bob on April 29th, 2008
Here is the method by which you can secure & optimize VPS/VDS
Checking for formmail:
Form mail is used generally by hackers to send out spam email, by relay and injection methods. If you are using matts script or a version of it, you may be in threat.
Command to find pesky form mails:
find / -name “[Ff]orm[mM]ai*”
CGIemail is also a security risk:
find / -name “[Cc]giemai*”
Command to disable form mails:
chmod a-rwx /path/to/filename
(a-rwx translates to all types, no read, write or execute permissions).
(this disables all form mail)
If someone on your vps installs form mail, you will have to let them know you are disabling their script and give them an alternative.
Root kit Checker (rkhunter or chkrootkit)
Check for a root kits via a cron job, by doing this you will regularly check if your server is comprised, and you will be sent regular reports.
To install chkrootkit, login to the server as root and on the command line interface type:
cd /root/
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar xvzf chkrootkit.tar.gz
cd chkrootkit-0.47
make sense
To run chkrootkit, type the following on the CLI:
/root/chkrootkit-0.47/chkrootkit
To ensure the highest level of security setup a cronjob that emails you the results on a regular basis.
Setup Email on Root Login (to detect breaches)
If an some one unauthorized gains access to root, you want to be notified - you can do so by doing the following while logged into root:
cd /root
vi .bash_profile
Add the following line:
echo ‘ALERT - Root Shell Access on:’ `date` `who` | mail -s “Alert: Root Access from `who | awk ‘{print $6}’`” your@email.com
Where your@email.com is your email address.
Save an exit vi: :wq
To change the SSH Legal Message (displayed when you login via SSH), edit /etc/motd to display the message you wish to show.
Securing WHM and cPanel:
By default cPanel/WHM is not setup securely and efficiently, so you will want to optimize the cPanel/WHM settings by doing the following:
Go to: Server Setup -> Tweak Settings
Under Domains tick:
· Prevent users from parking/adding common internet domains (hotmail.com, aol.com, etc)
Under Mail tick:
· Attempt to prevent pop3 connection floods
· Default catch-all/default address behavior for new accounts - set this to FAIL
Under System tick:
· Use jailshell as default on new accounts
Go to: Server Setup -> Tweak Security
· Enable php open_basedir protection
· Enable mod_userdir protection
· Disable compilers for unprivileged users
Go to: Server Setup -> Shell Fork Bomb Protection
· Enable shell bomb/memory protection
When creating reseller packages, be sure to:
· Disallow creation of packages with shell acces
· Disallow creation of packages with full root access
Go to: Service Configuration -> FTP Configuration
· Disable anonymous FTP access
Go to: Account functions -> Manage Shell Acess
· Disable shell access for all users (except yourself)
Go to: MySQL -> Manage Root Password
· Change Root Password for MySQL
Go to: Security -> Quick Security Scan for Trojan Horses, and make sure you don’t have any of the following infected:
· /sbin/depmod
· /sbin/insmod
· /sbin/insmod.static
· /sbin/modinfo
· /sbin/modprobe
· /sbin/rmmod
Update OS and Software:
If you are running cPanel:
· Update cPanel: /scripts/upcp
· Update Apache: /scripts/easyapache
If you are not running cPanel:
· Update OS and software: yum upgrade
General OS Security (do not need to be running cPanel):
Restict SSH access:
For improved security
bob on April 16th, 2008
centOS freely available linux distribution based on Red Hat Enterprices Linux which is 100% binary compatible with the upstream product and within its mainline and update. It is very stable and great Operating system to work with.
