صفحه 1 از 2 12 آخرینآخرین
نمایش نتایج: از شماره 1 تا 10 , از مجموع 14

موضوع: منیج سرور

  1. #1
    مدیر کل Vahid آواتار ها
    تاریخ عضویت
    Aug 2008
    نوشته ها
    2,724
    تشکر تشکر کرده 
    435
    تشکر تشکر شده 
    6,958
    تشکر شده در
    2,085 پست

    پیش فرض منیج سرور

    Server Security (Apache, SSL, SSH, cP/WHM, Firewall, RootKit, DDoS Protection)
    /================================================== ============================== \
    -------------------------------:[Server Security]:--------------------------------
    \================================================= ============================== =/

    ###################################
    #-----------:[INFO]:--------------#
    #---------------------------------#
    #Title: "Server Security" #
    #Author: QKrun1x #
    #E-Mail: qkrun1x@hotmail.com #
    #Date: 2008-06-16 #
    ###################################


    ################################################## ############
    #-------------------------:[SUMMARY]:------------------------#
    #------------------------------------------------------------#
    #1) Upgrade Apache/PHP, MySQL, OpenSSH, OpenSSL, cP/WHM etc #
    #2) cP/WHM Configuration #
    #3) SSH Access #
    #4) Mod_Security #
    #5) Firewall #
    #6) DDoS Protection #
    #7) Rootkit #
    #8) PHP Configuration #
    #9) Other #
    #10)The End #
    ################################################## ############


    Hello to everybody, first of all I'm sorry for my bad english but is not my
    mother language.

    I wrote tutorial about webservers security, how to secure webservers...
    I use Cent OS 5, Apache and cP/WHM and I will explain how to secure them

    Let's start


    ################################################## ###########
    #
    1) Upgrade Apache/PHP, MySQL, OpenSSH, OpenSSL cP/WHM etc #
    #
    ################################################## ###########

    Update your Apache/PHP, MySQL, OpenSSH, OpenSSL, cP/WHM... and be sure that you running the latest secured version.


    ############################
    #
    2) cP/WHM Configuration #
    #
    ############################

    WHM - Server setup - Tweak Security:
    -------------------------------------
    Enable php open_basedir protection
    Enable mod_userdir protection
    Disable Compilers for all accounts(except root)
    Enable Shell Bomb/memory Protection

    WHM - Account Functions:
    -------------------------
    Disable cPanel Demo Mode
    Disable shell access for all accounts(except root)

    WHM - Service Configuration - FTP Configuration:
    -------------------------------------------------
    Disable anonymous FTP access

    WHM - MySQL:
    -------------
    Set some MySQL password(Don't set the same password like for the root access)
    -If you don't set MySQL password and if someone upload shell(E.G c99) on some site on server he will be able to login into db with username "root" without password
    and delete/edit/download any db on that server

    WHM - Server Setup:
    --------------------
    Go to Server Setup and enable suEXEC and PHPsuEXEC
    When PHP runs as an Apache Module it executes as the user/group of the webserver which is usually "nobody" or "apache".
    PHPsuEXEC changes this so scripts are run as a CGI. Than means scripts are executed as the user that created them.
    With PHPsuEXEC script permissions can't be set to 777(read/write/execute at user/group/world level)


    ###################
    #
    3) SSH Access #
    #
    ###################

    Change SSH port(set something like 1334)

    You can change it in /etc/ssh/sshd_conf

    There is a lot of script kiddiez with brute forcers and they will try to crack our ssh pass because they know username is root, port is 22
    But we are smarter, we changed SSH port
    Also, their "brute forcing" can reduce server load, that means our sites(hosted on that server) will be slower

    SSH Legal Message
    edit /etc/motd, write in motd something like that:
    "ALERT! That is a secured area. Your IP is logged. Administrator has been notified"

    When someone login into SSH he will see that message:
    ALERT! That is a secured area. Your IP is logged. Administrator has been notified

    And at the end restart SSH, type "service sshd restart" into SSH


    ####################
    #
    4) Mod_Security #
    #
    ####################

    Mod_Security is a web application firewall and he can help us to secure our sites against RFI, LFI, XSS, SQL Injection etc

    If you use cP/WHM you can easly enable Mod_security in WHM - Plugins - Enable Mod_Security and save

    Now I will explain how to install Mod_security from source.
    You can't install Mod_Security if you don't have libxml2 and http-devel libraries.
    Also, you need to enable mod_unique_id in apache modules, but don't worry, I will explain how to do it

    Login into SSH and type...

    ----------------------------------------------------
    yum install libxml2 libxml2-devel httpd-devel
    ----------------------------------------------------

    libxml2 libxml2-devel httpd-devel should be installed now

    then you need to edit httpd.conf file, you can find it here:
    /etc/httpd/conf/httpd.conf

    You need to add this in your httpd.conf file
    LoadModule unique_id_module modules/mod_unique_id.so

    Now download the latest version of mod_security for apache2 from http://www.modsecurity.org

    login into SSH and type...

    -----------------------------------------------------------------------------
    cd /root/downloads
    wget http://www.modsecurity.org/download/mods...1.7.tar.gz
    tar zxf modsecurity-apache_2.1.7.tar.gz
    cd modsecurity-apache_2.1.7
    cd apache2
    ------------------------------------------------------------------------------

    Now we need to edit Makefile, file is located here:
    /root/download/modsecurity-apache_2.1.7/apache2/

    change "top_dir =" with "top_dir = /usr/lib/httpd"

    then type:
    -------------------
    make
    make install
    -------------------


    ---------------------------------------------------------
    # /etc/httpd/conf/httpd.conf

    LoadModule unique_id_module modules/mod_unique_id.so
    LoadFile /usr/lib/libxml2.so
    LoadModule security2_module modules/mod_security2.so
    Include /etc/httpd/conf/modsecurity.conf
    ---------------------------------------------------------

    go at the end of httpd.conf and place an include for our config/rules file...
    Include /etc/httpd/conf/modsecurity.conf


    Content of /etc/httpd/conf/modsecurity.conf
    ------------------------------------------------------------------------------------------------------------------------
    <IfModule mod_security.c>
    # Only inspect dynamic requests
    # (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
    SecFilterEngine DynamicOnly

    # Reject requests with status 403
    SecFilterDefaultAction "deny,log,status:403"

    # Some sane defaults
    SecFilterScanPOST On
    SecFilterCheckURLEncoding On
    SecFilterCheckCookieFormat On
    SecFilterCheckUnicodeEncoding Off

    # Accept almost all byte values
    SecFilterForceByteRange 1 255

    # Server masking is optional
    # SecServerSignature "Microsoft-IIS/5.0"

    SecUploadDir /tmp
    SecUploadKeepFiles Off

    # Only record the interesting stuff
    SecAuditEngine RelevantOnly
    SecAuditLog logs/audit_log

    # You normally won't need debug logging
    SecFilterDebugLevel 0
    SecFilterDebugLog logs/modsec_debug_log

    # Only accept request encodings we know how to handle
    # we exclude GET requests from this because some (automated)
    # clients supply "text/html" as Content-Type
    SecFilterSelective REQUEST_METHOD "!^GET$" chain
    SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"

    # Require Content-Length to be provided with
    # every POST request
    SecFilterSelective REQUEST_METHOD "^POST$" chain
    SecFilterSelective HTTP_Content-Length "^$"

    # Don't accept transfer encodings we know we don't handle
    # (and you don't need it anyway)
    SecFilterSelective HTTP_Transfer-Encoding "!^$"

    # WEB-ATTACKS /bin/sh command attempt
    SecFilter "/bin/sh"

    # WEB-ATTACKS ps command attempt
    SecFilterSelective THE_REQUEST "/bin/ps"

    # WEB-ATTACKS /bin/ps command attempt
    # SecFilterSelective THE_REQUEST "ps\x20"

    # WEB-ATTACKS wget command attempt
    SecFilter "wget\x20"

    # WEB-ATTACKS uname -a command attempt
    SecFilter "uname\x20-a"

    # WEB-ATTACKS /usr/bin/id command attempt
    SecFilter "/usr/bin/id"

    # WEB-ATTACKS id command attempt
    SecFilter "\;id"

    # WEB-ATTACKS echo command attempt
    SecFilter "/bin/echo"

    # WEB-ATTACKS kill command attempt
    SecFilter "/bin/kill"

    # WEB-ATTACKS chmod command attempt
    SecFilter "/bin/chmod"

    # WEB-ATTACKS chgrp command attempt
    SecFilter "/chgrp"

    # WEB-ATTACKS chown command attempt
    SecFilter "/chown"

    # WEB-ATTACKS chsh command attempt
    SecFilter "/usr/bin/chsh"

    # WEB-ATTACKS tftp command attempt
    SecFilter "tftp\x20"

    # WEB-ATTACKS gcc command attempt
    SecFilter "gcc\x20-o"

    # WEB-ATTACKS cc command attempt
    #SecFilter "cc\x20"

    # WEB-ATTACKS /usr/bin/cpp command attempt
    SecFilter "/usr/bin/cpp"

    # WEB-ATTACKS cpp command attempt
    SecFilter "cpp\x20"

    # WEB-ATTACKS /usr/bin/g++ command attempt
    SecFilter "/usr/bin/g\+\+"

    # WEB-ATTACKS g++ command attempt
    SecFilter "g\+\+\x20"

    # WEB-ATTACKS bin/python access attempt
    SecFilter "bin/python"

    # WEB-ATTACKS python access attempt
    SecFilter "python\x20"

    # WEB-ATTACKS bin/tclsh execution attempt
    SecFilter "bin/tclsh"

    # WEB-ATTACKS tclsh execution attempt
    SecFilter "tclsh8\x20"

    # WEB-ATTACKS bin/nasm command attempt
    SecFilter "bin/nasm"

    # WEB-ATTACKS nasm command attempt
    SecFilter "nasm\x20"

    # WEB-ATTACKS /usr/bin/perl execution attempt
    SecFilter "/usr/bin/perl"

    # WEB-ATTACKS perl execution attempt
    SecFilter "perl\x20"

    # WEB-ATTACKS traceroute command attempt
    SecFilter "traceroute\x20"

    # WEB-ATTACKS ping command attempt
    SecFilter "/bin/ping"

    # WEB-ATTACKS netcat command attempt
    SecFilter "nc\x20"

    # WEB-ATTACKS nmap command attempt
    SecFilter "nmap\x20"

    # WEB-ATTACKS xterm command attempt
    SecFilter "/usr/X11R6/bin/xterm"

    # WEB-ATTACKS X application to remote host attempt
    SecFilter "\x20-display\x20"

    # WEB-ATTACKS lsof command attempt
    SecFilter "lsof\x20"

    # WEB-ATTACKS rm command attempt
    SecFilter "rm\x20"

    # WEB-ATTACKS mail command attempt
    SecFilter "/bin/mail"

    # WEB-ATTACKS /bin/ls command attempt
    SecFilterSelective THE_REQUEST "/bin/ls"

    # WEB-ATTACKS /etc/inetd.conf access
    SecFilter "/etc/inetd\.conf" log,pass

    # WEB-ATTACKS /etc/motd access
    SecFilter "/etc/motd" log,pass

    # WEB-ATTACKS /etc/shadow access
    SecFilter "/etc/shadow" log,pass

    # WEB-ATTACKS conf/httpd.conf attempt
    SecFilter "conf/httpd\.conf" log,pass

    # WEB-ATTACKS .htgroup access
