• We've upgraded our forums. Please post any issues/requests in this thread.

Securing my website

Joined
Jun 16, 2008
Messages
427
Likes
59
Location
San Antonio TX
System Name Floating Fortress
Processor i7-3770K @4.2Ghz
Motherboard MSI Something something
Cooling Corsair H100i
Memory 16GB Corsair Dominator
Video Card(s) GTX 980 Ti
Storage 128GB SSDx2 Evo (RAID 0)
Display(s) Phillips 144Hz 1Ms
Case Corsair 650D
Audio Device(s) Sound blaster Z
Power Supply Corsair CX 750w
Software Win 8.1 Pro
Benchmark Scores 9584 Firestrike
#1

Solaris17

Creator Solaris Utility DVD
Joined
Aug 16, 2005
Messages
19,259
Likes
6,069
Location
Florida
System Name Not named yet
Processor I5 7640x 5Ghz 24/7
Motherboard MSI x299 Tomahawk Arctic
Cooling Corsair H55
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Gigabyte 1080TI
Storage 2x Seagate 3TB Drives (RAID 0) 1x Seagate 256GB SSD 1x Adata 120GB SSD
Display(s) 3x AOC Q2577PWQ
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Onboard on Audio-Technica ATH-AG1
Power Supply Seasonic 1050W Snow
Mouse Roccat Tyon White
Keyboard Ducky Shine 6
Software Windows 10 x64 Pro
#2
what are they doing/trying to do?
 

Easy Rhino

Linux Advocate
Joined
Nov 13, 2006
Messages
14,405
Likes
4,256
System Name VHOST01 | Desktop
Processor i7 980x | i5 7500 Kaby Lake
Motherboard Gigabyte x58 Extreme | AsRock MicroATX Z170M Exteme4
Cooling Prolimatech Megahelams | Stock
Memory 6x4 GB @ 1333 | 2x 8G Gskill Aegis DDR4 2400
Video Card(s) Nvidia GT 210 | Nvidia GTX 970 FTW+
Storage 4x2 TB Enterprise RAID5 |Corsair mForce nvme 250G
Display(s) N/A | Dell 27" 1440p 8bit GSYNC
Case Lian Li ATX Mid Tower | Corsair Carbide 400C
Audio Device(s) NA | On Board
Power Supply SeaSonic 500W Gold | Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse N/A | Logitech G900 Chaos Spectrum
Keyboard N/A | Posiden Z RGB Cherry MX Brown
Software Centos 7 | Windows 10
#3
yea a description of the problem would be nice...
 
Joined
Jun 16, 2008
Messages
427
Likes
59
Location
San Antonio TX
System Name Floating Fortress
Processor i7-3770K @4.2Ghz
Motherboard MSI Something something
Cooling Corsair H100i
Memory 16GB Corsair Dominator
Video Card(s) GTX 980 Ti
Storage 128GB SSDx2 Evo (RAID 0)
Display(s) Phillips 144Hz 1Ms
Case Corsair 650D
Audio Device(s) Sound blaster Z
Power Supply Corsair CX 750w
Software Win 8.1 Pro
Benchmark Scores 9584 Firestrike
#4
Trying to get into the admin area..trying to mess with the modules..ect ect. The website is based on Nuke Evolution Extreme 2.0
 
Joined
Aug 24, 2007
Messages
443
Likes
128
Location
BY-S36
System Name Bitch / Dogma
Processor 955 BE @ 3.8Gig / 9850 @stock
Video Card(s) 8800 GTX 512 / 4890
Storage 8 x Samsung F2 1.5TB, 8 x Seagate 500s
Display(s) Acer 24 / Dell 24
Case Lian li / Akasa
Software Win server 2008 / Win 7
#5
You will constantly get attacked by bots, scripts...you name it...

