Powered by eUKhost®

Announcement

Collapse
No announcement yet.

Prevent Abuse Complaints on your WHM/cPanel Server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Prevent Abuse Complaints on your WHM/cPanel Server

    Dear Users,

    We are into an age where electronic media is ruling the nation without any scope of obstructions. We are completely carried away by this flourishing advancements & technology. Being into Web Hosting industry for few years now & basically dealing with High-End Dedicated Servers & VPS's hosting WHM/cPanel. Its my immense pleasure to underline few points which could prevent your WHM/cPanel Server from being an abuse victim.

    Abuse complaints are of various types. Few of them are listed below.
    1. Spamming -
    2. Phishing -
    3. Port Attack -
    4. DMCA [Digital Millennium Copyright Act] -
    5. DDos attack -

    Please follow below tips to escape from the above mentioned Unnecessary trials.

    1. Spamming >> It sends out mails in bulk quantity to one or no. of recipients at one given time or regular intervals. Well whatever happens on a server or in this world of information Technology does not happen by its own. Each & every things is already scripts or instructed before it is executed.
    >> The very first thing to investigate in this issue would be the mail account by which the spamming is being originated. Please check if that mail account is legitimate under that particular domain or its an unused account which has been compromised & the mail server records are being used by someone remotely to send out spam mails by your server. Remove unwanted mail accounts on the server.
    >> Please check if there is any cron job set for any particular script to run at a particular time which is responsible to send out spam mails.
    >> Timely scan your server with anti-malware scanner or Clamav antivirus on WHM servers to identify Malicious scripts or Trojans on your server is being executed to send out spam mails.
    >> Please use 12-16 digit alphanumeric passwords for any WHM/Cpanel or any Mail account which cannot be hacked easily.
    >> Regularly review your Files & Codes for back door vulnerability especially guys hosting websites with third party applications who are prone to enormous infected plugins. Timely update those plugins as a preventive measure of it.
    >> Disable PHP functions in your systemwide php.ini file to ignore harmful functions to create its own malicious code within the code. Since now-a-days 70-80% websites are hosted on PHP Platform. The document root for the file in WHM/cPanel Server is /usr/local/lib/php.ini
    >> Setup a cron job on your server to regularly scan your server once in a week & send you a report on your mail to review it so that you can immediately take action on it to avoid future in-convenience.

    Please let us know if the above posted helps you in your Day-to-Day Web Hosting Business. This will motivate us to post enough useful information related to all our services.

    You will shortly receive preventive measures on other Abuse related categories.

  • #2
    Re: Prevent Abuse Complaints on your WHM/cPanel Server

    Originally posted by Aiden_Smith View Post
    Dear Users,

    We are into an age where electronic media is ruling the nation without any scope of obstructions. We are completely carried away by this flourishing advancements & technology. Being into Web Hosting industry for few years now & basically dealing with High-End Dedicated Servers & VPS's hosting WHM/cPanel. Its my immense pleasure to underline few points which could prevent your WHM/cPanel Server from being an abuse victim.

    Abuse complaints are of various types. Few of them are listed below.
    1. Spamming -
    2. Phishing -
    3. Port Attack -
    4. DMCA [Digital Millennium Copyright Act] -
    5. DDos attack -

    Please follow below tips to escape from the above mentioned Unnecessary trials.

    1. Spamming >> It sends out mails in bulk quantity to one or no. of recipients at one given time or regular intervals. Well whatever happens on a server or in this world of information Technology does not happen by its own. Each & every things is already scripts or instructed before it is executed.
    >> The very first thing to investigate in this issue would be the mail account by which the spamming is being originated. Please check if that mail account is legitimate under that particular domain or its an unused account which has been compromised & the mail server records are being used by someone remotely to send out spam mails by your server. Remove unwanted mail accounts on the server.
    >> Please check if there is any cron job set for any particular script to run at a particular time which is responsible to send out spam mails.
    >> Timely scan your server with anti-malware scanner or Clamav antivirus on WHM servers to identify Malicious scripts or Trojans on your server is being executed to send out spam mails.
    >> Please use 12-16 digit alphanumeric passwords for any WHM/Cpanel or any Mail account which cannot be hacked easily.
    >> Regularly review your Files & Codes for back door vulnerability especially guys hosting websites with third party applications who are prone to enormous infected plugins. Timely update those plugins as a preventive measure of it.
    >> Disable PHP functions in your systemwide php.ini file to ignore harmful functions to create its own malicious code within the code. Since now-a-days 70-80% websites are hosted on PHP Platform. The document root for the file in WHM/cPanel Server is /usr/local/lib/php.ini
    >> Setup a cron job on your server to regularly scan your server once in a week & send you a report on your mail to review it so that you can immediately take action on it to avoid future in-convenience.

