Category Archives: Security

FreeBSD Security

Using Top [ $top ]

What is Top? Top provides a live display of information on the CPU processes. Top gets updated periodically as it provides an output CPU level percentage, Memory size, Swap Info, Load Averages, and more. last pid: 7771; load averages: 0.15, 0.06, 0.02 up 241+09:40:08 17:52:09 196 processes: 1 running, 195 sleeping CPU: 1.2% user, 0.0% …

Email FreeBSD Security Tips and Tricks

Identifying malicious mail scripts on FreeBSD

This article will help you identify an possible spam scripts that may be causing unwanted outbound mail which could cause your servers ip address to be blacklisted.There are many different ways a script may get onto the server however we I will provide several different tools and methods to help identify scripts.   PHP scripts …

Security Wordpress

WordPress Security Tips

Introduction While WordPress is a great tool to use to manage and update your website, it’s also a frequent target for hackers or other users with malicious intent- this makes securing your WordPress installation a top priority. In the event that your site does get hacked, the good folks at Webair are more than happy …

Administration Apache Security Tips and Tricks

Prevent hot linking of images.

Hot linking is displaying an image on a website by linking to the same image on another website, rather than saving a copy of it on the website on which the image will be shown. Lets say, you have an image at www.yourdomain.com/image.jpg and it is not well protected. If someone links this image to …

Security Wordpress

WordPress security tips

  WordPress is one of the most used application to post content on the internet.  WordPress is an open source platform where people have been using it free of charge, to both post blogs or websites. WordPress offers a variety of easily install-able themes and an assortment of Plug-ins that help customize web pages. One …

Administration FreeBSD Linux Security

Scanning for rootkits and possible exploits – RKHunter

Rootkits are malicious softwares that are installed by intruders to gain access to your server once the security of the server has been breached.  Intruders can leave some malicious softwares or back doors in your server to gain permanent access to your server after it has been compromised. Rootkit Hunter (RKHunter) is a Unix-based tool …

Security Tips and Tricks

How to Create a Self-Signed SSL Certificate

An SSL certificate is ideal for securing an administration interface, a member’s-only space, an intranet, webmail. etc. It is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it. When installed on a web server, it activates the padlock and the https protocol (over port …

Linux Security

Denial Of Service: iptables Defense

Servers sometimes get hit with what are know as DOS attacks. The offending IP address is usually readily available in the logs for the server being hit. If your SSH server is being hit with a bruteforce DOS the easiest thing to do is block the IP using iptables like so: # iptables -A INPUT …

Linux Security

Patching The Ghost Vulnerability

The Ghost vulnerability, also known as CVE-2015-0235, is an exploit in a library named glibc. This library is referenced by many applications which run on your server. The exploit is a bug which affects 2 pieces of code which are used to do a DNS lookup, which translates a hostname to an IP address. A …

EzPanel FreeBSD Security

SSH: Whitelist IPs for Your Server

If you wish to whitelist certain IP’s for your server for any reason, you can easily go into your Webair Ezpanel for this. When whitelisting an IP, please provide the specific IP. It is IMPORTANT that you make sure the IP you want to whitelist is CORRECT. NOTE: For the EzPanel Whitelist to work, you must be on …