Protect VPS - xss, sql injection!

General questions about VestaCP
MiguelVESTACP
Posts: 14
Joined: Tue Sep 05, 2017 12:39 pm

Protect VPS - xss, sql injection!

Postby MiguelVESTACP » Tue Sep 26, 2017 2:04 pm

What is the best option to protect sites under VESTACP with APACHE+NGINX against attacks xss, sql injection, etc...

The VestaCP dont have any default security against this types of threats?

gecube_ru
Posts: 136
Joined: Thu Jun 22, 2017 1:21 pm

Re: Protect VPS - xss, sql injection!

Postby gecube_ru » Tue Sep 26, 2017 2:12 pm

The VestaCP dont have any default security against this types of threats?

No

What is the best option to protect sites under VESTACP with APACHE+NGINX against attacks xss, sql injection, etc...

You need so-called WAF. It is firewall working in the application level. It analyzes potentially dangerous things like cookies, GET and POST parameters and so on.

But the best option is to way correct code with input checking (filtering) that doesn't rely on correctness of user's input.

MiguelVESTACP
Posts: 14
Joined: Tue Sep 05, 2017 12:39 pm

Re: Protect VPS - xss, sql injection!

Postby MiguelVESTACP » Tue Sep 26, 2017 2:18 pm

My experience is in WHM-Cpanel, and they have by default against this.

Do you recommend any WAF?

MiguelVESTACP
Posts: 14
Joined: Tue Sep 05, 2017 12:39 pm

Re: Protect VPS - xss, sql injection!

Postby MiguelVESTACP » Tue Oct 03, 2017 7:46 am

So with vestacp iam not safety from this attacks?

There is other free web panel that offer protection by default?

Best Regards

diogojesus95
Posts: 6
Joined: Fri Apr 07, 2017 2:06 pm

Re: Protect VPS - xss, sql injection!

Postby diogojesus95 » Tue Oct 03, 2017 9:20 am

i created a script since im using joomla to change my file permissions basicly if i get injected it will only work while im editing the site, otherwise you only have permissions to read (not even able to login to /administrator tab)


Return to “General Discussion”



Who is online

Users browsing this forum: No registered users and 8 guests

cron