We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Search found 43 matches
- Wed Mar 11, 2015 8:34 pm
- Forum: General Discussion
- Topic: On demend backup
- Replies: 10
- Views: 8585
On demend backup
Good evening Ladies & Gents,
Is there a way to run a full backup from the command line?
As opposed to having it scheduled?
Thanks,
Ed
Is there a way to run a full backup from the command line?
As opposed to having it scheduled?
Thanks,
Ed
- Sat Feb 28, 2015 2:54 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
Post your idea on bug tracker? I vote for it :) https://bugs.vestacp.com/ Hey skurudo, Yes, submitted as 'idea'... thanks... https://bugs.vestacp.com/responses/admin-account-lock Technically changing ownership of the files (from 'admin') without moving them to another directory should work as well?...
- Tue Feb 24, 2015 8:54 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
Hello there, what we're talking on first page? Yes you are correct 'admin' is sudo with ssh enabled by default. ( unfortunately ) And its totally not obvious for new VestaCP users. "Admin" should be disabled for WEB by default And this to be written on the forehead → "Please don't use admin account...
- Fri Feb 20, 2015 5:01 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
I was wrong. :(((
'admin' = root
Now if php script gets compromised hacker gets full root.
This is alarming.
If any developers read this please respond ASAP
/etc/sudoers
'admin' = root
Now if php script gets compromised hacker gets full root.
This is alarming.
If any developers read this please respond ASAP
/etc/sudoers
- Fri Feb 20, 2015 2:21 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
Will be happy to have Imperio and other Seniors look at this thread. I would be curious to hear their option as well. I already opened a bug/feature request to be able to change "Admin" username after install. Acually I would see 'disable/enable' option for admin as better option. This way it does ...
- Thu Feb 19, 2015 7:03 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
I just checked it seems that 'admin' is not in sudo group by default. But I'm sure there are other risks associated with 'admin'skurudo wrote:But user admin can use sudo and I see there security issue, if we place all your sites under this account and enable ssh for this user (disabled by default)
- Tue Feb 17, 2015 9:32 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
Anytime, when you ready. I will test it on my servers too. Yes, I will setup a box for you tomorrow. We need to test this on the live server Sites on account admin - it's not good idea. I think it's better create new user for sites. If possible one user = one site. Yes, you got me thinking now. All...
- Tue Feb 17, 2015 8:49 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
Can you pm me examles? Let me know when you will need it. I will create a Ubuntu box for your tests for a day or two PHP scripts run from user and isolated by open_basedir. Yes, that's exactl behaviour I expect. If php is penetrated on account 'admin' intruder will stay within 'admin' sandbox. And ...
- Tue Feb 17, 2015 8:02 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
open_basedir can lock shell in site folder I'm not PHP expert so will need to learn more about open_basedir What linux permission level will intruder have by default? How can I test this effectively? Mm... tricky question. You have shell or two for test? Yes I can provide a shell for your tests And...
- Tue Feb 17, 2015 3:13 pm
- Forum: Web Server
- Topic: How-to Protect server and separate accounts?
- Replies: 22
- Views: 20003
Re: How-to Protect server and separate accounts?
skurudo thank you for quick reply.
But if intruder will gain access with php to shell?
What linux permission level will intruder have by default? How can I test this effectively?
And maybe isolate on the linux account level?
Thanks,
Ed
But if intruder will gain access with php to shell?
What linux permission level will intruder have by default? How can I test this effectively?
And maybe isolate on the linux account level?
Thanks,
Ed