Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
  #1  
Old 24 Jan 2007, 05:08
FockerFGAA FockerFGAA is offline
 
Join Date: Dec 2006
best way to secure a server?

i want to minimize the chance of someone hacking onto our site. we run joomla as our front end and we use vbulletin 3.6.4 as our board. i know it depends a lot of mods and such and i try to keep up with the most secure ones, but other than that i am really clueless on how to secure a server. any help would be appreciated.
__________________
A Sports Fan?
Then try the place where the fans voice matters: FVSports.com
Reply With Quote
Comments
  #2  
Old 26 Jan 2007, 00:43
redspider's Avatar
redspider redspider is offline
 
Join Date: Jul 2005
this how I set my forum "

1. I change the name of admin panel and mod panel .(need to change names also in config.php file on your server)

2. I set access password to those folders.

3. I set my self as UNDELETABLE / UNALTERABLE USERS.

4. I have a very strong password and I dont give it away to no one .

5. I encourage staff on my forum to change passwords and use a strong one .

6. I was careful on who I make part of the staff .

7. I always stay current with latest vb release.

8. I dont allow html post .

9. I dont allow html signature to people I dont know.

10. I make backups every day is done automatic by a cron on server.(is done verly late at night)

11. on the server panel I also use a strong password.
12. my shh password is also a strong one hard to guess .
13. I change shh port to another one and set firewall to let me use that port .

14. since is my server I use some other tools like APF + BFD + DDOS + Rootkit.(this can slow down your server )



my english is bad but I hope you get some ideas .
Reply With Quote
  #3  
Old 26 Jan 2007, 02:44
dsotmoon dsotmoon is offline
 
Join Date: Jun 2003
Originally Posted by FockerFGAA View Post
i want to minimize the chance of someone hacking onto our site. we run joomla as our front end and we use vbulletin 3.6.4 as our board. i know it depends a lot of mods and such and i try to keep up with the most secure ones, but other than that i am really clueless on how to secure a server. any help would be appreciated.
redspiders suggestions are great, if you dont know how to secure the server itself you should look into having a server management company do it

platinumservermanagement.com
jonesolutions.com
seeksadmin.com

etc etc
Reply With Quote
  #4  
Old 26 Jan 2007, 15:38
firstrebel's Avatar
firstrebel firstrebel is offline
 
Join Date: Dec 2005
Real name: Robert Isaac
When I see posts about people getting their server hacked I often wonder if they know about server security. As the last post states, if you don't know then get professional help.

You don't say if it is a *nix or Windows box and what OS and apps will be installed. You will most certainly need to put it behind a firewall.

A server can be very vulnerable if not locked down to the outside world. Weak passwords are the first thing a hacker will go for, and I refer mainly to parts of the server above the web site root and not vB forum user passwords.

Bob
Reply With Quote
  #5  
Old 27 Jan 2007, 00:40
FockerFGAA FockerFGAA is offline
 
Join Date: Dec 2006
thanks for the suggestions. ya i dont know how right know, but i am looking at learning how to do everything. currently we are on a basic shared hosting server but we are looking at getting on a vps and if we go that or the dedicated route then i will want to be able to secure the server the best i can. i appreciate the links to those server management companies as well. im preparing for the inevitable instead of waiting until i have to do it all.
__________________
A Sports Fan?
Then try the place where the fans voice matters: FVSports.com
Reply With Quote
  #6  
Old 27 Jan 2007, 13:08
s25 s25 is offline
 
Join Date: Dec 2005
I would also recommend you to join the security mailing lists which apply to you on security focus it is handy as you get the latest exploits and vulns in your inbox (or at least those that are released)
Reply With Quote
  #7  
Old 27 Jan 2007, 16:16
stinger2's Avatar
stinger2 stinger2 is offline
 
Join Date: Jul 2005
nice small tutorial redspider..thankyou
Reply With Quote
  #8  
Old 02 Feb 2007, 10:42
salata salata is offline
 
Join Date: Nov 2003
Originally Posted by redspider View Post
this how I set my forum "

1. I change the name of admin panel and mod panel .(need to change names also in config.php file on your server)


i tried doing this the config.php is in forums/includes/config.php? is that the right one?

if so, i checked it and dont know where to make the changes.
Reply With Quote
  #9  
Old 05 Feb 2007, 16:24
salata salata is offline
 
Join Date: Nov 2003
Originally Posted by salata View Post
i tried doing this the config.php is in forums/includes/config.php? is that the right one?

if so, i checked it and dont know where to make the changes.
bump
Reply With Quote
  #10  
Old 07 Feb 2007, 21:43
Jon_Simmonds Jon_Simmonds is offline
 
Join Date: Nov 2005
look for the following lines of text in the config.php file (the path you mentioned is correct)

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

you need to first rename the folders (using a ftp program is probably the easiest way) to something other than what it is, (on my old forum I used admincp->alpha modcp->beta) it does not realy matter what you choose. then edit the config.php and change the admincp/modcp to the new names you chose.

as for server management companies id recommend http://www.acunettmanagement.com/
Reply With Quote
  #11  
Old 07 Feb 2007, 21:58
houseofpolitics houseofpolitics is offline
 
Join Date: Dec 2006
oo thanks
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 20:08.

Layout Options | Width: Wide Color: