Maybe hack on servers pw1.5.1

[Gorki]

My question is as follows:

I have a server pw1.5.1. Recently I discovered that some members were able to hack into my pwadmin and perform duper.
Besides, I also discovered they can make server disconnected.

and I have yet to find the cause and a solution.
So there could actually hack on servers pw1.5.1

and how to hack and how to prevent it happens.
thank you.:8:

 

[Swoosh91]

Yeah. Don't leave your tomcat open, pretty simple. Don't run a server if you can't even secure that - or don't use iweb/pwadmin at all.

 

[Bola]

Learn the basic rules and write a firewall, keep a port open for ssh, if your ip is stable, lock port to only you access ssh, do the same for tomcat, and then leave only open perfect world port, also take care for backdoor and bad setup server files ( there a lot around community ) also, please, don't be like lvdrake don't be dumb and use phpmyadmin he is the best example about how dumb and stupid, humanity can be

 

[GiantAxe]

My question is as follows:

I have a server pw1.5.1. Recently I discovered that some members were able to hack into my pwadmin and perform duper.
Besides, I also discovered they can make server disconnected.

and I have yet to find the cause and a solution.
So there could actually hack on servers pw1.5.1

and how to hack and how to prevent it happens.
thank you.:8:

.....you have no clue what pwAdmin/iweb is do you.
its not some some site you should have running openly for everyone to access, its a server management system. you can fully wipe databases,ban,mute,send items, modify exp rates and a whole lot more.

Like swoosh says, if you can't even secure a server do not use tomcat at all.

 

[bhashana]

for you small solution. just hide pwadmin and if you are using phpmyadmin use htpasswd. still can get some problem. keep google

 

[Swoosh91]

for you small solution. just hide pwadmin and if you are using phpmyadmin use htpasswd. still can get some problem. keep google

If you are using phpmyadmin, you have a far larger problem, and that is sucking. I know of no cases where it's actually still used in a production system.

 

[GiantAxe]

If you are using phpmyadmin, you have a far larger problem, and that is sucking. I know of no cases where it's actually still used in a production system.

I know of 1 case, and they suffered greatly because of it

As for

just hide pwadmin

good luck with that pal, people will just do a port scan and find wichever port you are trying to hide it on.

If you really have no clue about security I strongly recommend to first get familiar with firewalld or iptables (2 most used firewalls anyway,iptables on ubuntu, firewalld on centos)

Option 2 is to make tomcat only listen on 127.0.0.1 and use a SSH tunnel to access it.

 

[Deron]

Do restriction on port pwAdmin, that was only the connection from your IP.
Edit the rc.local file
iptables -A INPUT -p tcp -s your IP -j ACCEPT
iptables -A INPUT -p tcp --dport port pwAdmin -j DROP

 

[Swoosh91]

Do restriction on port pwAdmin, that was only the connection from your IP.
Edit the rc.local file
iptables -A INPUT -p tcp -s your IP -j ACCEPT
iptables -A INPUT -p tcp --dport port pwAdmin -j DROP

Having a static IP helps.

Guys, the only way to do this correctly is by having a VPN service running where you can connect to, and from then on everything security relevant listens to requests coming from LAN only. Get that poop off the WAN.

 

[bhashana]

Guys i think he dont understand what you guys saying. thats why i said "for you small solution".

 

[GiantAxe]

Guys i think he dont understand what you guys saying. thats why i said "for you small solution".

In all honestly, if he doesn't even have the most basic knowledge on how to setup a firewall to secure his server he shouldn't even be trying to run a server to begin with.
And thats not just for his sake, but for the sake and safety for anyone who might register at such a server and suddenly find their account credentials being stolen due to a incompetency at the security front.

 

[Swoosh91]

In all honestly, if he doesn't even have the most basic knowledge on how to setup a firewall to secure his server he shouldn't even be trying to run a server to begin with.
And thats not just for his sake, but for the sake and safety for anyone who might register at such a server and suddenly find their account credentials being stolen due to a incompetency at the security front.

You are describing 99% of the Pserver "developers"

 

[GiantAxe]

You are describing 99% of the Pserver "developers"

Sadly thats the truth yea...
99% of them aren't even developers (I get why you quoted that, sarcasm), they just use the tools already made and still struggle on how to do stuff.
Tbh I don't even know why im bothering commenting here (as in, the PW Section in general) anymore these days, because the actual relevant topics between actual devs are far and few here.

afaik enough going offtopic I guess (even though competency is totally related to this topic)

 

[hrace009]

My question is as follows:

I have a server pw1.5.1. Recently I discovered that some members were able to hack into my pwadmin and perform duper.
Besides, I also discovered they can make server disconnected.

and I have yet to find the cause and a solution.
So there could actually hack on servers pw1.5.1

and how to hack and how to prevent it happens.
thank you.:8:

setup your open VPN server with secure key and cert.

Open for public port: PWPORT (29000 by default), and OPENVPN Port (1194 by default).
Open all port only for you trough OPENVPN Connection.

arghhhh i don't know how to explain it with human words... the basic is just like that.