This article only serves to give you a brief overview of the\nsecurity flaws on the servers and to show you the possibilities which are open\nto you to analyze the errors.<\/p>\n\n\n\n
Furthermore, compromised server structures are too complex\nto describe clear ways to solve your problems.<\/p>\n\n\n\n
If you have little experience in server administration, we\nrecommend that you use analysis tools.<\/p>\n\n\n\n
Checkrootkit: http:\/\/www.chkrootkit.org\/ <\/p>\n\n\n\n
Rootkit Hunter: http:\/\/www.rootkit.nl\/projects\/rootkit_hunter.html<\/p>\n\n\n\n
Tip<\/strong> : we also recommend that you install the SSH service on your Linux server even more securely and offer you, as a user manual, the following article from the FAQ of STRATO FAQ: How can I install, even more securely, the SSH service on a Linux server?<\/p>\n\n\n\n The software \/ services installed on the server (qmail,\nApache, FTP, MySQL, etc.) can present security vulnerabilities. It is very\neasily possible for third parties to know which software is installed on your\nserver (example: nmap -A HOST [indicates open ports and which software \/\nsoftware version is running on this port]). In the event of known security\nbreaches, burglary is then relatively easy.<\/p>\n\n\n\n Preventive measures you should pay attention to<\/strong> : regular updates of the software you use. In general, we can say that security holes are very often\npresent on dynamic websites. Most content management systems, forums,\nblogs, boards, etc. offer file upload possibilities (Joomla, Mambo,\nPostNuke, phpBB, TYPO3, WordPress, etc.).<\/p>\n\n\n\n It is therefore possible that faulty files are encrypted on\nthe server. Security flaws can however also come from poor programming of\nthese dynamic systems. Regarding the usual content management systems, security\nvulnerabilities are detected and patches are offered quickly. This is why\nwe recommend that you regularly update the systems you use.<\/p>\n\n\n\n Bad PHP settings can also cause security breaches. This\nis especially true for the options register_globals and safe_mode.<\/p>\n\n\n\n If the PHP option register_globals is activated (ON), it is\nrelatively easy for third parties to encrypt the PHP code (manipulation of the\nvariable, injection of the code). This is the reason why it is recommended\nhere to set this value to OFF.<\/p>\n\n\n\n This also applies to the PHP option safe_mode. If the\nsafe_mode option is OFF, third parties can also compromise the\nserver. This is why we recommend that you also activate the safe_mode\noption here. An even safer alternative would be to use PHP as a program\n(suPHP) instead of the Apache module. You should first try to identify the process. To do\nthis, focus on the following points:<\/p>\n\n\n\n This article only serves to give you a brief overview of the security flaws on the servers and to show you the possibilities which are open to you to analyze the errors. Furthermore, compromised server structures are too complex to describe clear ways to solve your problems. If you have little experience in server administration, […]<\/p>\n","protected":false},"author":1,"featured_media":2797,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[210],"tags":[226,150,225,224,223],"class_list":["post-2796","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-hardening","tag-security","tag-security-hardening","tag-security-and-hardening","tag-server-security"],"jetpack_publicize_connections":[],"yoast_head":"\nSecurity breaches: <\/strong><\/h2>\n\n\n\n
1. Installed software <\/strong><\/h4>\n\n\n\n
<\/p>\n\n\n\n2. Dynamic websites <\/strong><\/h4>\n\n\n\n
3. PHP settings<\/strong><\/h4>\n\n\n\n
\n
\nWhat to do when the server is compromised?<\/p>\n\n\n\n