mod Security”

Where should an SSL be used?

Ideally, where-ever an information is submitted or received to/from the server, an SSL Certificate must be used. It isn’t necessary to use an SSL inorder to secure only the transaction made via credit card. Rather other information such as personal details too are crucial and must be handled efficiently as well.

Incase you accept sign-ups or account logins via. newsletter, you must ensure that the process goes about via. an encrypted channel, ie. using an SSL Certificate.

The following is a list of areas where an SSL Certificate can be used :

• For securing online transactions
• For securing online logins wherein sensitive data is transmitted using web forms and other crucial pages of a website
• For the purpose of securing webmail and other applications such as Microsoft Outlook, Exchange and Office Communications Server.
• For securing workflow and virtualization applications such as cloud hosting platforms.
• For securing the connection between an email client and server.
• For the purpose of securing file transfer such as FTP and https.
• Web Hosting Control panel logins and the activity carried using it can be secured using an SSL Certificate as well.
• Network logins and various network traffic via VPNs can be secured using a Secure Socket layer

If you wish to order an SSL Certificate, please visit http://www.eukhost.com/ssl-certificates.php or speak to our sales representative via. Live Chat

Most of the times many reseller web hosting and vps hosting accounts are begin affected by unauthorised FTP uploads. Unlike vps and reseller hosting, on cpanel hosting accounts we are aware of the domains which are being created and can be altered directly from the systems. However, it is not possible with the vps and reseller hosting accounts as the clients has the flexibility to add any number of domains.

However, we can provide a method in order to secure FTP access to your website for a number of IP addresses or a complete subnet.

Primarily, you need to determine your own IP address first. One of the best way to detect your ip address is to visit www.whatismyip.com website. Once you visit this site it will show your ip address like “Your IP Address Is: xxx.xxx.xxx.xxx”. This is all you need to determine if you are on a static IP address. However, if you are assigned with a dynamic IP address, it means your ip will keep on changing, hence you will need to know the ip addresses you would be assigned.

If you have a static ip address assigned, visit the “Whatismyip” site and click on the “IP WHOIS Lookup” link on the left of the page and then simply click the “Whois Lookup” button. You will see a detailed information about your ip address on the middle of the page. In that information, you should see something like this:

inetnum : 128.0.0.1 – 128.0.0.53

The above figures is the range of the IP addresses you could be assigned.

Now, that you have the possible ip addresses, you can proceed with the following steps.

On your machine, create a file .ftpaccess in a text editor (make sure you put the (.) dot at the beginning of the file name).

If you have a static ip address assigned, put the following content in that file:

<Limit ALL>
DenyALL
Allow 128.0.0.1
Allow 1.2.3.4
</Limit>

The line “Allow 128.0.0.1” should be left in the file as a backup in order to enable you the access to the .ftpaccess file through the Filemanger in the Admin area.

If you are assigned with a dynamic ip address, then you will have to Allow the possible range of ip address based on the example “inetnum: xxx.xxx.xxx.xxx – xxx.xxx.xxx.xxx”. The file contents will look like this:

<Limit ALL>
DenyALL
Allow 128.0.0.1
Allow 1.2.3.
Allow 1.2.4.
Allow 1.2.5.
Allow 1.2.6.
Allow 1.2.7.
</Limit>

Now, as you are done with creating the .ftpaccess file, you just need to upload that file into the httpdocs, httpsdocs and cgi-bin folders on the server. It will restrict all the ip addresses trying to access your site via FTP accept those ip addresses which are Allowed in the .ftpaccess file.

The above change won’t stop blocks on SFTP or WinSCP, if you are going to use only these protocols you could create a file with the following contents.

<Limit ALL>
DenyALL
</Limit>

The above lines will restrict any FTP access to your website. This tutorial is applicable only for the Reseller Web Hosting and VPS Hosting accounts. If you are not familiar with above, you can simply raise a ticket at our support desk and leave the rest on our technical experts.

Port 22 is the default port used by a Linux SSH Server (Open SSH). This is not just known to the server administrators but the hackers and attackers as well. Well incase you have implemented different security measures for your web hosting UK server, then it may not be a concern for you. However, changing the port of your SSH can add to the security of your server.

Changing the default port 22 to something else on your hosting server can be something like preventing the hackers from accessing your server from the front door. Though you should note that this process would not make your server 100% safe from intrusion, but it can definitely keep professional hackers busy with finding other vulnerabilities on the server. Plus it would enhance the SSH Security of Server.

How to change the SSH port of a Linux Hosting Server ?