here is one extract from my web server:
- [Sat Mar 27 17:56:09 2010] [error] [client 124.42.124.251] File does not exist: C:/UniServer/www/scripts
- [Sat Mar 27 17:57:16 2010] [error] [client 124.42.124.251] File does not exist: C:/UniServer/www/phpMyAdmin
- [Sat Mar 27 17:58:26 2010] [error] [client 124.42.124.251] File does not exist: C:/UniServer/www/phpmyadmin
- [Sun Mar 28 10:35:55 2010] [error] [client 94.102.211.93] File does not exist: C:/UniServer/www/phpMyAdmin
- [Sun Mar 28 10:36:45 2010] [error] [client 94.102.211.93] File does not exist: C:/UniServer/www/phpmyadmin
- [Sun Mar 28 10:37:39 2010] [error] [client 94.102.211.93] File does not exist: C:/UniServer/www/pma
- [Sun Mar 28 10:38:32 2010] [error] [client 94.102.211.93] File does not exist: C:/UniServer/www/mysql
- [Sun Mar 28 10:39:24 2010] [error] [client 94.102.211.93] File does not exist: C:/UniServer/www/scripts
- [Sun Mar 28 12:50:14 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/phpmyadmin
- [Sun Mar 28 12:50:15 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/pma
- [Sun Mar 28 12:50:16 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/admin
- [Sun Mar 28 12:50:17 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/dbadmin
- [Sun Mar 28 12:50:18 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/mysql
- [Sun Mar 28 12:50:20 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/php-my-admin
- [Sun Mar 28 12:50:21 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/myadmin
- [Sun Mar 28 12:50:22 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/PHPMYADMIN
- [Sun Mar 28 12:50:23 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/phpMyAdmin
- [Sun Mar 28 12:50:24 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/config
- [Sun Mar 28 12:50:28 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/phppgadmin
- [Sun Mar 28 12:50:34 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/phpMyAdmin2
- [Sun Mar 28 12:50:35 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/mail
- [Sun Mar 28 12:50:38 2010] [error] [client 61.147.67.206] File does not exist: C:/UniServer/www/webmail

The best options for you are:

Make sure that you regularly patch your server...PHP, MySQL, Apache, IIS etc
Add the incoming IP addresses to your block list at the router (tbh this will be a full time job as the IPs will change day by day
Make sure that your admin passwords are long, alpha-numeric and contain at least one special char.
 

Solaris17

Creator Solaris Utility DVD
Joined
Aug 16, 2005
Messages
19,259
Likes
6,069
Location
Florida
System Name Not named yet
Processor I5 7640x 5Ghz 24/7
Motherboard MSI x299 Tomahawk Arctic
Cooling Corsair H55
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Gigabyte 1080TI
Storage 2x Seagate 3TB Drives (RAID 0) 1x Seagate 256GB SSD 1x Adata 120GB SSD
Display(s) 3x AOC Q2577PWQ
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Onboard on Audio-Technica ATH-AG1
Power Supply Seasonic 1050W Snow
Mouse Roccat Tyon White
Keyboard Ducky Shine 6
Software Windows 10 x64 Pro
#6
^ this. it happens all the time

[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:14 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:15 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:15 2010] [error] [client 83.7.109.170] File does not exist: /usr/local/apache/htdocs/images, referer:
[Fri Apr 02 15:25:18 2010] [error] [client 60.28.232.49] File does not exist: /usr/local/apache/htdocs/upimg, referer:
[Fri Apr 02 15:25:18 2010] [error] [client 60.28.189.102] File does not exist: /usr/local/apache/htdocs/upimg, referer:

password protect important dir and I personally 775 dir. and 644 files as a general rule. of course certain files and dir will get certain permissions.

EDIT:: also to make it easy. if you have root access and an FTP account get your self file-zilla or any other easy use FTP program. It allows you to do the changes above in bulk.



take that picture for example. you can right click on any dir. or hit CTRL+A and select them all. right click enter the permissions you want to give click "recurse" and you can apply them to files+dir. files or just dir. So say for example you want to go basic like i said above. you would go to root. select all right click. type 755 recurse "apply to all dir." then hit ok. it will immedietly start to change all your dir permissions (including sub dir.) to the permissions you set. after the operation is done. go back to root. select all type 644 recurse "apply to files only"
 
Last edited: