Jamroom Logo Jamroom 5 Core
is now Open Source!
archive home jamroom 4 downloads jamroom 4 support archive forum
You are viewing the Jamroom 4 Archive Site - please join us on the new Jamroom.net!
User Support Forum Archive (Read Only)
Third Party Products and Support:
To Bigguy... Security Measures For Server
charliejabaley



Joined: 01 May 2006
Posts: 415
Posted: 11/27/06 08:26 
Hello Bigguy... I know that you are extremely busy but im faced with a big problem that I need you advice on.

I own a site, not a jamroom site... That is about sneakers, and many many sites similar to mine have been hacked in the past few days... Mine has not. I am using wordpress... And the sites that have been hacked have been using wordpress, and it appears that the hackers were able to steal the domain names along with shutting down the ftp and servers and what not...

I know that you are very knowledable with security... What can I do to make sure that the hackers cannot hack the site, yet alone take the ftp account and domain names and transfer everything out of my name...

I have searched the wordpress forums and they are not offering much advise. The thing that worries me is that my site is on the same server/ftp as my jamroom site... Ive invested too much money into my jamroom site to have it all taken away...

the hackers are from a site called g00ns.net

I would appreciate some advice
Back to top
Brian
Jamroom Team


Joined: 09 Jul 2003
Posts: 37583
Location: Seattle, WA
Posted: 11/27/06 09:59 
Wow.. sorry to hear that!

To be totally honest with you, I really don't know enough about server level security to be offering any specific advice on how to secure your server - but I can say that if Wordpress is insecure, then you're going to need to get a patch from them, or ask them how to secure your installation. Unfortunately there's really nothing you can do if Wordpress has a security hole in it.

Here's some general rules I always try to follow:

1. Make sure you use a separate database, with separate user and password for each of your database applications. Make sure the password something VERY hard - since you don't log into this account regularly (its an application account), there no reason to NOT have at least a 15 character password made of letters, numbers and punctuation.

2. Shut down FTP on your server, and use SFTP if it is available (if you have an SSH account on your server, then you have SFTP). FileZilla is a good SFTP client.

3. Make sure and secure your Control Panel login by taking advantage of IP Address restrictions, etc.

4. Make sure you make good, regular backups.

5. make sure your provider is running the latest versions of the server software - i.e. they are keeping up with updates on your server.

Beyond that it is really about being diligent, and making sure you are keeping a good eye on your server.

Hope this helps!

- Brian


_________________
Make sure and check out:
* The Jamroom FAQ
* The Jamroom Documentation

Last edited by Brian on 11/27/06 10:05; edited 1 time in total
Back to top
charliejabaley



Joined: 01 May 2006
Posts: 415
Posted: 11/27/06 10:04 
okay... i need to talk to DJ about some of that then... Thank you
Back to top
Brian
Jamroom Team


Joined: 09 Jul 2003
Posts: 37583
Location: Seattle, WA
Posted: 11/27/06 10:05 
If you are on jbservers, then #4 and #5 are taken care of for you Wink

- Brian


_________________
Make sure and check out:
* The Jamroom FAQ
* The Jamroom Documentation
Back to top
Display posts from previous:   
User Support Forum Archive (Read Only)
Third Party Products and Support
 
Solutions
• Social Media Platform
• Social Networking Software
• Musician Website Manager
• Community Builder 		Products
• Jamroom Core
• Jamroom Addons
• Jamroom Modules
• Jamroom Marketplace 		Support
• Support Forum
• Documentation
• Support Center
• Contact Support 		Community
• Community Forum
• Member Sites
• Developers 		Company
• About Us
• Contact Us
• Privacy Policy
©2003 - 2010 Talldude Networks, LLC.