Search found 990 matches
- Thu Apr 19, 2018 10:03 am
- Forum: General Discussion
- Topic: Server hacked: I found these, please advice how to deep scan and detect any vulnerabilities
- Replies: 2
- Views: 109
Re: Server hacked: I found these, please advice how to deep scan and detect any vulnerabilities
Well, the information you gave is not complete... Was only one site hacked or you find multiple sites hacked? It looks more like an insecure site being targetted for malware injections. You can: 1. Restore your site from a backup and then secure it. 2. Use Clamscan or Maldet to check your site files...
- Wed Apr 18, 2018 7:15 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 535
- Views: 31563
Re: Got 10 VestaCP servers exploited
while this is ofc some good advice and true that it is dangerous to have them open, i got hacked with disabled exec and shell_exec. system, passthru, proc_open and popen was enabled? Luckily, I had only one server hacked with gcc.sh shit, I was able to clean the infection without a format. This ser...
- Tue Apr 17, 2018 8:47 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 535
- Views: 31563
Re: Got 10 VestaCP servers exploited
I, personally, have one question for all administrators whose server got hacked. Did you disabled dangerous PHP functions (like shell() and exec()) with "disable_functions" in php.ini ? Well, I did not disable them...BUT I also have a counter question: Vesta's internal PHP is different than systemw...
- Tue Apr 17, 2018 12:52 pm
- Forum: General Discussion
- Topic: Lets encrypt issue
- Replies: 2
- Views: 62
Re: Lets encrypt issue
Post problems and errors with detail, this is too little info to help you.
- Mon Apr 16, 2018 6:35 am
- Forum: Web Server
- Topic: How to upgrade from php 5.x to 7.x for nginx + php-fpm
- Replies: 12
- Views: 1510
Re: How to upgrade from php 5.x to 7.x for nginx + php-fpm
I'm sure someone updatded VestaCP internal PHP from 5 to 7. Can't remember exactly but I think someone did this long time back... you may want to search the forum.
- Sun Apr 15, 2018 6:16 am
- Forum: RHEL/CentOS
- Topic: VestaCP + Rsync
- Replies: 1
- Views: 32
Re: VestaCP + Rsync
You would want to sync the entire /home/* presuming you setup exactly same VestaCP users and domains under them.
You also need to sync Database, which is not possible using rsync, you have to use MySQL replication for DBs to sync
You also need to sync Database, which is not possible using rsync, you have to use MySQL replication for DBs to sync
- Tue Apr 10, 2018 5:04 pm
- Forum: General Discussion
- Topic: Tut: Change VestaCP port through SSH Command line
- Replies: 12
- Views: 1138
Re: Tut: Change VestaCP port through SSH Command line
nsuro
so can you write a "sed" statement as in my Tutorial above... and then we can test this on our servers. If all is good, I will include that in my tutorial above.
Thanks alot for your keen eyes and contribution... above all your love for Vesta.
so can you write a "sed" statement as in my Tutorial above... and then we can test this on our servers. If all is good, I will include that in my tutorial above.
Thanks alot for your keen eyes and contribution... above all your love for Vesta.
- Tue Apr 10, 2018 11:55 am
- Forum: General Discussion
- Topic: Automatic updates clarification?
- Replies: 1
- Views: 51
Re: Automatic updates clarification?
Security is always a cat and mouse chase...never ends. The whole "hoopla" is about a security flaw within VestaCP code that allowed an attacker to gain access and inject processes into your server that would DDos other servers. This was responsibility of the Vesta Developers and so they updated the ...
- Tue Apr 10, 2018 11:37 am
- Forum: General Discussion
- Topic: Tut: Change VestaCP port through SSH Command line
- Replies: 12
- Views: 1138
Re: Tut: Change VestaCP port through SSH Command line
@nsuro Fail2ban doesn't monitor ports, it merely reads auth logs and counts the retries done there to ban the suspected IPs You can alter that file, but I don't that would make any difference. Maybe the devs can suggest best settings here. @plutocrat Yes please suggest this on Git or http://bugs.ves...
- Tue Apr 10, 2018 5:38 am
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 535
- Views: 31563
Re: Got 10 VestaCP servers exploited
Can you name the files/dir that you see as suspicious in your /tmp ?