Archive for the ‘ security ’ Category

Implementing Secure File Upload in PHP

Author: admin

Apr 8

Most PHP scripts and content management system scripts (CMS scripts) require writable permission 777 (rwxrwzrwz) to be set for certain folders for uploading photos and videos. Many security experts warn that setting 777 permission means that anybody can upload any content to your server, install malicious code, run unwanted programs and could potentially misuse your server. This is big security risk.

Ironically if you implement a fileupload in your script, the upload wouldnt work for any other permissions other 777 or else your upload will fail. So you will be forced to set 777 permission for your writable folders.

Alternatively, to secure your server you can implement the following checks to in your PHP script as well as in your server. Remember if you are in shared hosting plan you might be limited in running as root.
Read the rest of this entry

  • 0 Comments
  • Filed under: Centos, Cpanel, Directadmin, security, shell script, vps

    • Transfer backup files from server to server in command line!

    Author: admin

    Apr 8

    i have been struggling to find some way or another to transfer my file from one linux server to another using commandline. Before this i was just using cpanel to do backups.

    Here is an easy way to accomplish transferring backup files from one server to another in linux. Just simple command using SCP (secure file copy)
    Read the rest of this entry

  • 1 Comment
  • Filed under: Centos, Cpanel, Directadmin, security, shell script, vps

    • Chrooting Apache2 With mod_chroot On Fedora 12

    Author: admin

    Apr 7

    This guide explains how to set up mod_chroot with Apache2 on a Fedora 12 system. With mod_chroot, you can run Apache2 in a secure chroot environment and make your server less vulnerable to break-in attempts that try to exploit vulnerabilities in Apache2 or your installed web applications.

    I do not issue any guarantee that this will work for you!
    Read the rest of this entry

  • 12 Comments
  • Filed under: Centos, Cpanel, Directadmin, Linux, security, shell script, vps

    • ss: Display Linux TCP / UDP Network and Socket Information

    Author: admin

    Oct 22

    The ss command is used to dump socket statistics. It allows showing information similar to netstat command. It can display more TCP and state information than other tools. It is a new, incredibly useful and faster (as compare to netstat) tool for tracking TCP connections and sockets. SS can provide information about:

    • All TCP sockets.
    • All UDP sockets.
    • All established ssh / ftp / http / https connections.
    • All local processes connected to X server.
    • All the tcp sockets in state FIN-WAIT-1 and much more.

    Read the rest of this entry

  • 0 Comments
  • Filed under: Cpanel, Directadmin, Linux, security, shell script, vps

    • Apache Optimization

    Author: admin

    Aug 18

    MaxClients
    —————

    The number of worker processes is limited by the parameter MaxClients.

    MaxClients = Total RAM dedicated to the web server / Max child process size.

    The default value of  MaxClients is 150.

    If we have a server with 1gb of ram and  child process take an average size
    of 20 mb.

    We can set the  MaxClients as 1024/20 = 52

    Read the rest of this entry

  • 0 Comments
  • Filed under: Linux, security
    • « Go BackView more posts »