- Install cPanel on a Virtual Server Running CentOS 6 with 7 Simple Steps
- Clear Your System Cache in Ubuntu with These Quick Steps
- Install MariaDB on CentOS 7 with these Simple Steps
- What is an A Record?
- Smartermail vs. Mailenable – What does it hold for you?
- Common Issues with Website Migration
- Tips to Evade Spamming
- Dirty Cow Vulnerability – Check How Dirty It Is?
- It’s Time to Update Your Server
- How to Change the Listening Port for Remote Desktop?
Category Archives: Web Hosting
It may be the health records or your credit card details; everything is stored in the form of database today. Database is similar to a goldmine for hackers. The main purpose behind any cyber-attack is simply getting an access to a database server.
This indicates that the security of the database servers needs to be strengthened and that completely depends on network security, operating system hardening and physical security. It continues to be a big list but it’s important to learn how to secure your database server first –
Have you created a Certificate Signing Request (CSR)? If no then you need to create it and order your certificate.
Below are the steps to create CSR request –
- Open the Internet Information Services (IIS) Manager by pressing the command Win+R > “inetmgr” > Enter.
- Double-click the Server Certificates icon on the Home page.
- Click on the Create Certificate Request from Actions menu on the right which will open the Request Certificate.
- In the Distinguished Name Properties window enter the below information –
- Common Name – It is the name through which certificate will be accessible. It is usually the completely-qualified domain name. e.g. www.domain.com or mail.domain.com.
- Organization – The legally registered name of your company/organization.
- Organizational Unit – The department name within the company (this entry will be listed as “Web Security”, “IT” or can be simply left blank.)
- City/Locality – The place where your organization is located.
- State/Province – The state in which your organization is settled.
- Country/Region – The country where your company is located.
- Click Next.
- Enter the below information in Cryptographic Service Provider Properties and click Next –
- Cryptographic Service Provider – Select Microsoft RSA Channel from the drop-down list or if you have a specific cryptographic provider select the name from the list.
- Bit Length – Select 2048 (or higher) in the drop-down list.
- In the File Name window, you will need to specify the name of the file to which a newly generated CSR code will be saved and a place where the file would be stored. You can type in the path to the field or use “…” button to browse the file system.
- After specifying the file name and location, click the Finish button.
- It’s easy to locate the CSR file on the computer, open it with a text editor and use the CSR for SSL certificate activation.
Steps to install SSL Certificate on Windows Server 2012 from IIS
- Open the ZIP file that contains your certificate and save the file named cer to the web server’s desktop which you are securing.
- Start the Internet Information Services (IIS) Manager.
- Double-click the Server Certificates icon from the Home.
- Hover the mouse to Actions panel on the right-side and click on Complete Certificate Request which will open the Complete Certificate Request.
- The screen will display Specify Certificate Authority Response which contains 3 fields.
- File name containing the certification authority’s response – browse through the file system to the certificate file which you have received from the certificate authority.
- Friendly name – It helps the server administrator to easily find a particular certificate You can provide the domain name of the certificate in this field.
- Select a certificate store for the new certificate – Select Personal from the drop-down list.
- Click OK button once all the fields are set properly.
- The certificate is uploaded to the server and should appear in the storage now.
Steps to configure your SSL certificate on Windows Server 2012 R2 – IIS
- Once the successful installation of SSL certificate is done on your server, you will require assigning it to the appropriate website by using IIS.
- Hover the mouse to the Connections panel on the left side of Internet Information Services (IIS) Manager and select the website from the Sites subfolder.
- Navigate to the Actions menu and click on Bindings on the right side to open the Site Bindings.
- Now click Add to open AddSiteBinding window in the Site Bindings and modify the below fields here –
- Type – Choose https from the drop-down menu.
- IP address – Select the IP address or if same IP is going to be used for multiple SSL’s on different sites then SNI has to be enabled as well.
- Port – Specify the port number for a secure connection. The default post number is443.
- SSL Certificate – Select the certificate that was installed needs to be specified.
- Now click OK.
Your SSL certificate is now installed and the website is configured to permit secure connections. Once SSL installed on Domain, Please check domain on below link for verification -https://www.sslshopper.com/ssl-checker.html
SSL Certificates are necessary for those sites where a user is supposed to submit highly private and confidential information. It augments the website’s security and prevents imposters from doing fraud under your website’s name.