    Please let us know if the above posted helps you in your Day-to-Day Web Hosting Business. This will motivate us to post enough useful information related to all our services.

    You will shortly receive preventive measures on other Abuse related categories.
    2. Phishing - Phishing is an infected or Malware/Trojan contained page or a link mainly found on your websites pages. It's a link between your websites main page & other pages, no matter if its your domain, sub-domain or an add-on domain.
    >> It occurs due to vulnerable third party application plugins which are not updated on time & causes back door vulnerability resulting in infecting your web sites files.
    >> It also occurs due to a weak cPanel/Webadmin panel password. There is always a chance of your account being compromised & the hacker had infected your web files purposely.
    >> A weak account password may lead to innumerable worse consequences. Even a fake mail in your account may consists of a script that leads to Spamming & Phishing.
    >> A server or a VM has lot of ports & services running at one time. You never know which might cause an abuse to the server. So its very important to take special care of Global Ports like 25 for mail, 21 for FTP & 80/443 for HTTP/HTTPS. All these mentioned ports are inter-related to each other & may cause heavy problem if they are not scanned properly & left un-attended due to running services on it.

    I request you guys to please let us know your feed back on the above posts so that we keep on spreading a generalize view on the subject.
    Please be stand by Port attack, DMCA & DDos postings.

    Comment


    • #3
      Re: Prevent Abuse Complaints on your WHM/cPanel Server

      Hello Friends,

      Lets discuss something about
      DMCA [Digital Millennium Copyright Act] - These kind of abuse complaints occur when a similar content of a strangers website starts appearing in your website. Its known as DMCA Abuse complaint. Its mainly happens when a similar code from another website is copied to your web pages knowingly/unknowingly. May be your competitor or a hacker must have done this to trouble your Digital Business.
      >> It happens due to vulnerable functions used in the code to develop the software/application used at your web server. It may also happen due to outdated plugins which needs to be updated regularly if you are using a third party application. These plugins play a very vital role in spreading vulnerability in the code.
      >> As a preventive measure of this, kindly update your applications plugins & regularly check with your website code for any malware/Trojan or any kid of infection.
      >> As I have stated above that all the ports are inter-related to each other so it might cause an issue to another service rather than its own service. May be a mail account is hacked & you have received a fake mail in your account. That mail consists of a script which is meant to infect your host files. As a result you are unaware of the situation & the website slowly & steadily gets infected.
      >> DMCA Copyright issue are more prone towards e-commerce business & shopping carts online. These are dynamic websites & gives us an opportunity to buy online. It has a vast impact on mass so as competitors hosting these kind of sites. So in that case one would never know if your own competitor is trying to get access to your sites by the back door utility.

      We at EUKhost keep an eye on each & every abuse complaint we receive from external network & inform our clients pro-actively to resolve it. We also want to educate our clients to take a step further to avoid it from their end too so that in any case their IP does not get blacklisted.

      Comment


      • #4
        Re: Prevent Abuse Complaints on your WHM/cPanel Server

        One question – you guys use any specific DCIM tool for all these tasks or it goes all manually?

        Comment


        • #5
          Re: Prevent Abuse Complaints on your WHM/cPanel Server

          HI,

          All are servers are based in UK Data centers & they do have their own DCIM tools by which they measure these activities. On the top of it you will be amazed to know that there are end no. of external network associations which continuously monitor traffic to & from the server. Once they see the load on the graph they fetch the IP & inform the owner to stop the fraudulent activity or else they blacklist the IP globally.

          I hope I answered your question.

          Comment

          ban-img
          Working...
          X