Latest Announcemnent
New thread

Extremely high levels of security

Status
Not open for further replies.
D

Daniel

Active Member
16,012
2009
3,074
10
How do you make sure that your servers are as 100% rock-solid, unhackable as possible? I have a general understand of web security; however, I am clueless of what is required to create a web server that is as secure as, say, a banking account managemnet system.

Can the WJunction community recommend good websites, books, or any other resources that throuroughly discuss the topic of setting up a small web serer or network for hosting a site that is as absolutely secure as possible?
 
9 comments
To strict your php rules, and get right mod security. And other usual firewalls can make your site secure upto 80%.

To set proper mod_security rules and php settings you can get help on internet or contact some one.

But still there are other ways hackers can get into your site.

Regards
 
You can make it so only your IP can login, and you can also change the IP address of SSH so no one can port scan your server IP and find it.

I don't think there is such thing as impossible to hack though.
 
Sp32 said:
You can make it so only your IP can login, and you can also change the IP address of SSH so no one can port scan your server IP and find it.

I don't think there is such thing as impossible to hack though.
Click to expand...

Even If we limit it to our IP, hackers can hack. They usually don't need to login directly (where IP limitations work)

But I agree there is no such thing that we can safe our self 100% from hacking. But we can always take good steps.
 
Hey, well you can take a look at my signature link, i have written a tutorial on How to: Secure and Optimize your VPS, but if really need help with securing your servers or whatever you got just hit me up with a PM ill be glad to help you.
 
Change SSH port, block all incoming logins to root except your IP, patch Linux kernel with GRSecurity, set the notifications on SSH logins, install some Software Firewall, install mod_evasive and a lot more (: This is some few tips from Krun!x's paper, but of course, there is a lot more good tips.

http://press.ljuska.org/tutorial|1259776847-6|pz|category=6&template=default

There is a Krun!x's paper, but it's too old, try to find updated versions of all softwares from this paper :)
 
OK, is there any1 here who can secure a server atleast to 90% or above? That is DDos protection, Fix some holes, Put on the best firewalls etc?

---

I would like to talk to someone who can do it or help me doing it... (Secure teh Server)
 
Overjaculation said:
How do you make sure that your servers are as 100% rock-solid, unhackable as possible? I have a general understand of web security; however, I am clueless of what is required to create a web server that is as secure as, say, a banking account managemnet system.

Can the WJunction community recommend good websites, books, or any other resources that throuroughly discuss the topic of setting up a small web serer or network for hosting a site that is as absolutely secure as possible?
Click to expand...


I must worry you, because you aren't able to create of server which is fulfilling safety requirements of the banking industry.

In the company, in which at one time I worked, we had a few Polish banks for customers. I will already omit the fact that the company which wants for banks to provide services must meet norms of ISO certificates / TL / S9.
Generally in order to meet these conditions it trained employees must be (cost terrible money the course), next fulfilled conditions of safety of the building must be / of premises, the same like of the physical security and computer.

The subject is very extensive and if you don't have somebody who will help you to read them you aren't having chances to enter in the one subject matter, as for the publication to this subject it heavily will also be, more quickly read notations of norms which higher I mentioned.
 
Status
Not open for further replies.
Back
Top