|
My server was breached by a fuckin Russian
So I noticed one of my pages was down, turns out some dirtbag hacked my account somehow and inserted iframe redirects into some of my pages.
Checked the whois for the domain he was redirecting to: Registrant Name: Boriskin Gleb Registrant Organization: Boriskin Gleb Registrant Address1: vesekaya 4-155 Registrant City: Novosibirsk Registrant State/Province: Novosibirsk Registrant Postal Code: 109880 Registrant Country: Russian Federation Registrant Country Code: RU Registrant Phone Number: +7.3098098911 Registrant Facsimile Number: +7.3098098911 Hope he freezes his bitch ass off. |
should limit the connections per ip, i block off everyone except my ip to ssh/ftp in.
|
Quote:
|
Privet.all your domains are belonging to Us
Spassibo |
Russians go crazy for Prada, change your nick to discountboy and they'll leave you alone.
|
What kind of server is it (without giving too much away)... A lot of security packs are available that could save you a shit load of work.
|
Quote:
|
Quote:
|
install their free firewall :
http://www.configserver.com/ you can then config all your accesses ... It is pretty good, I myself got blocked by it for entering wrtong password ... And also make sure to : - delete all php install folders - chmod your files to a security safe level, mainly the phpconfig files. :2 cents |
deny from .ru
deny from .cn |
Quote:
|
Quote:
Also, you can set your server to email you immediately when any user logs in via SSH or FTP, that way you're alerted instantly that something is going on. Quote:
Also, turn off Apache ID by editing httpd.conf and change ServerSignature to OFF. Thats pretty much the main stuff I do on a new box. There are several others too, but this should do unless you're specifically targeted. |
PHP Code:
|
Damn Russians... :angrysoap
|
Quote:
Please note that that's only for root. |
| All times are GMT -7. The time now is 03:30 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123