    SecFilterSelective THE_REQUEST "\.htgroup" log,pass

    # WEB-CGI rksh access
    SecFilterSelective THE_REQUEST "/rksh"

    # WEB-CGI bash access
    SecFilterSelective THE_REQUEST "/bash" log,pass

    # WEB-CGI perl command attempt
    SecFilterSelective THE_REQUEST "/perl\?"

    # WEB-CGI zsh access
    SecFilterSelective THE_REQUEST "/zsh"

    # WEB-CGI csh access
    SecFilterSelective THE_REQUEST "/csh"

    # WEB-CGI tcsh access
    SecFilterSelective THE_REQUEST "/tcsh"

    # WEB-CGI rsh access
    SecFilterSelective THE_REQUEST "/rsh"

    # WEB-CGI ksh access
    SecFilterSelective THE_REQUEST "/ksh"

    # WEB-CGI icat access
    SecFilterSelective THE_REQUEST "/icat" log,pass

    # WEB-CGI /cgi-bin/ls access
    SecFilterSelective THE_REQUEST "/cgi-bin/ls" log,pass

    # WEB-CLIENT Javascript document.domain attempt
    SecFilter "document\.domain\("

    # WEB-CLIENT Javascript URL host spoofing attempt
    SecFilter "javascript\://"

    # WEB-MISC cross site scripting \(img src=javascript\) attempt
    SecFilter "img src=javascript"

    # WEB-MISC .htpasswd access
    SecFilter "\.htpasswd"

    # WEB-MISC http directory traversal
    SecFilter "\.\.\\"

    # WEB-MISC http directory traversal
    SecFilter "\.\./"

    # WEB-MISC ls%20-l
    SecFilter "ls\x20-l"

    # WEB-MISC /etc/passwd
    SecFilter "/etc/passwd"

    # WEB-MISC .htaccess access
    SecFilter "\.htaccess"

    # WEB-MISC cd..
    SecFilter "cd\.\."

    # WEB-MISC /.... access
    SecFilter "/\.\.\.\."

    # WEB-MISC cat%20 access
    SecFilter "cat\x20"

    # WEB-MISC long basic authorization string
    SecFilter "Authorization\: Basic "

    # WEB-MISC .history access
    SecFilterSelective THE_REQUEST "/\.history"

    # WEB-MISC .bash_history access
    SecFilterSelective THE_REQUEST "/\.bash_history"

    # WEB-MISC *%0a.pl access
    SecFilterSelective THE_REQUEST "/*\x0a\.pl"

    # WEB-MISC apache ?M=D directory list attempt
    SecFilterSelective THE_REQUEST "/\?M=D" log,pass

    # WEB-MISC server-status access
    SecFilterSelective THE_REQUEST "/server-status" log,pass

    # WEB-MISC Transfer-Encoding\: chunked

    SecFilter "chunked"

    # WEB-MISC perl post attempt
    SecFilterSelective THE_REQUEST "/perl/" chain
    SecFilter "POST"

    # WEB-MISC mod_gzip_status access
    SecFilterSelective THE_REQUEST "/mod_gzip_status" log,pass

    # WEB-PHP squirrel mail spell-check arbitrary command attempt
    SecFilterSelective THE_REQUEST "/squirrelspell/modules/check_me\.mod\.php" chain
    SecFilter "SQSPELL_APP\["

    # WEB-PHP squirrel mail theme arbitrary command attempt
    SecFilterSelective THE_REQUEST "/left_main\.php" chain
    SecFilter "cmdd="

    # WEB-PHP phpbb quick-reply.php arbitrary command attempt
    SecFilterSelective THE_REQUEST "/quick-reply\.php" chain
    SecFilter "phpbb_root_path="

    # WEB-PHP phpbb quick-reply.php access
    SecFilterSelective THE_REQUEST "/quick-reply\.php" log,pass
    SecFilterSelective THE_REQUEST "\.php" chain
    SecFilter "path=http\://"

