Categories
- Apache (3)
- Black Holes (2)
- Cpanel Hosting (29)
- DNS (1)
- Domains (2)
- ENSIM (1)
- EXIM (5)
- Fun (3)
- Googlism (4)
- Hacking Truths (5)
- Linux (25)
- MySQL (3)
- Open Source (1)
- Page Rank (3)
- Perl (1)
- PHP (2)
- Search Engine (2)
- SEO (5)
- Server Security (18)
- Uncategorized (5)
- VPS / OpenVZ (7)
- web Hosting (9)
- Web Technologies (4)
- Web-Crawler (4)
Recent Posts
- Firefox tweaks.
- Types of Proxies
- NASA Planning to setup City on the moon till 2024 ..
- How do I secure the pnTemp folder with .htaccess.
- How to block IP address on server using Iptables or Ipchains ?
- How to install ASP (Apache::ASP) on cPanel
- Email account disk usage incorrect
- What is Spam Assassin and How it is work ?
- How to convert mbox to maildir
- How to check DDos attack on server ?
Links
Add SPF Record in DNS zone file
Posted on September 22nd, 2006 by Admin.
Categories: Cpanel Hosting, Server Security, DNS.
Greetings Guys ,
To add SPF record to the domain’s Zone file ..do following..
1. Edit Zone file of that Domain
2. add this line
domainname.com 14400 IN TXT “v=spf1 a mx ptr ~all”
That’s all ..
Cheers 
Kyle
Set Time stamp in History command
Posted on September 22nd, 2006 by Admin.
Categories: Cpanel Hosting, Server Security, Linux.
Greetings ,
Just type ….
HISTTIMEFORMAT=”%D %T ”
To set Date and Time format for History command and figure out who and when fired what command
Cheers ,
Kyle
What is Domain Hijacking and how to Prevent it
Posted on September 18th, 2006 by Admin.
Categories: Hacking Truths, Server Security, Domains.
Greetings ,
What is Domain Hijacking and how to Prevent it …
Losing a domain is an incredibly frustrating experience for domain owners. This article will help explain how this happens, and how you can keep it from happening to you.
There are three main ways that people lose domain names:
1. An owner allows the domain registration to lapse
2. A domain is stolen after a hijacker gains access to the registry record
3. An owner does not keep up-to-date contact information in their record and their record is deleted after the registrar concludes that contact with the owner is not possible
The good news is that there are steps you can take to keep this from happening to you. The most basic way to avoid loosing your domain is to keep track of expiration dates and maintain your contact information. One smart way to do this is to consolidate your domains at one high-quality registrar. This allows you to manage a domain portfolio more easily and comprehensively. But remember, your domain can be deleted if your contact data is out of date. Registrars now have to verify ownership annually.
A second and related tip is to make sure that you are listed as the Administrative Contact, also known as the “admin-c”. If it is a corporate domain name, then make sure the business owner or a senior executive is the Administrative Contact; this person is authorized to modify the site, the records, and he or she can change the domain’s ownership.
Next, it is important to use a paid email account for your Administrative Contact email address whenever possible. Free email addresses can be suspended or deleted. If this happens, you will not receive notices from your registrar for renewal, and someone else could register that email address and then use it to request a domain transfer.
You can also place a registrar lock on your domain. This can help prevent it from being transferred, modified, or deleted by a third party. It is also important that you make sure your registrar gives you the ability to unlock your domain at any time without having to call or email them. Otherwise, when you sell a domain name you will have to wait for someone at the registrar to process your request, and then the transfer will take more time, and most importantly, it will take more time for you to receive your payment.
It is also important for you to be an educated email user. Never respond to emails that ask you to click on a link or respond without investigating the source and fully understanding the e-mail’s contents. Be especially careful with domain-related emails that look official but are from an unknown source. Contact your registrar to find out what is happening and if the email is from them. Domain hijackers have been known to send out mass transfer requests hoping that a small number of people will actually accept the transfer request. Do not let yourself fall prey to this type of scam.
Another step you can take to make sure you do not lose your domain is putting your registrar on your email list of “approved senders”. This will ensure that you receive emails from your registrar, including the all important registry renewal notices.
Finally, on a related note, it is a good idea to renew your domain early and for long periods of time. Registrars are allowing domain owners to register their domains for longer periods of time and at more competitive prices.
Protect your domains by following these guidelines:
1) Keep track of expiration dates and keep your contact information up-to date. (Consider domain consolidation.)
2) Make sure you are listed as the Administrative Contact so that only you can modify the domain record or change ownership.
3) Try to avoid using free-email addresses.
4) Make use of registrar locks over which you have control.
5) Be an educated email user: investigate email senders and email contents.
6) Place your registrar on your “approved sender” email list and have emails from them go straight to your inbox.
7) Renew your domain early and for long periods of time.
Cheers,
Kyle
Disable Telnet
Posted on September 18th, 2006 by Admin.
Categories: Hacking Truths, Cpanel Hosting, Server Security, Linux.
Greetings ,
To disable Tenlet to your BOX …
# vi /etc/xinetd.d/telnet
change disable = no to disable = yes
Save and Exit
# /etc/init.d/xinetd restart
Cheers ,
Kyle
Disable PING to server
Posted on September 18th, 2006 by Admin.
Categories: Hacking Truths, Cpanel Hosting, Server Security.
Greetings ,
Well known internet tool to check if a machine is running is PING. Many users wants to disable PING to avoid detection or to keep away from Hackers.
You can use following command to disable PING:
echo “1″ >> /proc/sys/net/ipv4/icmp_echo_ignore_all
The following command we enable PING for you:
echo “0″ >> /proc/sys/net/ipv4/icmp_echo_ignore_all
Cheers,
Disable PHP for particular user
Posted on September 17th, 2006 by Admin.
Categories: Cpanel Hosting, Server Security, Apache, PHP.
Greetings guys ,
To disable PHP for a particular user on a Linux server , Put the following code in a .htaaccess file for that user as :
php_flag engine off
Also you can add following code for that in tag of taht particular domain in server’s httpd.conf .
php_admin_flag engine off
Cheers ,
Kyle,
Exim Extended login to catch Spammer
Posted on September 16th, 2006 by Admin.
Categories: Cpanel Hosting, Server Security, EXIM.
Greetings guys ,
To catch Spammer on your server you can enable extended loggin in exim to trace nobody mails. Try the following trick .
1. Edit /etc/exim.conf
2. On the second line add :
log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn \
Make sure all that comes on a single line.
3. Save and exit.
4. Restart Exim.
Now notice the exim_mainlog carefully , and you have Spammer caught Redhanded .
Cheers ,
Admin ,
444 Script or Action Blocked - SecurePHPx v1.0
Posted on September 16th, 2006 by Admin.
Categories: Cpanel Hosting, Server Security, Apache.
Greetings Guys ,
if you ever get the error “444 Script or Action Blocked - SecurePHPx v1.0″ on your site then just do as ….
You have to add domain to SecurePHPx whitelist by editing the file /usr/lib/php/php_whitelist. Just enter the domain in this file once with www & once without www. That’s it …
Cheers : )
Admin ,