Check here the process to upgrade from CentOS 3.3 to 3.4 using yum;
First step, download
rpm -ivh http://mirror.centos.org/centos/3.4/os/i386/RedHat/RPMS/centos-yumcache-3.1-0.20050105.3.noarch.rpm
rpm -Fvh http://mirror.centos.org/centos/3.4/os/i386/RedHat/RPMS/centos-release-3-4.2.i386.rpm
yum update
Your yum config should look something like the following:
[main]
exclude=mod_ssl* httpd* perl mysql* php* #this is mainly for cpanel servers
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
[base]
name=CentOS-$releasever - Base
baseurl=http://beta.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
#released updates
[update]
name=CentOS-$releasever - Updates
baseurl=http://beta.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
baseurl=http://beta.centos.org/centos/$releasever/addons/$basearch/
gpgcheck=1
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
baseurl=http://beta.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
#centosplus repo - updated packages that extend beyond rhel release versions
#run auto update with this repo enabled only if you know you want extended functonality
#[centosplus]
#name=CentOS-$releasever - CentOSplus
#baseurl=http://beta.centos.org/centos/$releasever/centosplus/$basearch/
#gpgcheck=1
#packages in testing
#[testing]
#name=CentOS-$releasever - Testing
#baseurl=http://beta.centos.org/centos/$releasever/testing/$basearch/
#gpgcheck=1
To avoid any problem for upgrading it is recommended that you backup of your /etc/named.conf file before upgrading.
bob on April 9th, 2008
You may face cPanel/WHM RNDC error, you need to fix the NDC error before your name servers work, the RNDC error is normally common now however you can easily fix it with couple of steps as metntioned below;
Fixing RNDC error in WHM/cPanel (ndc: connection failed: connection refused)
It is somewhat a common occurrence in cPanel to receive such an error as rndc:
connect failed: connection refused
To get your name servers working, you will need to get rid of this error, it
is quite a simple fix and can be completed in a few minutes via the
standard cPanel /scripts, check these following steps;
1. Login to your server as root via SSH
2. Run: /scripts/updatenow
3. Run: /scripts/fixndc
This will fix your problems some of the time, but if it does not, do the
following steps:
1. Login to your server as root via SSH
2. Run: vi /etc/rndc.conf (or vi /etc/namedb/rndc.conf on FreeBSD)
replace all instances of “rndc-key” with “rndckey”
3. Run: vi /etc/named.conf (or vi /etc/namedb/named.conf on FreeBSD)
replace all instances of “rndc-key” with “rndckey”
4. Run: /scripts/fixnamed
5. Run: /scripts/fixndc
6. If you received an error in the last step, run /scripts/fixndc another
time.
7. Restart named (on RH this is service named restart)
Hope this will fix the problem, in case if you have still any problem, you should consider visit the cpanel forums, or contact directly to the cpanel technical support for more help or assistance.
bob on March 28th, 2008
The navigation of a website should be a major part of a website since your websites navigation should meet the expectations of people, here are few point you should consider while designing your website.
* Design your pages to load in less than 5 seconds on a 56K modem.
* Group your navigational options in relevant categories.
* Use common names for your menu options: Home, About Us, Contact Us, Help, Products. Avoid “clever” or “trendy” alternatives.
* If your site uses Flash, provide also an HTML version for users who prefer a less fancy, faster site.
* Provide simple text navigation links at the bottom of long pages, so users don’t need to scroll back up.
* Link your logo to your homepage, except in the homepage itself. Put a link to your homepage on all your internal pages.
* Display a “breadcrumb trail”; it is basically the path from the homepage to the page where you are. A breadcrumb trail looks like this: Home > Section > Sub-Section > Page, and it greatly facilitates navigation.
* If your site is too big, provide Search capabilities. Include a search box in the upper right corner of your homepage, and a link to a Search page from your interior pages.
* Set your search box to search your site, not to search the web.
