RSS Feed
Knowledgebase : Security
     
OBTAINING AN SSL CERTIFICATE A Small Orange can provide you with a SSL certificate [http://kb.asmallorange.com/customer/portal/articles/1603664] for $39.95/year. If you'd like to buy it from someone else we fully support those as well. INSTALLING AN SS...
This guide is intended as a basic introduction of Advanced Policy Firewall (APF) and Brute Force Detection (BFD). For more detailed information, feel free to contact A Small Orange and we'll be glad to help you. See the end of the article for links to the...
We actively run Linux Malware Detect (Maldet) on all of our Shared servers to check for any icky virus stuff floating around. So rest-assured, we've got your Shared account covered! If you have a VPS or Dedicated server hosting account, there is no anti...
METHODS FOR DENYING ACCESS TO SPECIFIC REGIONS OR COUNTRIES There are three methods by which you can prevent visitors from a specific location from visiting your website: custom rules in CloudFlare, Apache Deny Rules, using a combo of CloudFlare and .hta...
You can change how Spam Assassin deals with spam. The following options are available: * required_hits - The number of e-mails received before a certain e-mail is considered spam * rewrite_subject - Alter the subject line of spam e-mail. Enter 1 ...
If you're using the basic mode (cPanel plugin) you can easily disable CloudFlare by deactivating the service for any subdomain for which it's active... just click the orange cloud button so that it becomes gray in color. See more info about CloudFlare: ...
To disable ASSP simply: * Log into your cPanel account and click the SPAM ASSP icon * Click the Disable button next to the domains you want to disable ASSP on * Repeat this process to enable ASSP _NOTE: If you do not see this option simply c...
Processing stats and logs is resource-intensive. Sometimes, if the processor load is high or if there is too much memory usage, the virtualization software will kill off a running process to keep your VPS within it's resource limits. UPDATING MANUALLY ...
FIREWALLS AND YOUR VPS IPtables is the firewall interface to the Netfilter packet filtering system used in the Linux 2.6 kernel. This is used by default in the VPS and is readily accessible from SSH using a command like: iptables -A INPUT -s hostname -...
WHAT IS MODSECURITY? ModSecurity [http://modsecurity.org](tm) is a web application firewall (WAF). With over 70% of all attacks now carried out over the web application level, organizations need every help they can get in making their systems secure. WAF...
This article describes installing ClamAV [http://www.clamav.net/lang/en/] on a VPS or Dedicated server with cPanel. The process is very simple, to install ClamAV follow the steps below: * Log in to WHM [https://kb.asmallorange.com/customer/portal/a...
This guide will walk you through installing CSF on a VPS or Dedicated server. PREPARE THE SERVER After logging in via SSH (as root!) we will need to download the CSF firewall itself, let's make a temporary directory called 'tmp'. Then move into it and ...
This guide will walk you through installing LMD (Linux Malware Detect) on your VPS/Dedicated server: * You will need to be logged in as ROOT to the server over SSH * Create a temporary directory and navigate into it * Download the latest rele...
By default, all cPanel URLs use un-ecrypted, plain text password authentication. This includes WHM, cPanel and Webmail. To use the secure ports, you can use https with the secure port number. However, this requires a little bit of preliminary set up in WH...
SQL injection is an attack where malicious code is passed to an SQL Server for execution. The attack can result in unauthorized access to confidential data, or destruction of critical data. SQL injection attacks should only be a concern for PHP develope...
You can train SpamAssassin to behave like you want it to... and customer Nathan Olson (thanks Nathan!) broached this topic in an old forum post about SpamAssassin training options. Let's get started: * Make sure your server has perl module DB_File ...
ABOUT CLOUDFLARE CloudFlare [1] protects and accelerates any website online. Once your website is a part of the CloudFlare community, its web traffic is routed through their intelligent global network. CloudFlare automatically optimizes the delivery o...
Oh no! We hope your site hasn't been hacked, but if it has... no fear. There are some things you can do to help re-secure your site and get it up and rolling. Check out the selections below and follow the most applicable directions to your case. If you ha...
Spam is an ongoing issue that costs businesses and individuals billions of dollars in lost time and resources. Spam includes unsolicited commercial email (UCE) and other unwanted bulk email. PREVENTING SPAM You can't totally prevent spam but there are ...
HACKED FACTS Are you getting hacked and you're not sure why? In this article we'll explain some of the most common ways a website gets hacked and what that means relative to a server's general security. 99% OF SUCCESSFUL WEB APPLICATION EXPLOITS AND AT...
I bet you've seen this warning at the top of your Wordpress dashboard before. It's easy to ignore, but there are several really important reasons NOT to ignore it. WordPress, just like any other software on your computer, needs to be updated regularly. Un...
Help Desk Software by Kayako fusion