These certificates are of different types. Some organizations need SSL certificate for encryption only, while others need to exhibit their integrity and want to build a stable and reliable relationship with customers. So which SSL certificate will be best for your website? Here are the three different types of SSL Certificates which can help you determine the right choice for your website.
What is MySQL?
MySQL is the most popular database used in web applications. It’s free, easy to administer and is supported by all hosting providers. There’s a common issue that MySQL servers face and that is high server load due to high memory issue.
Why does MySQL consume high memory?
- Application software like Python, PHP, JAVA threads utilize more memory when configured improperly or un-optimized queries, complex coding, etc.
- Due to improper configuration of MySQL, it leads to inefficient memory or wastage of memory.
- If the memory is lower than, required by the processes on the server.
Resolutions to fix MySQL high memory usage –
- Optimization of MySQL settings –
MySQL uses memory in two ways:
- One is the memory permanently reserved for its use –
Known as Global Buffers category, it is obtained from the operating system during server boot-up and isn’t released to another process.
A common issue when hosting a website on a shared server is: do you need to use a dedicated IP address? Why not just stick with the shared IP address? A dedicated one offers many advantages, but let’s look at the definitions first.
IP — Internet Protocol — is a unique address given to each computer connected to a network. It’s used to identify a location of a specific machine or a website. In our case, your website.
A shared IP address is a single address shared by multiple websites on a single web server. A dedicated IP address is used by just one website, which can then be accessed either by its domain name or directly by its IP address.
An apache module that helps to secure your website from several attacks is called Mod_security. Commonly known exploits are blocked with mod_security by using regular expressions and rule sets. It helps in strengthening the security of your servers by potentially blocking common code injection attacks.
No doubt mod-security can be useful when properly configured but many hosting providers don’t do this job correctly leading to problems. The commonly faced problems include triggering of security protocols on standard actions which should be allowed, 403 or 404 errors, access denied error, login issues, unable to modify categories and boards or similar problems.
A critical vulnerability in the glibc library has been announced by Red Hat Product Security, assigned as CVE-2015-0235 and is commonly called as ‘GHOST’.
What is GHOST?
A buffer-overflow bug, GHOST affects the gethostbyname() and gethostbyname2() function calls in the glibc library. A remote attacker can make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.
Impact of GHOST
The gethostbyname() function call is used for resolving DNS which is a very common event. This vulnerability can be exploited by an attacker by triggering a buffer overflow by offering an invalid hostname argument to an application that performs a DNS resolution.
Generally, considered to be an advanced firewall, CSF blocks external IPs (Inbound Connections) to avoid Brute force attack or attack similar to that (Multiple login failures, hacking attempts, etc.) on a server. The firewall might block the connection while uploading files using Filezilla. It might be possible that Filezilla is trying to open multiple simultaneous connections to speed up the transfer. The firewall may interpret it as brute force or port scan activity and block the IP address from where the connection is originating.
The security of a Linux server is being always a sensitive issue. Here is what Greg Kroah-Hartman thinks about SELinux (he is one of project developers of systemd).
The recent convention of CoreOS Fest Berlin (9 and 10 May 2016) was particularly rich in action and followed by several specialized portals. During the event, Greg Kroah-Hartman had given some interesting statements on ‘the Linux kernel development process and the security of the operating system’.
The important issue was also touched by Lennart Poettering (currently employed by Red Hat and known for Avahi, PulseAudio, and systemd), he is one of the developers of the project systemd init (process during startup is called into question by the kernel to initialize the user space), which he explained with essential parameters that act on the safety of a Linux server.
The ‘du’ command in Linux is a standard Unix/Linux command to check the capacity of disk used by files and directories on a machine. There are several parameter options in which the du command can be utilized to get the results in many formats. Additionally, the du command can be used in a recurrent manner.
Below are the ten useful ‘du’ commands with their examples that will help you to calculate the disk space occupied by the files and directories in Linux.
- To calculate the disk space summary of a /home/bodhost directory tree along with its sub directories, enter the below command –
[root@bodhost]# du /home/bodhost
The output displays the number of disk blocks in the /home/bodhost directory as well as its sub-directories.