    # WEB-PHP Mambo uploadimage.php upload php file attempt
    SecFilterSelective THE_REQUEST "/uploadimage\.php" chain
    SecFilter "\.php"

    # WEB-PHP Mambo upload.php upload php file attempt
    SecFilterSelective THE_REQUEST "/upload\.php" chain
    SecFilter "\.php"

    # WEB-PHP Mambo uploadimage.php access
    SecFilterSelective THE_REQUEST "/uploadimage\.php" log,pass

    # WEB-PHP Mambo upload.php access
    SecFilterSelective THE_REQUEST "/upload\.php" log,pass

    # WEB-PHP phpBB privmsg.php access
    SecFilterSelective THE_REQUEST "/privmsg\.php" log,pass

    # WEB-PHP test.php access
    SecFilterSelective THE_REQUEST "/test\.php" log,pass

    # WEB-PHP phpBB viewtopic.php
    SecFilterSelective THE_REQUEST "viewtopic.php" chain
    SecFilterSelective "THE_REQUEST|ARG_VALUES" "(system|exec|passthru|cmd|fopen|exit|fwrite)" deny,log

    # EXTRAS

    SecFilter "/boot"
    SecFilter "/dev"
    SecFilter "/etc"
    SecFilter "/initrd"
    SecFilter "/lost+found"
    SecFilter "/mnt"
    SecFilter "/proc"
    SecFilter "/root"
    SecFilter "/sbin"
    SecFilter "/tmp"
    SecFilter "/usr/local/apache"
    SecFilter "/var/spool"
    SecFilter "/bin/cc"
    SecFilter "/bin/gcc"
    SecFilter "<[[:space:]]*script"
    SecFilter "<(.|\n)+>"
    SecFilter "delete[[:space:]]+from"
    SecFilter "insert[[:space:]]+into"
    SecFilter "select.+from"

    </IfModule>
    ------------------------------------------------------------------------------------------------------------------------


    Now restart httpd, type "service httpd restart" into SSH


    #####################
    #
    5) Firewall #
    #
    #####################

    We will install APF (Advanced Policy Firewall) now...
    APF is a policy based iptables firewall system designed for ease of use and configuration

    Let's begin!

    Login into SSH and type
    ----------------------------------------------------------------
    cd /root/downloads
    wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
    tar -xvzf apf-current.tar.gz
    cd apf-0.9.5-1 // or whatever the latest version is
    ./install.sh
    ----------------------------------------------------------------

    --------------------------------------------------------
    Installing APF 0.9.5-1: Completed.

    Installation Details:
    Install path: /etc/apf/
    Config path: /etc/apf/conf.apf
    Executable path: /usr/local/sbin/apf
    AntiDos install path: /etc/apf/ad/
    AntiDos config path: /etc/apf/ad/conf.antidos
    DShield Client Parser: /etc/apf/extras/dshield/
    ---------------------------------------------------------

    Now we need to configure our new firewall...
    We need to edit apf.conf
    That is located here: /etc/apf/conf.apf

    If you use cP/WHM, like me, you need to configure apf like this(to we can access cP/WHM
    because firewall will block our cP/WHM ports and we will not be able to access cP/WHM)

    ----------------------------------------------------------------------------------------
    Common ingress (inbound) ports
    # Common ingress (inbound) TCP ports -3000_3500 = passive port range for Pure FTPD
    IG_TCP_CPORTS="21,22,25,53,80,110,143,443,2082,208 3, 2086,2087, 2095, 2096,3000_3500"
    #
    # Common ingress (inbound) UDP ports
    IG_UDP_CPORTS="53"

    Common egress (outbound) ports
    # Egress filtering [0 = Disabled / 1 = Enabled]
    EGF="1"

    # Common egress (outbound) TCP ports
    EG_TCP_CPORTS="21,25,80,443,43,2089"
    #
    # Common egress (outbound) UDP ports
    EG_UDP_CPORTS="20,21,53"
    -----------------------------------------------------------------------------------------

