Hello guys,

I have a server at ThePlanet... (UNIX). The problem is that the sites that I'm hosting are being hacked.. mostly the PHP sites.. scripts..

Can you suggest me how to protect the server? The PLESK?


All suggessions will be highly appreciated.


Thanks for time.

What Scripts? What PHP Software? Maybe it is outdated php board/blog ... software?

mostly wordpress. photokorn & creloaded. we're installing everything correctly.. with the correct folder/file rights..

You could install:

Firewall: CSF (http://www.configserver.com/cp/csf.html), APF (http://rfxnetworks.com/apf.php), ASL (http://www.atomicrocketturtle.com)
Protection Tools: MOD Security (http://www.modsecurity.org/), MOD Evasive, fail2ban (http://www.fail2ban.org/wiki/index.php/Main_Page), BFD (http://www.rfxnetworks.com/bfd.php)

Importent: Keep your Software (Plesk, PHP, Wordpress ...) uptodate. Running PHP in safe mode (could help maybe)!

What distro are you using? You can check with the following:

cat /etc/redhat-release

What kind of applications are your sites configured with?

The best thing is to buy Atomic Secured Linux (http://www.atomicrocketturtle.com/Joomla/content/view/137/34/)

It is more than a Firewall! Its a full package of security and always uptodate! I love it!

as a basic level of defense, APF, BFD, Mod_Security, Mod_evassive, and upgrade php with ART's rpm's and install suoshin.

its not a definitive solution, but will help a bit.

Just install ASL and you are done :)