Leasedlayer.com
Member
What are security aspects should be considered by the Hosting Providers while providing the services to the clients?
Security Aspects for Hosting Business
- Thread starter Leasedlayer.com
- Start date
1) Ensure the customer is who they say they as far as possible.
2) Ensure customers cannot see each others files or usernames (that includes processes) on your systems.
3) Use something like CSF+LFD to keep hackers out.
4) Ensure they cannot upload malware or viruses, through httpd, ftp, ssh etc.
5) Have a "strong" password policy.
2) Ensure customers cannot see each others files or usernames (that includes processes) on your systems.
3) Use something like CSF+LFD to keep hackers out.
4) Ensure they cannot upload malware or viruses, through httpd, ftp, ssh etc.
5) Have a "strong" password policy.
24x7server
New member
Hi,
There are several things that has to be planned out and applied.
1. Spamming:
2. Log monitoring.
3. Regular full server scanning --> Helps to find malicious scripts or infections.
4. Checking the backup status.
5. Secure your server to make it hard to be hacked --> Hacking the most and foremost security point.
There are several things that has to be planned out and applied.
1. Spamming:
2. Log monitoring.
3. Regular full server scanning --> Helps to find malicious scripts or infections.
4. Checking the backup status.
5. Secure your server to make it hard to be hacked --> Hacking the most and foremost security point.
NetworkPanda
New member
First of all, use an anti-fraud system to prevent as many fraudulent orders as possible. MaxMind and FraudRecord are necessary. They will save you from a big number of fraudulent customers, spammers and customers who will attempt to host malware or phishing sites.
Then, run every day a full virus scan on the server. Check the exim log for messages with subject which looks spam. Restrict access to SSH ports only to trusted IP addresses, change the default SSH port and use SSH keys to login.
Then, run every day a full virus scan on the server. Check the exim log for messages with subject which looks spam. Restrict access to SSH ports only to trusted IP addresses, change the default SSH port and use SSH keys to login.
These are a few security tips.
1) Using Fraud Protection
2) Using Firewall such as CSF and configuring it precisely.
3) Using Exploit Detector such CXE
4) Using Anti-Virus such as ClamAV
5) Hardening PHP and disabling functions that can be used by shell scripts
6) Changing SSH Port
7) Hardening Web Server such as disabling SymLinks and using SymLinksIfOwnerMatch instead
Please keep in mind considering very very high security level such configuring firewall very restrictively may cause issues with accessibility and confortability foryour customers. Customer confortability is an important aspect of hosting.
1) Using Fraud Protection
2) Using Firewall such as CSF and configuring it precisely.
3) Using Exploit Detector such CXE
4) Using Anti-Virus such as ClamAV
5) Hardening PHP and disabling functions that can be used by shell scripts
6) Changing SSH Port
7) Hardening Web Server such as disabling SymLinks and using SymLinksIfOwnerMatch instead
Please keep in mind considering very very high security level such configuring firewall very restrictively may cause issues with accessibility and confortability foryour customers. Customer confortability is an important aspect of hosting.
A web hosting company should aware of,
1) A working & most secure Firewall protection.
2) Server configuration should be good to stop the known hacking
attempts.
3) Upload file types & should have an eye on all the uploaded files so
that any disaster can be stop.
4) Should have strong password policies and limit to unauthorized login
attempts
5) Should have a close eye on Email Blacklists if they found something
malicious from emails sent out through our servers.
6) Anti DDOS/SYN attack policy must be strong.
1) A working & most secure Firewall protection.
2) Server configuration should be good to stop the known hacking
attempts.
3) Upload file types & should have an eye on all the uploaded files so
that any disaster can be stop.
4) Should have strong password policies and limit to unauthorized login
attempts
5) Should have a close eye on Email Blacklists if they found something
malicious from emails sent out through our servers.
6) Anti DDOS/SYN attack policy must be strong.
King-Servers
New member
Its major responsibility of web hosting service provider to manage and provide quality services to client. It includes server updates, monitoring, block attacks, recognize spamming, using strong password policies, firewall security etc.
interservermike
Account Disabled
Major Malware Threats Facing Web Hosting Providers
- FTP credential compromise
- Web application vulnerabilities
- Outdated CMS vulnerabilities
- Insecure server configurations
- Third party add-ons
HostZealot
Member
In reply to all voters for FraudRecord. We implemented this module, but it is REALLY overrated, incomplete and inconvenient. Manual processing of each order and manual check of existing database consumes way too much time and effort. A little automation would make this module much better and greatly more popular.
IkY0294
HD Addicted
Keeping security tight and most of all secured is a very important thing all around ..
Keeping scripts and software up to date with the latest version out can help prevent yourself from being a target for hacks..
Ensure all clients use strong long passwords that include numbers , letters and symbols lowercase and high case.
Make all clients change their passwords every 3 months or so.
If you have WHMcs go and read their guide on how to secure it by changing directory name for admin cp and even moving some files around what not changing someethings.
Always remove files from your site that you no longer need or have no use for it.
Always do fraud checks on clients you don't want to provide service to a hack where he can be using the service and in the same time finding a back door to bring down your business.
There are a lot and I mean a lot more tips and tricks to perform to ensure that your site is safe. But theres always a way for a hacker to get into your site or do what ever they want you just need to ensure that you are able to make it hard for them so that then they can try and quit or not try at all.
Keeping scripts and software up to date with the latest version out can help prevent yourself from being a target for hacks..
Ensure all clients use strong long passwords that include numbers , letters and symbols lowercase and high case.
Make all clients change their passwords every 3 months or so.
If you have WHMcs go and read their guide on how to secure it by changing directory name for admin cp and even moving some files around what not changing someethings.
Always remove files from your site that you no longer need or have no use for it.
Always do fraud checks on clients you don't want to provide service to a hack where he can be using the service and in the same time finding a back door to bring down your business.
There are a lot and I mean a lot more tips and tricks to perform to ensure that your site is safe. But theres always a way for a hacker to get into your site or do what ever they want you just need to ensure that you are able to make it hard for them so that then they can try and quit or not try at all.
brentpresley
New member
In addition to network security, keep in mind that some of the clients you host can get you into trouble, even if you keep your nose clean.
We found this out when the department of homeland security came knocking with a warrant for a server of a client of ours.
No joke, took over 2 years to get that server (minus hard drives) back.
We found this out when the department of homeland security came knocking with a warrant for a server of a client of ours.
No joke, took over 2 years to get that server (minus hard drives) back.
Completely agree with this. It's a great system if it could only be automated and improved in the right ways. Our sales team have picked up a few fraudulent orders using Fraud Record. We still use other systems this is just something we've implemented for additional security.
AlliedHost
New member
- Not to mention using a very stable set of modsec rules to ensure stupid "hacks" cannot be used. This also helps control the outbreak of hijacking of sites with outdated scripts and poor coding.
EnveraHost
New member
Something that hasn't been added is stopping customers from getting IP's blacklisted. This is very important and also tells you if customers are misusing IP's for email spam, hacking etc.
Alex - A2 Hosting
Active member
Out of the box it can be very difficult to simply 'stop' clients getting IPs blacklisted. An email relay can be added though (we use MailChannels) which does a good job at this though.
easyhostmedia
Well-known member
If a client or even you have an email verification email set up, and a recipient has then your verification email will bounce back and the same with their causing a loop and this will continue until 1 party stops it. This can be picked up by either mail server as spam and get the other IP blacklisted.
This is something that is difficult to stop unless you dont have a verification system in place
This is something that is difficult to stop unless you dont have a verification system in place
-
HostingDiscussion
A community for web hosting professionals and enthusiasts, since 2002.