    Then... (apf.conf)

    ----------------------
    FIND: DEVM="1"
    CHANGE TO: DEVM="0"
    ----------------------

    now start apf, type in ssh

    -----------
    apf -s
    -----------

    Some other apf commands:
    ---------------------------
    apf -s - start apf
    apf -r - restart apf
    apf -f - flush firewall
    apf -st - firewall status
    apf -d IP - bann IP
    apf -u IP - unbann IP
    ---------------------------


    #########################
    #
    6) DDoS Protection #
    #
    #########################

    We will install mod_evasive and DDoS Deflate to prevent DDoS attacks on our server

    ###################
    # Mod Evasive #
    ###################

    ModEvasive module for apache offers protection against DDoS (denial of service attacks) on your server.

    To install it login into SSH and type

    ---------------------------------------------------------------------------------
    cd /root/dawnloads
    wget http://www.zdziarski.com/projects/mod_ev...0.1.tar.gz
    tar zxf mode_evasive-1.10.1.tar.gz
    cd mod_evasive

    then type...
    /usr/sbin/apxs -cia mod_evasive20.c
    ---------------------------------------------------------------------------------

    When mod_evasive is installed, place the following lines in your httpd.conf (/etc/httpd/conf/httpd.conf)

    --------------------------------
    <IfModule mod_evasive20.c>
    DOSHashTableSize 3097
    DOSPageCount 2
    DOSSiteCount 50
    DOSPageInterval 1
    DOSSiteInterval 1
    DOSBlockingPeriod 10
    </IfModule>
    --------------------------------


    ####################
    # DDoS Deflate #
    ####################

    Installation
    -----------------------------------------------------------
    wget http://www.inetbase.com/scripts/ddos/install.sh
    chmod 0700 install.sh
    ./install.sh
    -----------------------------------------------------------

    Uninstalling
    -----------------------------------------------------------
    wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
    chmod 0700 uninstall.ddos
    ./uninstall.ddos
    -----------------------------------------------------------


    ###################
    #
    7) Rootkit #
    #
    ###################

    Ok, we will install RKHunter now:

    Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools.
    This tool scans for rootkits, backdoors and local exploits by running tests like:
    - MD5 hash compare
    - Look for default files used by rootkits
    - Wrong file permissions for binaries
    - Look for suspected strings in LKM and KLD modules
    - Look for hidden files
    - Optional scan within plaintext and binary files

    Instalation:

    Login into SSH and type

    -----------------------------------------------------------
    cd /root/downloads
    wget http://downloads.rootkit.nl/rkhunter-1.2.7.tar.gz
    tar -zxvf rkhunter-1.2.7.tar.gz
    cd rkhunter-1.2.7
    ./installer.sh
    -----------------------------------------------------------


    ############################
    #
    8) PHP Configuration #
    #
    ############################

    We need to edit php.ini
    php.ini is located here /usr/local/lib/php.ini
    ----------------------------------------------------------
    safe_mode = On
    expose_php = Off
    magic_quotes = On
    register_globals = off
    display errors = off
    disable_functions = show_source, system, proc_terminate,
    shell_exec, exec, passthru, proc_open, phpinfo, popen
    -----------------------------------------------------------

    Or if you running cP/WHM you can configure it here:

    WHM - Service Configuration - PHP Configuration Editor


    ###############
    #
    9) Other #
    #
    ###############

    If you use bind DNS server then we need to edit named.conf file
    named.conf is located here: /etc/named.conf

    and add
    recursion no; under Options
    ----------------------------
    Options{
    recursion no;
    ----------------------------

    Now restart bind
    type into SSH
    -----------------------
    service named restart
    -----------------------

    That will prevent lookups from dnstools.com and similar services and reduce server load

    Now we will prevent IP spoofing, to do it we need to edit host.conf file
    This file is located here: /etc/host.conf
    Add that in host.conf
    ------------------
    order bind,hosts
    nospoof on
    ------------------

