Cyberage SA
Please Login or Register

Announcements

Portal Home > Announcements > Important security issues

Important security issues

24/03/2009 10:18

Due to more and more hacking attempts and one hacker actually managed to find a hole in the security of one server we decided to beef-up security even more on all servers.

One of our server IP addresses was also blacklisted on the sorbs.net spam-blacklist and we also have to take counter-measures to prevent something like that to happen again.

With this in mind please understand that there is a balance between security and features and you sometimes have to disable features to increase security and in this case we disabled the following features.

Box Trapper disabled

Box Trapper is a challenge / response filtering system where somebody that send you an email receive another email back asking them to click on a link to enable the original to bypass the filter.

Problem is that MOST spam is from spoofed, legimate email addresses and YOUR challenge email are therefore send to innocent third parties. Although it may stop most unwanted email for the person shielded by it, it generates more unwanted email for others resulting in your domain and the server IP address being blacklisted.

http://www.spamcop.net/fom-serve/cache/329.html

SMTP / POP 3 connection limit

The limit per smtp / pop 3 connections is set to 60 per hour so please ensure that your email client don’t check for new email less than every 5 minutes.  (Some people set their email checks to 1 minute and that create an almost instant connection with the server. Surely email AND SPAM is not so important that you cannot wait even 5 minutes between checks?)

Our servers have a VERY low load because it’s powerful and we don’t stuff our servers FULLLL of clients like most hosting companies in order to parse more blood (income) out of each server but still a few hundred email checks each minute is rather unnecessary.

Installed open source software

If you have any open source programs installed please make sure that it’s updated regularly.

Such programs is a HUGE security risk if not updated regularly with security and improvement patches so if you are unsure how to do it just let me know so that I can help.

Important

Please take note that the new server hardening software consist of hundreds of settings and several programs and that it will takes a while to get the various settings and BALANCE between features and security right.

If you experience any problem please feel free to sms or email me immediately.

<< Back

View RSS Feed


Quick Navigation

Client Login

Email

Password

Remember Me

Search


Home - Domain Names - Web Hosting - Website Shop - Disclaimer - Privacy - Terms & Conditions - Support
Owned by: Cyberage SA - Powered by: WHMCompleteSolution