Protect VPS - xss, sql injection!

MiguelVESTACP · Post by **MiguelVESTACP** » Tue Sep 26, 2017 2:04 pm

What is the best option to protect sites under VESTACP with APACHE+NGINX against attacks xss, sql injection, etc...

The VestaCP dont have any default security against this types of threats?

gecube_ru · Post by **gecube_ru** » Tue Sep 26, 2017 2:12 pm

The VestaCP dont have any default security against this types of threats?

No

What is the best option to protect sites under VESTACP with APACHE+NGINX against attacks xss, sql injection, etc...

You need so-called WAF. It is firewall working in the application level. It analyzes potentially dangerous things like cookies, GET and POST parameters and so on.

But the best option is to way correct code with input checking (filtering) that doesn't rely on correctness of user's input.

MiguelVESTACP · Post by **MiguelVESTACP** » Tue Sep 26, 2017 2:18 pm

My experience is in WHM-Cpanel, and they have by default against this.

Do you recommend any WAF?

MiguelVESTACP · Post by **MiguelVESTACP** » Tue Oct 03, 2017 7:46 am

So with vestacp iam not safety from this attacks?

There is other free web panel that offer protection by default?

Best Regards

diogojesus95 · Post by **diogojesus95** » Tue Oct 03, 2017 9:20 am

i created a script since im using joomla to change my file permissions basicly if i get injected it will only work while im editing the site, otherwise you only have permissions to read (not even able to login to /administrator tab)

Vesta Control Panel - Forum