    Hide the Apache version number:

    edit httpd.conf (/etc/httpd/conf/httpd.conf)
    -----------------------
    ServerSignature Off
    -----------------------

    Disable telnet:

    Edit file: /etc/xinetd.d/telnet
    ------------------
    disable = yes
    ------------------

    ###############
    #
    10) The End #
    #
    ###############

    This is the end of my paper about "Server Security" and I hope that will help you to make your server secure

    Thanks

    برای پیش رفت در علم آسانسوری وجود ندارد پله ها را باید پیاده رفت /./ همیشه این یادتان باشد که دست بالای دست بسیار است.
    يادمان باشد براي يك بار ايستادن صد ها بار افتاده ايم /./ بک آپ مهمترین رمز موفقیت هاستینگ /./ امنیت مطلق نیست.
    ارتباط مستقیم با من :
    Admin -{(@)}- WebHostingTalk . ir

  2. تعداد تشکر ها ازVahid به دلیل پست مفید


  3. # ADS




     

  4. #2
    عضو انجمن
    تاریخ عضویت
    Nov 2008
    محل سکونت
    مشهد
    نوشته ها
    198
    تشکر تشکر کرده 
    1
    تشکر تشکر شده 
    200
    تشکر شده در
    111 پست

    پیش فرض پاسخ : منیج سرور

    فکر میکردم زبون این انجمن فارسیه!‌
    System Administrator

  5. تعداد تشکر ها ازMozafary به دلیل پست مفید


  6. #3
    مدیر کل Vahid آواتار ها
    تاریخ عضویت
    Aug 2008
    نوشته ها
    2,724
    تشکر تشکر کرده 
    435
    تشکر تشکر شده 
    6,958
    تشکر شده در
    2,085 پست

    پیش فرض پاسخ : منیج سرور

    am is are
    دیگه نمی خواد فارسی بشه که ....
    برای پیش رفت در علم آسانسوری وجود ندارد پله ها را باید پیاده رفت /./ همیشه این یادتان باشد که دست بالای دست بسیار است.
    يادمان باشد براي يك بار ايستادن صد ها بار افتاده ايم /./ بک آپ مهمترین رمز موفقیت هاستینگ /./ امنیت مطلق نیست.
    ارتباط مستقیم با من :
    Admin -{(@)}- WebHostingTalk . ir

  7. تعداد تشکر ها از Vahid به دلیل پست مفید


  8. #4
    عضو انجمن
    تاریخ عضویت
    Apr 2009
    نوشته ها
    186
    تشکر تشکر کرده 
    143
    تشکر تشکر شده 
    83
    تشکر شده در
    65 پست

    پیش فرض پاسخ : منیج سرور

    am is are
    دیگه نمی خواد فارسی بشه که ....
    پس حلا که فارسی نمیگید لطف کنید و منبعی که ازش کپی می کنید رو هم بگید

  9. تعداد تشکر ها از Parshosts به دلیل پست مفید


  10. #5
    مدیر کل Vahid آواتار ها
    تاریخ عضویت
    Aug 2008
    نوشته ها
    2,724
    تشکر تشکر کرده 
    435
    تشکر تشکر شده 
    6,958
    تشکر شده در
    2,085 پست

    پیش فرض پاسخ : منیج سرور

    شما میتونید توی گوگل سرچ کنید و پیدا کنید
    چون منابع زیادی هست
    برای پیش رفت در علم آسانسوری وجود ندارد پله ها را باید پیاده رفت /./ همیشه این یادتان باشد که دست بالای دست بسیار است.
    يادمان باشد براي يك بار ايستادن صد ها بار افتاده ايم /./ بک آپ مهمترین رمز موفقیت هاستینگ /./ امنیت مطلق نیست.
    ارتباط مستقیم با من :
    Admin -{(@)}- WebHostingTalk . ir

