Csf Erro.

[Igorzinho]

Check incoming MySQL port WARNING The TCP incoming MySQL port (3306) is open. This can pose both a security and server abuse threat since not only can hackers attempt to break into MySQL, any user can host their SQL database on your server and access it from another host and so (ab)use your server resources Check csf SMTP_BLOCK option WARNING This option will help prevent the most common form of spam abuse on a server that bypasses exim and sends spam directly out through port 25. Enabling this option will prevent any web script from sending out using socket connection, such scripts should use the exim or sendmail binary instead Check csf LF_SCRIPT_ALERT option WARNING

This option will notify you when a large amount of email is sent from a particular script on the server, helping track down spam scripts

Check SSH PasswordAuthentication WARNING For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication

Como solucionar esses 2 erros no csf!

[Pedro Sodre]

Verifique na configuração do CSF como está as opções:

SMTP_BLOCK

LF_SCRIPT_ALERT

Pelo o que eu li a porta 3306 está aberta, mas isso não é motivo para erro, acredito que a configuração tenha erros.

[Igorzinho]

SMTP_BLOCK = Default: 0 [0-1]

isso bloqueia o envio de emails.

Eu abri a porta 3306 pq alguns users não conseguiam acessar remotamente o mysql.

[Igorzinho]

Check SSH PasswordAuthentication WARNING For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication Check for cxs WARNING You should consider using cxs to scan web script and ftp uploads and user accounts for exploits uploaded to the server

[Visitante]

Check SSH PasswordAuthentication WARNING For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication Check for cxs WARNING You should consider using cxs to scan web script and ftp uploads and user accounts for exploits uploaded to the server

Seu "PasswordAuthentication" está em "yes".

Se quiser utilizar somente chaves, mude ele no /etc/ssh/sshd_config para "no" ;).

[Igorzinho]

Como seria o metodo de chave?

[Jordan Miguel]

Como seria o metodo de chave?

Você gera um par de chaves através do whm e com uma delas, pode acessar o servidor por SSH.

Veja: http://blog.brasilhosp.com.br/95-autenticacao-ssh-via-chave-publica.html

[Visitante]

Você gera um par de chaves através do whm e com uma delas, pode acessar o servidor por SSH.

Veja: http://blog.brasilho...ve-publica.html

http://forum.portaldohost.com.br/topic/5143-tutorial-gerando-chaves-pelo-puttygen/ ;).

[Igorzinho]

Check for cxs WARNING You should consider using cxs to scan web script and ftp uploads and user accounts for exploits uploaded to the server

Check incoming MySQL port WARNING The TCP incoming MySQL port (3306) is open. This can pose both a security and server abuse threat since not only can hackers attempt to break into MySQL, any user can host their SQL database on your server and access it from another host and so (ab)use your server resources

So tem agora esses dois erros.

[Igorzinho]

Isso realmente e milagroso? ConfigServer eXploit Scanner (cxs)