Search engines and PC anti-virus like Google, Bing, Norton Safe Web or McAfee SiteAdvisor blacklists a website if malware is detected in them. Most websites are infected with malware due to insecure web apps, login details disclosure or insecure web server configuration.
“This site may harm your computer” “The website ahead contains malware” “Malware detected on domainname.com”
Are these some of the errors your shared hosting customers usually complain about? Are you concerned about your server security?
You are not alone. Google alone blacklists 10,000 websites daily for malware infection. In a shared hosting environment containing varied web applications with varying levels of security, malware infection is quite easy to happen. Even just one website with an outdated web application can cause that website to be blacklisted. (more…)
How to prevent website blacklist in Google, Bing or McAfee SiteAdvisor was last modified: July 6th, 2018 by Visakh S
The vulnerability causes any server running PHP as CGI to allow source code disclosure and arbitrary command execution using the account’s privileges. The quote from US CERT web site is below:
When PHP is used in a CGI-based setup (such as Apache’s mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command-line switches, such as -s, -d or -c to be passed to the php-cgi binary, which can be exploited to disclose source code and obtain arbitrary code execution.
While the primary vulnerability was reported for PHP-CGI executions, the CloudLinux note cautioned that this could be applicable to suPHP and mod_fcgid as well. But a post in suPHP mailing list says it is not affected by this vulnerability.
While discussing PHP permissions in the last blog, we concluded that SuPHP servers ideally needed PHP file permissions of just 600.
Out of many means to set the permission/ownership, the quickest is to set the permissions, using a script. You may set this script as a cron that runs daily or weekly, to take care of the the permissions. The script is now written for a server that has cPanel installed. Slight modifications to it, would make it work with other control panels, or even on servers that do not have any control panels.
The script also allows certain accounts to have custom PHP permissions, so that any custom application that needs specific permissions can be run, and such accounts would not be affected by the script.
Hire Bobcares Linux Server Administrators Get super reliable servers and delighted customers
PHP open_basedir directive is used to limit the files that can be opened by PHP to a specific directory-tree. What does that mean? With the open_basedir directive, you can tell the PHP scripts on a domain, which folders they have access to. Once specified, the PHP scripts will not be able to access files outside those folders.
The article explains suPHP and setting up suPHP on cPanel servers.
Constant Phishing/Spamming complaints can get extremely tiresome, and tracking down the source of the problem is not always easy. It wont be long before your IP addresses are listed on popular RBLs and your customers start complaining about mail delivery problems. To nip these problems in the bud, we have to look for better ways to track down the source of these problems. One way of better tracking processes on a cPanel server is switching to suPHP.
PHP security is very important, as insecure php code can trigger in intrusion to your server. This article explains few such vulnerabilities, so that you can avoid them in your scripts. I will also explain methods to tweak PHP config files(php.ini) for maximum security.
Secure Your PHP Scripts was last modified: August 7th, 2017 by admin
Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.