Step 1 : Login to your server as Root

Step 2 : Look for the sshd_config file (it can be found in /etc/ssh directory) and edit it

vim /etc/ssh/sshd_config

Step 3 : Search for a line that has :

Port 22

Step 4 : Amend the port number with something of your preference.

Note : You must ensure that the new port number is free and isn’t used by any other service.

Step 5 : Once you are sure about the changes, make sure that you Save the file

Step 6 : You may then restart sshd using the following command :

/etc/init.d/sshd restart

Step 7 : Make changes to the firewall with blocking Port 22 and allowing the new Port number used by SSH.

A server holds crucial mission critical data which may range from your different passwords to customer information. It would be your top most priority to keep it secure and away from theft. Furthermore, maintaining its security during the transfer process.

FTP – File Transfer Protocol

From an experienced webmasters perspective, an FTP is considered to be one of the reliable and trusted sources for a usual file transfer process. Most site owners have been using it since long time. Due to its extensive usage, exploiters have found ways of exploiting the weak spots of FTP applications making it an insecure option hence giving rise to a possibility of interception of your data or private password information. This option may cause serious concern to webmasters working on web applications with a live connection or those who run frequent live updates.

SCP – Secure Copy

Few of the alternate solutions can ease your worries with the possibility of data theft during the transfer process. SCP or Secure Copy can be considered for that purpose. It makes use of an SSH for transferring files over the world wide web. As a default feature, Linux servers are pre-equipped with a command line tool for SCP, its graphical clients for Windows can be downloaded here : WinSCP.

SFTP

An alternate option of SFTP can be considered as well. This is another trusted source for carrying out transfer of files in a secure manner. Similar to SCP, SFTP makes use of an encrypted SSH login for secure connections. It can used in combination of multiple widely used FTP clients for example FileZilla.

Despite managing your web hosting UK server on your own, it is strongly suggested to refrain using an admin account for either uploading or downloading files to and from the server. With this, you can avoid the risk compromising your servers security while transferring files. Note that despite using an encrypted medium, your server might still be compromised. Therefore, it is advisable to use a normal account that has restricted permissions for transferring files. Upon completion of the uploading or downloading process, you may log-out and re-login through SSH as root and proceed with moving the files your desired destinations within the server.

You may contact our support department for any assistance required.

HyperVM is a powerful and most flexible virtualization management software, which can be used to manage a server within a cluster of servers. The multi tier, multi-server and multi-virtualization software product allows uk web hosting providers to manage the vps on openVZ platform. HyperVM permits users to manage their virtual private server across the multiple servers.

The Root Password in the HperVM can be changed very easily. Simply, go through the following steps:

Step 1: Login into your HyperVM environment using the login details.

Step 2: An interface will appear, displaying VM Home, Appearance, Graphics and Advanced in the navigation area.

Step 3: In order to change the root password in HyperVM, click on the “Root Password” in “Resources”.

Step 4: A new screen will appear conveying a message for entering a new “Admin password”. Enter the new stong password.

Step 5: Hit the “Update” button to save the settings.

Step 6: The new password will take effect only after you reboot the VPS. On the “Home” screen, Click on “Reboot” from “Power options”.

That’s it ! It will come up with a Successfully updated message.

For those who might not be aware, ModSecurity is an application firewall which helps in protecting the server from various sorts of script exploits that can be found in the web applications. With it, server admins can harden the security of the server, adding an enhanced protective layer to the network firewall.

How to Install ModSecurity on CentOS Dedicated Server ?

Step i : You must fire the below command to add the ModSecurity repository manually

cd /etc/yum.repos.d

Step ii : Proceed further with creating a file called utterramblings.repo

touch utterramblings.repo

Step iii : You must now make amendments to this file with “vi” or “nano” with including the below stated information :

Step iv : Then, run the below command for installing the packages onto your server :

yum install mod_security

This enable you with a functioning version of mod_security installed and can be readily used over your Apache web server.

Step v : Configure mod_security according to your requirements.

The benefits of compiling mod_security in a yum repository is that, it would get updated automatically with the other updates of yum.

For any help and assistance, please contact our 24×7 HelpDesk either via. Live Chat or by sending an email to support[@]eukhost.com.

The /tmp directory present in your Linux web hosting UK server is susceptible to attempted attacks. Despite the fact that its tasks is simply to store the temporary files required by applications, but users with destructive intentions can exploit an under-protected /tmp directory for executing scripts or bots.

How To Harden The Security Of /tmp Directory ?

