Clicky

Jump to content
  • Sign Up
Sign in to follow this  
Igorzinho

Csf Erro.

Recommended Posts

Check incoming MySQL port WARNING The TCP incoming MySQL port (3306) is open. This can pose both a security and server abuse threat since not only can hackers attempt to break into MySQL, any user can host their SQL database on your server and access it from another host and so (ab)use your server resources Check csf SMTP_BLOCK option WARNING This option will help prevent the most common form of spam abuse on a server that bypasses exim and sends spam directly out through port 25. Enabling this option will prevent any web script from sending out using socket connection, such scripts should use the exim or sendmail binary instead Check csf LF_SCRIPT_ALERT option WARNING

This option will notify you when a large amount of email is sent from a particular script on the server, helping track down spam scripts

Check SSH PasswordAuthentication WARNING For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication

Como solucionar esses 2 erros no csf!

Share this post


Link to post
Share on other sites

Verifique na configuração do CSF como está as opções:

SMTP_BLOCK

LF_SCRIPT_ALERT

Pelo o que eu li a porta 3306 está aberta, mas isso não é motivo para erro, acredito que a configuração tenha erros.


Recomendo: MobaXterm

Share this post


Link to post
Share on other sites

SMTP_BLOCK = Default: 0 [0-1]

isso bloqueia o envio de emails.

Eu abri a porta 3306 pq alguns users não conseguiam acessar remotamente o mysql.

  • Like 1

Share this post


Link to post
Share on other sites

Check SSH PasswordAuthentication WARNING For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication Check for cxs WARNING You should consider using cxs to scan web script and ftp uploads and user accounts for exploits uploaded to the server

Share this post


Link to post
Share on other sites

Check SSH PasswordAuthentication WARNING For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication Check for cxs WARNING You should consider using cxs to scan web script and ftp uploads and user accounts for exploits uploaded to the server

Seu "PasswordAuthentication" está em "yes".

Se quiser utilizar somente chaves, mude ele no /etc/ssh/sshd_config para "no" ;).

Share this post


Link to post
Share on other sites

Como seria o metodo de chave?

Você gera um par de chaves através do whm e com uma delas, pode acessar o servidor por SSH.

Veja: http://blog.brasilhosp.com.br/95-autenticacao-ssh-via-chave-publica.html


BrasilHOSP | Hospedagem de Sites, Revenda de Hospedagem, Servidores Virtuais e Streaming! - http://www.brasilhosp.com.br/ / http://www.rvcore.com/

NetGerencia | Gerenciamento de Servidores, Cloud Server Gerenciado. - http://www.netgerencia.com.br/

Share this post


Link to post
Share on other sites

Check for cxs WARNING You should consider using cxs to scan web script and ftp uploads and user accounts for exploits uploaded to the server

Check incoming MySQL port WARNING The TCP incoming MySQL port (3306) is open. This can pose both a security and server abuse threat since not only can hackers attempt to break into MySQL, any user can host their SQL database on your server and access it from another host and so (ab)use your server resources

So tem agora esses dois erros.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.




×
×
  • Create New...