* Create a custom error page that displays a simple site map with links to the main sections of your site. this is the way, you will not lose visitors that have followed a bad link to your site or who have misspelled your URL while typing.
bob on March 28th, 2008
Here are the list of shopping cart software both in open source and paid service;
ABC Estore
AbleCommerce
AbleCommerce
AbleCommerce (ASP.NET)
AbleCommerce (Cold Fusion)
A-CART Pro
Actinic Business
Actinic Catalog
Actinic Developer software
Actinic Order Manager
Advanced Cart
AFCommerce
Affiliate Guerrilla
Agora Cart
ampleShop
AShop Deluxe
AShop Deluxe 3-Domain License
ASPCart
AspDotNetStorefront ML
AspDotNetStorefront Pro
AspDotNetStorefront Standard
Avactis Shopping Cart
Avetti Commerce
BakeSale
Bizar Shop
BlueCart
BugMall
BusyBeeCart
BVC 2004 Enterprise
BVC 2004 Express
CactuShop
CandyPress Store Administration
CandyPress™ Store Administration
CandyPress™ Store Frontend
Captures
Cart Genie
Cart32 Enterprise Edition
Cart32 Free Edition
Cart32 Small Business Edition
CartIt Commerce System
Cartweaver 2
Cartweaver2 (Cold Fusion)
CATALooK.net Store Pro
cf_ezcart
CFWebstore
Charon Cart 3
Cigtek
ClearCart
ClickCart
ClickCartPro
clicshop
Clockwatchers Free
Clover Shop Lite
Clover Shop Pro
Clover Shop Ultralite
Clover Shop Ultrapro
Comersus Cart
CometMall e-Store
Commerce.cgi
CommerceV3
CRE Loaded
CS-Cart shopping cart software
CubeCart
CyberOffice (CyberShop)
CyberStrong eShop
Dansie
digiSHOP
EasyCart
eCart Professional
Ecommerce Templates (ASP)
Ecommerce Templates (PHP)
Ecommercemax Online Retail Store
Edit-X Ecommerce
EROL
EShoppingPro
Evolve eCart
Evolve Merchant
Ezimerchant Professional
fipsShop light
Fortune3 E-Commerce Wizard
Free PayPal Shopping Cart
FreeWebshop.org
GetPaid
GoECart
Hassan Consulting’s Shopping Cart
Hazel Enterprise
Heavy Metal
iisCART2000
Interchange
IntLink E-commerce
Kickasp Delux Shopping Cart
KonaKart
LetMeShop
Lite Commerce
LoadedAU
Magento
MagicWay Shopping Cart
Mal’s e-commerce Shopping Cart
Mcart 2005
MetaCart e-Shop V-8
MetaCart Free
MetaCart2
MetaCart2 for SQL Server
Midicart ASP Complete
Midicart ASP Designer
Midicart ASP Plus
Midicart PHP
Midicart PHP Complete
Midicart PHP Designer
MiniShop
MIVA Merchant 5
MMK Cart Affiliate e-commerce Suite
Mountain Commerce
MX Kart
NOP’s Free Shopping Cart
OpenCart
oscMall
osCommerce
PayPal Shopping Cart
PDG Commerce
PDG Shopping Cart
PDshop Asp.Net Edition
PDshopPro Advanced
PDshopPro Plus
PDshopPro Standard
PepperCart
PepperCart Basic
PHP Shop
PHP Simple Shop
PHPBasket
phpCart
Pinnacle Cart
ProductCart
ProductCart Build To Order
Q-Shop Pro
Quick.Cart
QuickEStore
QuikStore
RealCart
SalesCart PRO
SearchFit
SecureNetShop
Shop a la Cart
ShopDotNet
Shopping Cart
Shop-Script FREE
Shop-Script PREMIUM
Shop-Script PRO
ShopSite
ShopZone Professional
SiteDirector
Smilehouse Workspace Small Business
SoftSlate Commerce
Squirrelcart
StaticCart
StoreFront Advanced Edition (AE) Software
SunShop
SurfShopPRO
TopShopper Classic
Tradingeye
Trolleyed Lite
uShop
uStorekeeper
VevoCart
ViArt Shop
ViArt Shop Free
VIP Cart
Volusion Ecommerce Licensed Version
VP-ASP
Web+Shop
WebCart
WebGenie Shopping Cart Professional
WEBMASTERCART
WebStores 2000
X-Cart Gold
X-Cart Pro
XSE
Zen Cart
Feel free to add more shopping Cart..
