[For Hosting providers]List your Secuirty Measures

[toRRfriend]

Hi hosting providers,
now a days lot of hacking attempts and more phising things are happening, so How you protect your clients from your side..

Clients(they) are responsible for their own security, but what are doing in your side against hacking , rooting and all.......???


Waiting for hosting provider to post their experience and thier measures
Thank you.

Note:
Every hacker has it's own tricks and tactics to down the host(i think so) , just like that you guys may have some tricks to protect your clients/service[if you know or follow something means, please don't share it fully, just give a hint, because ton's of hackers may see this thread and miss use it]

To wj mod & admin: i think we need seperate secuirty section(will post in suggestion section)

 

[warock]

Yes I support this initiative there are many hosting company that come and go this company should be mature enough to understand the importance of the data and the time and efforts put by the webmaster to construct a website We do need to share ideas which can make the hosting community over here in WJ stronger Also they are aware of the ideas how to evade the hacks

 

[luan]

They didn't started now, it was always. When a hosting "company" start growing then those problems start.

If you don't have a specialized team and you are working alone (like I did when I started) that's a nightmare. Especially in shared hosting.

Almost all hosters here at wjunction all vulnerable to the most simple thing: symlink (then don't talk about other security holes). You can spend a lot of money on all those Server Management and those shitty things for Optimizing and Securing your hosting company but it's a waste of money. Actually finding the right people for this is more difficult than paying or doing something else.

At the beginning (1 or 2 years agro) I started paying all hackers for any security hole they found. This is how I started fixing it, and finding the right place and people to work with me.

Now we have a custom Apache core, 5 different versions of php available and our clients have the freedom to do anything they want on their hosting account without worries about security.

The client is responsable for the security of the script hes using, and the hosting company is responsable to not allow hacking from one account to another (talking about shared hosting). It's quite simple, if you are hacked by your fault, it's just you. If you are hacked because of your hosting company YOU SHOULD JUST LEAVE THEM.

Anyway there are a lot of exploits (like the last one for WHMCS) then no one can do nothing until the release of a fix or a patch, but always it's good to have 1 person for checking the kernels updates, and the WHMCS patches (or any script that is used by the company).

 

[toRRfriend]

now a days lot of sites are monitoring the spam bots and hackers ip,
so hosters need to use this and install in there server, atleast for shared hosting.

see the below list: (they update spam bot ip's of past 48 hours)
http://www.blocklist.de/en/export.html

some other are:
http://www.spambusted.com/general.php

stopforumspam


Is any hoss installed anything to ban spam bots........??
or shall you install by request....??