1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

help! How to secure my site from attacks

Discussion in 'Making Money' started by ariel1238a, Apr 27, 2016.

  1. ariel1238a

    ariel1238a Registered Member

    Joined:
    Jun 13, 2014
    Messages:
    85
    Likes Received:
    3
    my site host in a VPS .. Some time ago hackes or someone tried to bring down my site and unfortunately succeeded,
    because I had not use security against attacks like this.
    I'm looking for a service or a way to secure my site very well at an affordable price ..
    I will be happy to know this topic further, I'd love to hear some recommendations
    And how to prevent future attacks attempt to down my site
    *Thread may be opened in the wrong place
     
  2. Dsteam

    Dsteam Registered Member

    Joined:
    Jan 24, 2011
    Messages:
    63
    Likes Received:
    6
    Occupation:
    GB club
    Location:
    .EU
    Home Page:
    What CMS you use? re-name admin folder like "ad312min32232"
    try update all scripts, change root/users passwords on VPS (ssh, ftp, mysql etc.)
    If they ddos your VPS - so use cloudflare or incapsula they have cheap anti-ddos.
     
  3. virtualbyron

    virtualbyron Jr. VIP Jr. VIP

    Joined:
    May 11, 2014
    Messages:
    1,298
    Likes Received:
    830
    Occupation:
    WHITE HAT
    Home Page:
    Change you database prefix and the CHMOD of some file/repertory, and other few things (you can find easy tutorials for all that tips you need)
    Then you will need a powerful firewall, here you go https://sucuri.net
     
  4. ariel1238a

    ariel1238a Registered Member

    Joined:
    Jun 13, 2014
    Messages:
    85
    Likes Received:
    3
    So you both recommend to use an external service?
    And why it is necessary to replace passwords, etc.
    Thanks
     
  5. blackbrooke

    blackbrooke Regular Member

    Joined:
    Dec 10, 2010
    Messages:
    296
    Likes Received:
    37
    Secure your server by enabling firewall, install fail2ban many more. If you using WordPress, install security plugins I recommend plugins by ithemes
     
  6. iphoneino

    iphoneino Registered Member

    Joined:
    Mar 17, 2016
    Messages:
    91
    Likes Received:
    14
    Gender:
    Male
    Sorry, but you are supposed to do some research before launching your site.Search in many ways, if we are newbie to some fields so we need to investigate to be more informed.goodluck
     
  7. collegeguys4

    collegeguys4 Junior Member

    Joined:
    Feb 25, 2016
    Messages:
    124
    Likes Received:
    15
    Occupation:
    computer engineer
    Location:
    New York
    Home Page:
    I have been running my vps machines without getting hacked for many years now. here is what I recommend.

    use iptables to lock down the ports. if your on debian or ubuntu, there is another package you can install so it remebers the rules you set on a restart.

    do not use the firewall ufw, I had a problem once where an upgrade disabled it and my vps was sitting out there bare.

    as another poster mentioned, fail2ban is a good program to use. it will create iptable rules for a limited time against an attackers ip address if they try to do certain types of actions.

    make sure to setup ssh on your box with keys.

    do not try to create iptable rules for entire country ip ranges, it slows down the kernel too much and your vps will be sluggish.
     
  8. lestadt

    lestadt Newbie

    Joined:
    Dec 22, 2014
    Messages:
    25
    Likes Received:
    4
    Hi, if you use wordpress install the plugin Wordfence. I use the free version and he has delivered me from big headaches.
     
  9. bjadams

    bjadams Newbie

    Joined:
    May 10, 2016
    Messages:
    17
    Likes Received:
    1
    what tech are you using to build your site?