Users must take the following measures for hardening the /tmp directory
A. Creating /tmp as a different partition : As a default function, the /tmp directory has read, write, and execute permissions set to ON. This is the main reason for the servers vulnerability. You can move it over to a different partition altogether instead of letting it be in the root / partition.By doing this, even if an attacker manages to get an access to the /tmp directory, he wouldn’t be able to get an access to the system files.

B. Setting /tmp as non-executable attributes : You can make /tmp noexec in /etc/fstab. Once done, you should be able to relate it to : /tmp ext3 loop,noexec,nosuid,rw 0 0 . You may read the distribution documentations to get the appropriate settings. It is recommended to take backup of your server before making any amendments to the fstab.

C. Installing ModSecurity on server : ModSecurity is an application firewall which helps in protecting the server from various sorts of script exploits that can be found in the web applications. With it, server admins can harden the security of the server, adding an enhanced protective layer to the network firewall.  With this you would be able to avoid attackers to exploit the web scripts, with which they can gain access to the /tmp.

D. Refraining the use of /tmp for web scripts : Incase if the applications are exposed to the web, you may opt for using an entirely separate and additionally secure temporary directories. You can set fewer permissions to it.

By making these modifications to the default settings, you need to also ensure that none of the applications that are operating over the server face a negative impact. Further, some may face an issue wherein the hosting control panels such as the cPanel might not be able to work efficiently after implementing some of the above settings and amendments.

You may wish to contact your affordable web hosting provider for any assistance required.

Keeping a web server secure from any destruction is something that concerns all the server administrators. Rather it is one of the top priorities of server admins, more than adding features, optimum speed or server optimizations. For any cheap hosting UK provider having customer websites hosted on their servers, there can be nothing more important that keeping their servers secure and in top working condition. Various server security threats exists which can cause harm at varied intensities. Some may just slow down your server without causing any serious destruction while some others can exploit your hosting server’s weak spots and destroy the server entirely.
So, before the destruction happens, we are required to have a way to find it before-hand. RootCheck tool can help you with that, as it has the capability of scanning server ports, logs, rootkits, trojans, and other atrocious activities on a server. It is available for free and is released under the GNU General Public license by Trend Micro. It is a part of OSSEC, which is an open source host-based intrusion detection system.

How to install RootCheck on the server ?

Step i : Access your server using SSH as a root

su

Step ii : Get the latest updated version of rootcheck downloaded onto the server

wget http://www.ossec.net/rootcheck/files/rootcheck-2.4.tar.gz

Step iii : Then you must verify its checksum for security

wget http://www.ossec.net/rootcheck/files/rootcheck-2.4_checksum.txt
cat rootcheck-2.4_checksum.txt
md5 rootcheck-2.4.tar.gz
sha1 rootcheck-2.4.tar.gz

It is important that the entries match the corresponding checkum entries in the text file.
Step iv : Proceed with extracting the contents over the server

tar -zxvf rootcheck-2.4.tar.gz

Step v : Fire the below command for installing RootCheck on your server

cd rootcheck-2.4
make all

Step vi : Run root check.
Once it has completely scanned the server, it would display the results, after which further actions can be taken.

Preventing attacks on your server is one of the most important thing to consider when you have any sensitive information, which you don’t want to share with any one. Security is the most vital concern for any server that connects to the Internet. Once your web server is connected to the internet, you will have to face hackers and attackers trying to compromise its integrity. Whether your server will  attacked or not is a later concern, but what important is that are you ready to defend against it ?

There are many different ways and security measures you can take to prevent attacks from harming your data. The best way is to setup several security layers to defend. If a attacker wants to gain access to your server, he/she only requires to past your firewall or your password. Following are some server security layers which can be applied to your server to prevent attacks on your server:

1) You can use a secure, well configured router in order to prevent attackers trying to breach your server.

2) In terms of physical security, keep server rooms fully equipped with some kind of security systems, so that no one can enter the server room without your permission.

3) Another way is to use a powerful application firewall that can prevent users accessing your website via normal means, like HTTP protocol. An example of application firewall can be “ModSecurity”.

4) Most of times the attackers look for a security hole, so it is always recommended to keep your applications and operating systems up-to-date with latest updates and patches.

5) Detection and prevention software – These days many companies have unveiled various security software’s such as malware and virus detectors, BF Detection, DDoS detection and many other which are very much useful in detecting attacks and preventing them.

6) It is always advisable not to miss the basic security layers when configuring your server. Ignoring the basic security settings could lead you to extreme issues in future. Take your own time, prepare well to defend the attacks and perform update check to receive new updates and patches for your dedicated server operating systems and applications.