Search found 16 matches
- Wed Aug 22, 2012 7:26 am
- Forum: Control Panel Support Help
- Topic: OpenSSH update on plesk, is it safe?
- Replies: 7
- Views: 10291
OpenSSH update on plesk, is it safe?
Hi, Our server has failed PCI Compliance because the OpenSSH 4.3 is "vulnerable" - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5051 When I run yum update openssh i get the following output: [root@www asl]# yum update openssh Loaded plugins: fastestmirror Loading mirror speeds ...
- Thu Mar 24, 2011 11:03 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
Because if I click on the "Atomic Secured Linux" link in plesk (under "Links to Additional Services") I get an ugly message: This web page is not available The web page at https://xxx.xxx.xxx.xxx:30000/ might be temporarily down or it may have moved permanently to a new web addre...
- Thu Mar 24, 2011 9:08 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
Ok the certificate inside this directory is for a different domain name and it is expired, My control panel certificate is stored in: /usr/local/psa/admin/conf/httpsd.pem and /usr/local/psa/admin/conf/rootchain.pem , however the ssl.conf points to crt files: SSLCertificateFile /etc/pki/tls/certs/loc...
- Thu Mar 24, 2011 8:26 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
Thanks for that info, im performing a malware scan right now as after install i restarted the server too quickly and the scan did not complete (log file was empty) now things are showing up on screen... Another quick question, when I go to my control panel www.mydomain.com:30000 it displays the wron...
- Wed Mar 23, 2011 12:50 pm
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
Is there a way I can scan the server for malware?
- Wed Mar 23, 2011 8:07 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
A quick question, I just installed ASL, what is going to happen to the existing installation of mod security? Should I remove it?
- Wed Mar 23, 2011 7:40 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
Ok my boss just authorised the purchase of ASL, looking forward to seeing how it all works.
- Tue Mar 22, 2011 5:32 pm
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
I installed the latest mod security crs rules, however they stop normal websites from working properly, so its a bit of a nightmare. If i was to purchase ASL yearly subscription would it be better configured for a regular day-to-day webserver? The standard CRS rules are a bit of a nightmare to get y...
- Tue Mar 22, 2011 5:57 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
Right I've installed mod_security and i'm slowly getting through configuring the base rules as at the moment if I turn on the default settings it stops the websites from operating properly. One thing that I have noticed in the logs (vat/log/secure) there are hundreds of these entries - is this norma...
- Tue Mar 15, 2011 10:35 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
I do not have ASL or mod_security is this something that can intercept the attacks?
- Tue Mar 15, 2011 7:07 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
This domain has osCommerce shopping cart, however I have been informed by the developer that all vulnerable parts such as file_manager.php have been taken out.
- Tue Mar 15, 2011 5:59 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
Re: File injection problem
I'm almost 100% certain that the attacks were through some sort of software vulnerability, as all files uploaded appear with the user apache as the owner and anything uploaded via FTP has the domain's username as the owner. So it must be uploaded via some script. I have about 30 of these files I can...
- Mon Mar 14, 2011 9:41 am
- Forum: Control Panel Support Help
- Topic: File injection problem
- Replies: 27
- Views: 21803
File injection problem
Hi, I recently found that files were appearing inside one of domains im hosting. These files looked like some sort of shell hacks, they were somehow injected into my images folder which has file permissions set to 777. After my discovery this I uploaded an htaccess file to stop execution of any scri...
- Thu Jan 06, 2011 4:20 pm
- Forum: Atomic Repository Announcements
- Topic: [atomic] spamdyke 4.1.0-1 / psa-spamdyke 2.4
- Replies: 2
- Views: 7050
Re: [atomic] spamdyke 4.1.0-1 / psa-spamdyke 2.4
Hi there I have just updated and i have a few questions: When I type in yum info spamdyke i get this Installed Packages Name : spamdyke Arch : x86_64 Version : 4.1.0 Release : 1.el5.art Size : 656 k Repo : installed Summary : A drop-in connection-time spam filter for qmail. URL : http://www.spamdyke...
- Fri Dec 10, 2010 6:34 am
- Forum: Control Panel Support Help
- Topic: How to update server using YUM
- Replies: 4
- Views: 5903
Re: How to update server using YUM
Hi, thanks for the info!
One more question - would you update everything at once or break it up into several chunks?
One more question - would you update everything at once or break it up into several chunks?