Lunarpages Web Hosting Forum

Author Topic: Security Best Practices  (Read 15012 times)

Offline clwill

  • Newbie
  • *
  • Posts: 1
Security Best Practices
« on: August 01, 2007, 06:51:27 AM »
I am hosting several sites (on another host) and moving to a dedicated server on Lunarpages.  Some of these sites are being attacked in a variety of ways.

First it was DDoS attacks, but moving to a dedicated server and vigorously tuning the performance of the sites seems to have mitigated that problem.

Now they are doing some form of attack that eats up all the CPU and memory on the system.  I'm not sure what it is, but there are no SSH logins to the root (other than me), I have the tmp directory stuff done (see other thread), I believe I have all the directories protected correctly, but clearly the machine is compromised.  It just grinds to a halt, and the memory is just slammed.

So, my question is, can anyone give me a pointer to some security best practices?  What could someone be doing that's slamming the machine like that?  Is there some way to audit a machine to see if I have anything open that would allow this kind of thing?

I want to protect this new Lunarpages machine the best I can before I move the sites there.  I appreciate any help you can offer.

Offline perestrelka

  • Master Jedi
  • *****
  • Posts: 1397
Re: Security Best Practices
« Reply #1 on: August 02, 2007, 12:09:21 AM »

I would recommend to determine what is excessively hitting CPU and memory of your server first to be able then to fight against the cause. If your server has cPanel, you would check CPU/Memory/MySQL usage stats in WHM. Running the "top" command in shell could also help you in figuring out which processes are the most CPU and memory consuming.
Kind Regards,
Vlad Artamonov

Offline Jedi_Johnny

  • Trekkie
  • **
  • Posts: 10
Re: Security Best Practices
« Reply #2 on: January 28, 2009, 11:12:22 AM »
Here are some links to security resources:

For MS Windows:  Microsoft Baseline Security Analyzer

From here is a pdf on general system administration security best practices:

In a nutshell:

1. keep software patched and up to date
2. disable unused services
3. enable and audit system logs for suspicious activity and errors aon a regular basis
4. configure a firewall, block IPs that attack for a finite period of time (like a month)
5. use complex passwords and change them every 90 days
6. run scheduled anti-virus (on windows) and rkhunter (on linux) checks
7. make backups of your data (user directory, database, system config files, website document root, application data) and do not store backup archives on server
8. only install applications that are well known and trusted, ** this applies to PHP and other CGI scrips in particular **
9. monitor Technical Cyber Security Alerts ( ) for new security issues that might affect software you are running
10. apply these best practices to workstations used to log into server and/or develop applications for server

Free online scan for Windows systems:

Free standalone virus scanner, stinger:

Remember, security is an ongoing process -- not something you achieve and can forget about!
« Last Edit: March 24, 2009, 11:37:29 PM by Jedi_Johnny »

Offline Jedi_Johnny

  • Trekkie
  • **
  • Posts: 10
Re: Security Best Practices
« Reply #3 on: February 06, 2009, 03:05:19 PM »
While setting up a server recently I found some more good security resources.

This is a little outdated, and people should be careful not to just blindly follow the steps listed, but over all this is an excellent security walkthrough: - The Centos Secured LAMP Project

This web application scanner, burp suite, looks good as well:

Here are some more references:

 "General System Security" is Chapter 5 from the online Hands-on Guide to Red Hat Linux.

3 part paper at IBM "Securing Linux"

Also at IBM, "Automate backups on Linux"
« Last Edit: March 24, 2009, 11:36:28 PM by Jedi_Johnny »

Offline Jedi_Johnny

  • Trekkie
  • **
  • Posts: 10
More MBSA resources
« Reply #4 on: March 11, 2009, 12:26:47 AM »
Microsoft's MBSA can also be run from the command line.  Here is a great article from

FAQ for MBSA 2

FAQ for MBSA 1

List of recent Microsoft security updates

Offline Jedi_Johnny

  • Trekkie
  • **
  • Posts: 10
Web scanner: for Flash
« Reply #5 on: March 24, 2009, 11:32:13 PM »
A recent posting links to HP SWFScan
-- "a free Windows-based security tool to help developers find and fix security vulnerabilities in applications developed with the Adobe Flash Platform"

Other flash scanners

flare works on Linux, OS X, and Windows

SWF Intruder for Windows and Linux

Be sure to look at the Powerpoints by Stefano Di Paola on the SWF page!

Offline Jedi_Johnny

  • Trekkie
  • **
  • Posts: 10
SQL injection defense and scanner (windows only)
« Reply #6 on: April 13, 2009, 04:07:36 PM »
I found a good link from Microsoft about detecting SQL injection vulnerabilities:

the page links to a great windows scanner by HP:  scrawlr

Offline Annie

  • Newbie
  • *
  • Posts: 1
Re: Security Best Practices
« Reply #7 on: September 25, 2010, 01:53:24 AM »
Dedicated Server Providers usually offer the ability to select the software you want installed on a dedicated server. Depending on the overall usage of the server, this will include your choice of operating system, database, and specific applications. Servers can be customized and tailored specific to the customerís needs and requirements
Dedicated hosting server providers utilize extreme security measures to ensure the safety of data stored on their network of servers. Providers will often deploy various software programs for scanning systems and networks for obtrusive invaders, spammers, hackers, and other harmful problems
A dedicated hosting service, dedicated server, or managed hosting service is a type of Internet hosting in which the client leases an entire server not shared with anyone.
« Last Edit: September 25, 2010, 02:50:52 AM by katrina1 »