[Tutorial] Securing Your Server & Site & Stop Crashing MainSVR

[Jangan]

hmm in the past few days that i have been here i got tons of people complaining "my server got hacked" "my site got hacked" "my site got whiped"

okay here is what you do:
First ban Foxx and DeathArt (Kidding) lol


Ways to secure your site:
- Dont Use XAMPP
- Dont run your site threw a PHP Site, Such as Php Nuke, Phpbb.. etx.
- Dont run it on a home computer.
- Buy a host and run it off there (connect your php site from there)


Q) Securing your Dedicated server:

- http://forum.ragezone.com/f316/howto-secure-your-dedicated-windows-server-237604/

Q) why not using xampp?

(*) well xampp is one of the crappiest programs out there, but there are some advantages to it, you can simply secure your xampp by going to

You must be registered to see links

Q) how to secure phpmyadmin?

(*) well since people inject and delete your database threw php, here is what you do
- Delete PHPMYAdmin 100%

Q) how to secure php in general?

-

You must be registered to see links

 

[Jangan]

Re: [Guide] Securing Your Server & Site!!

ok for people who are going to say "no DMZ is bad"

read this before you spam:
The main advantage of implementing a DMZ instead of just using a firewall is that when an attacker compromises a public server, the risk to the internal servers is reduced because the public servers and internal servers are separate from each other. When the compromised server resides in a DMZ, the attacker isn't able to directly attack other more-sensitive servers on the internal network. The firewall blocks any attempt by the DMZ computers to connect to internal computers, except for specifically allowed connections. For example, you might configure your firewall to let the Web server in the DMZ connect to an internal Microsoft SQL Server machine through a specific TCP port. If an intruder compromises the Web server, he or she might be able to attack the SQL Server machine on that port. However, the intruder won't be able to attack the SQL Server machine's other services and ports or other computers on the internal network. . . .

 

[mizo]

Re: [Guide] Securing Your Server & Site!!

hmm.. thnx Jangan for that Excellant guide it ll help a lot of ppl and i am the 1st of them xD

 

[Jangan]

Re: [Guide] Securing Your Server & Site!!

Running Server on Windows Vista:

my advice is use the server on "Windows 2003 Server" windows vista true has a little bit more security than windows server but the C++ and Visual are more advanced on Vista than Windows 2003

Windows 2003 is better to run a server for more features and smoother:
its ment to run servers (duh).

You must be registered to see links

 

[Jangan]

Re: [Guide] Securing Your Server & Site!!

Good Dedicated Server:

You must be registered to see links

they have multi hosting plans;

- Economy Server
- Entry-Level Server
- Mid- level Servers
- Perfomance Servers
- Game server
- Clearance servers.

 

[Jangan]

Re: [Guide] Securing Your Server & Site!!

Good Ways To Secure Your Server More:

- Dont give out your username/pwd
- dont let anyone on your vnc
- dont let anyone know your ip

Ways to hide your ip:
i recommand:

You must be registered to see links

buy the product or use it for 7 days, this product will change your ip, so people will connect to your fake ip "this will prevent people from knowing your open ports"


Easily Conceal Your IP Address - Just click "Hide IP" and your IP is instantly hidden! Other people see a fake IP, which is not associated with your real IP. Click here to read how it works.

Hie My IP 2007 Released March 19, 2007. More features and more IPs! Anonymous Web Surfing - Protect your privacy and cover your tracks! Select from one of our many fake proxy IP addresses for totally anonymous browsing.

Advanced Application Support - Hide My IP 2007 now works with all major browsers and dozens of instant messengers, E-mail clients, games, and more!

Protect Your Identity and Stop Hackers - Identity thieves can use your IP addresses to compromise your computer. Installing keyloggers, Trojans, and other tools to aid their crime. Stop them at the source by hiding your IP!

Send Anonymous Emails - Hide your IP in E-mail headers. Supports Webmail services like Yahoo, Hotmail, and GMail. Mail clients supported with a Premium account include Outlook, Outlook Express, Eudora, and more!