  11. تعداد تشکر ها از Vahid به دلیل پست مفید


  12. #6
    عضو انجمن
    تاریخ عضویت
    Jan 2009
    محل سکونت
    تهران
    نوشته ها
    436
    تشکر تشکر کرده 
    70
    تشکر تشکر شده 
    542
    تشکر شده در
    412 پست

    پیش فرض پاسخ : منیج سرور

    بسیار خوب است

  13. تعداد تشکر ها از Nikan به دلیل پست مفید


  14. #7
    عضو انجمن Nikihost آواتار ها
    تاریخ عضویت
    Aug 2008
    محل سکونت
    Y@ZD/...
    نوشته ها
    511
    تشکر تشکر کرده 
    248
    تشکر تشکر شده 
    532
    تشکر شده در
    387 پست

    پیش فرض پاسخ : منیج سرور

    يه سوال در مورد فايروال
    ما ازمجازي Open vz استفاده ميكنيم . فيروالي كه همخواني داشته باشه با vz كسي سراغ داره.
    Csf طبعتا گير داره با Cpanel/Whm .
    فايروال ديگري سراغ دارين ؟
    و اينكه apf چطوره ؟


  15. تعداد تشکر ها از Nikihost به دلیل پست مفید


  16. #8
    مدیر کل Vahid آواتار ها
    تاریخ عضویت
    Aug 2008
    نوشته ها
    2,724
    تشکر تشکر کرده 
    435
    تشکر تشکر شده 
    6,958
    تشکر شده در
    2,085 پست

    پیش فرض پاسخ : منیج سرور

    با Mod security کار کنید
    برای پیش رفت در علم آسانسوری وجود ندارد پله ها را باید پیاده رفت /./ همیشه این یادتان باشد که دست بالای دست بسیار است.
    يادمان باشد براي يك بار ايستادن صد ها بار افتاده ايم /./ بک آپ مهمترین رمز موفقیت هاستینگ /./ امنیت مطلق نیست.
    ارتباط مستقیم با من :
    Admin -{(@)}- WebHostingTalk . ir

  17. تعداد تشکر ها از Vahid به دلیل پست مفید


  18. #9
    Amir
    Guest

    پیش فرض پاسخ : منیج سرور

    csf اتفاقا خوراك cpanel/whm هست
    اما apf نسبت به ديگر فايروال ها سازگارتر با ديگر برنامه هاست
    تفاوت چنداني ندارند

  19. #10
    مدیر کل Vahid آواتار ها
    تاریخ عضویت
    Aug 2008
    نوشته ها
    2,724
    تشکر تشکر کرده 
    435
    تشکر تشکر شده 
    6,958
    تشکر شده در
    2,085 پست

    پیش فرض پاسخ : منیج سرور

    مشکل اینه csp یا apf یا ویپی اس های openvz مشکل داره
    و دان میکنه
    برای پیش رفت در علم آسانسوری وجود ندارد پله ها را باید پیاده رفت /./ همیشه این یادتان باشد که دست بالای دست بسیار است.
    يادمان باشد براي يك بار ايستادن صد ها بار افتاده ايم /./ بک آپ مهمترین رمز موفقیت هاستینگ /./ امنیت مطلق نیست.
    ارتباط مستقیم با من :
    Admin -{(@)}- WebHostingTalk . ir

  20. تعداد تشکر ها از Vahid به دلیل پست مفید


صفحه 1 از 2 12 آخرینآخرین

اطلاعات موضوع

کاربرانی که در حال مشاهده این موضوع هستند

در حال حاضر 1 کاربر در حال مشاهده این موضوع است. (0 کاربران و 1 مهمان ها)

مجوز های ارسال و ویرایش

  • شما نمیتوانید موضوع جدیدی ارسال کنید
  • شما امکان ارسال پاسخ را ندارید
  • شما نمیتوانید فایل پیوست کنید.
  • شما نمیتوانید پست های خود را ویرایش کنید
  •