In the BBC

Apr, Mon 15th, 2013 Posted in : Blog, Security, Wordpress By : 0 Comments

We recently posted about a large widespread WordPress brute force attack well the BBC have also picked up on this issue in their article WordPress website targeted by hackers. Now WordPress itself is an awesome system and we use it heavily. We work very hard to keep WordPress sites secure as we talked about in our [...]

Continue Reading →

WordPress brute force attacks

Apr, Fri 12th, 2013 Posted in : Blog, CloudFlare, Security, Wordpress By : 0 Comments

Over the last few days, we’ve seen a  highly-distributed, global attack on WordPress installations. This is something which has been seen across virtually every web host and has been talked about by our security partner CloudFlare.  This attack is well organized and again very, very distributed; reports of over 90,000 IP addresses involved in this [...]

Continue Reading →

Root access notifications

Jun, Sun 3rd, 2012 Posted in : Blog, Linux, Security By : 0 Comments

Root Access Notification: This will inform you each time access is made to the root account: In SSH: cd /root edit .bashrc and add the following at the end, for freebsd: edit .cshrc echo -e “root access on `date`” ‘\n’ `who` | mail -s “Root Alert!” you@youremail.com Daily Notifications: cd /etc/cron.daily contents of: pstree.cron #!/bin/sh [...]

Continue Reading →

Adding SSH welcome and warning messages

Jun, Sun 3rd, 2012 Posted in : Blog, Linux, Security, Web Hosting By : 4 Comments

Using SSH as a login method for *NIX boxes is pretty common. One thing I am regularly asked by our dedicated server users is how to add messages that can be viewed when a user is accessing the system. Keep in mind that it would be well worth restricting root login and running SSH on a non-standard port [...]

Continue Reading →

Change the default SSH port

Jun, Sun 3rd, 2012 Posted in : Blog, Linux, Security By : 0 Comments

By default, SSH runs on port 22. This leads to thousands of automatic scans and scripted attacks being launched. No reason not to change your port exists to the best of my knowledge. Get it changed! Add a line in the file /etc/ssh/sshd_config: Port 6969 Reload sshd #/etc/rc.d/sshd reload OR service sshd restart A couple [...]

Continue Reading →

Restrict root login on Linux servers

Jun, Sun 3rd, 2012 Posted in : Blog, Linux, Security By : 1 Comments

Disable Direct ROOT login In SSH cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original now, edit /etc/ssh/sshd_config Change that line that says: Protocol 2,1 To read as follows: Protocol 2 Change the line that says: # PermitRootLogin yes To read as follows: PermitRootLogin no Restrict the use of SU command Once after you have disabled root SSH login, you should [...]

Continue Reading →
(C) 2013 Dedicated UK Hosting and Design