Un-ban Yourself From Forums, Blogs, Etc... - By faking your IP you can often access many sites you were banned from. Combine with Cookie Crumble for the most effectiveness.

 

[sevenmore]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

edit this

You must be registered to see links

to

You must be registered to see links

 

[Jangan]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

eek miss spelled it =X tyvm

 

[sevenmore]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

Np ^^

 

[DeathArt]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

According to the hackers I've talked to on IRC, this guild will not resolve any of the latest hacker attacks.

But it's some good tips anyway

 

[Jangan]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

According to the hackers I've talked to on IRC, this guild will not resolve any of the latest hacker attacks.

But it's some good tips anyway

well bleh it helps somewhat.. it takes more skills to hack a server with this guide but see the problem is.. home pcs are hackable no matter what.

having a dedicated server lowers the risk by a lot XD

 

[greetisgood]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

//edit

 

[Shortor]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

btw the don't run xampp one is pretty much shenanigans. it just takes a while to configure it good.

edit: lol there are easy ways to find out the ip. for example just dl the patch, connect to the server and type netstat -a

 

[General]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

1. DMZ opens ALL ports, so you will need a good firewall then to block all standard closed ports (http, ftp, smtp, ...). In your small text you just say that if you run a lan and have DMZ on, the only possible "victim" will be the lan server where the DMZ is active, but THAT is your Kal server...

If ppl don't know how to open a port, don't let them run a server ^^

well bleh it helps somewhat.. it takes more skills to hack a server with this guide but see the problem is.. home pcs are hackable no matter what.

having a dedicated server lowers the risk by a lot XD

2. Why do you think Dedicated servers cannot be hacked that easily? Protected home computers and routers are way more secure than dedicated servers without any firewall.

Of course you need some knowledge of networking and firewalls etc.

3. XAMPP is nice, you only need to know how to configure it well, as Shortor said.

4. Why remove the Stones of Return??? Just make an own teleporter and give the Stones of Return that dialogue...


apart from that its a nice guide...

 

[Jangan]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

btw the don't run xampp one is pretty much shenanigans. it just takes a while to configure it good.

edit: lol there are easy ways to find out the ip. for example just dl the patch, connect to the server and type netstat -a

netstat-a oooh nice lol
well if you get a fake ip it will prevent people from hacking your computer =D you cant track down an ip that doesnt exist..

1. DMZ opens ALL ports, so you will need a good firewall then to block all standard closed ports (http, ftp, smtp, ...). In your small text you just say that if you run a lan and have DMZ on, the only possible "victim" will be the lan server where the DMZ is active, but THAT is your Kal server...

If ppl don't know how to open a port, don't let them run a server ^^



2. Why do you think Dedicated servers cannot be hacked that easily? Protected home computers and routers are way more secure than dedicated servers without any firewall.

Of course you need some knowledge of networking and firewalls etc.

3. XAMPP is nice, you only need to know how to configure it well, as Shortor said.

4. Why remove the Stones of Return??? Just make an own teleporter and give the Stones of Return that dialogue...


apart from that its a nice guide...

about the dmz, yeah i know thats why i said turn it on at your own risk.. makes it easier to open the needed ports, and yeah dedicated servers are hard to hack.

oh well as i said the guide isnt close to be done, im looking for more ways to secure "servers who run on home pc" =P hehe

 

[MILEKY]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

Yeah ban Foxx he's pro.

 

[foxx]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

stfu

 

[Jake]

Re: [Guide] Securing Your Server & Site & Stop Crashing MainSVR

netstat-a oooh nice lol
well if you get a fake ip it will prevent people from hacking your computer =D you cant track down an ip that doesnt exist..

WHHHHHHHAZZATTTAA?!!

Do you have any idea on what you just said? 'cos err, i never.

 

[Gerykatss]

Hi Everyone!

I am looking for some sites which are interested in some
link or banner exchange with my

You must be registered to see links

I have already recommended urls of site to a couple of friends

You must be registered to see links

and

You must be registered to see links

It's easy and we can start today!