Vesta Control Panel - Forum

Yesterday, my VestaCP control panel was showing error 500 but I somehow fixed it. Then, I saw that someone from Pakistan was doing certain attacks and I even noticed a file which had all the hack scripts to ruin the entire server. So, I immediately blocked the user's IP and suspended his website and tested those scripts he had put inside his website hosted on my server. From that script I was even able to see all the users but thankfully that script was made for cPanel so it didn't ruin other users' websites. I then googled that script and got to know that the script originated from Pakistan and all the videos on Youtube and tutorials available on google were from Pakistani people. Please take a look at this video from a Pakistani person which shows how that script can ruin the server https://www.youtube.com/watch?v=zB6MZcSRz_Q . I request the VestaCP team and contributors to please find a solution of this security holes and fix it.

I would like everyone to block Pakistan as all these terror cyber attacks originate from there.


To block Pakistan using iptables, ssh into your server and put the below commands

Dowload the commands from Pastebin http://pastebin.com/vaEnDJtE



To block Pakistan using .htaccess file, add the below lines the .htaccess file

Download the commands from Pastebin http://pastebin.com/Ua2jH6hc

I have also been getting many attacks from Pakistan from a long time too.

You should really invest time in learning how these hack scripts work and crawl/copy themselves into your filesystem. You need to 1) secure your server with multiple routines and steps and 2) find vulnerabilities to your Websites/Apps to disallow malicious uploads and execution of such scripts.

You are lucky to be able to block a whole country, while not many would be able to do so as they have genuine visitors and revenue earning from cyber attack active countries like Russia, China, Pakistan and so on.

I recommend the VestaCP team to look after this. When I uploaded the same script on the latest version of cPanel, it was immediately detected as virus and got deleted.

vikhyat wrote:I recommend the VestaCP team to look after this. When I uploaded the same script on the latest version of cPanel, it was immediately detected as virus and got deleted.

as mehargags already wrote: secure your server and find unsecure Website/Apps. If you've secured your server, the script will not work.

If you want you can setup maldect (https://www.rfxn.com/projects/linux-malware-detect/) on your server that checks the whole system for sutch scripts. This is not directly a part for vestacp, if you run a webserver you should also be able to secure it. Blocking a whole country is not a secure solution (it's more like a little child that closing his eyes and think "i'm invisible"), there are also other countrys with hackers that want to get in your system :-).

I agree with ScIT. Moreover, black hat hackers usually launch their attacks through other systems in other countries. So it doesn't really matter where the hacker is located physically. All that matters is the security systems of the server and the awareness of the person responsible for it.