Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Contribs.org Forums
  3. General Discussion
  4. Topic: best security practice or inhancements like mod_security
« previous next »
Pages: [1]   Go Down

best security practice or inhancements like mod_security

  • 3 Replies
  • 1490 Views

Offline Tillebeck

  • ****
  • 76
  • +0/-0
best security practice or inhancements like mod_security
« on: February 19, 2014, 07:34:28 PM »
I have allways thought of the SME Server as a secure server... at least if yum update is run on a regular basis :-)

Is it more secure?
Question arrised after a clients Dedian server got hacked. None of mine SME servers ever got hacked... Have I been lucky or is the SME server 'better' when it comes to security? I have had SME servers with no majer modifications and no hacks for something like 10 years.

After looking into the Debion hack it was a php-cgi exploit Pharma Google hack. Recommandations to avoid it are amoing others:
  • remove php-cgi
  • install mod_security

But, SME server uses php-cgi as default, right? And no guide in wiki about mod_security so that is probably not used by particularly many SME server users...

Any good to disable php-cgi and install mode_security? Anything else that is good to do? How can SME Server get along with php cgi and no mod_security and still never be hacked?

Great server, isn't it :-) Just looking for an explanation for the succes in not beeing hacked and maybe a way to enhance it even more.
« Last Edit: February 19, 2014, 07:36:06 PM by Tillebeck »
Logged

Offline mmccarn

  • *
  • 2,651
  • +10/-0
Re: best security practice or inhancements like mod_security
« Reply #1 on: February 21, 2014, 02:03:27 PM »
php-cgi:
php-cgi was used by the PHP5 contrib for SME 7 to provide PHP5 to ibays.
There was a well-publicized vulnerability in php-cgi a while back, followed by quite a bit of discussion on the forums that included suggestions on what to do.

Personally I stick with SME server because I feel like the devs are *very* serious about security.

I recognize that every contrib or web application I install transfers security responsibility to me as the server administrator -- but the SME devs:
* have configured the core components with security in mind
* keep the core components up-to-date
* update the core configuration settings when appropriate
...which makes a huge difference in the security of the servers.

The cost, of course, is flexibility -- it's a bit harder to do whatever you want on a SME server, but in exchange you get increased security.
Logged

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: best security practice or inhancements like mod_security
« Reply #2 on: February 21, 2014, 11:09:18 PM »
Quote from: Tillebeck on February 19, 2014, 07:34:28 PM
But, SME server uses php-cgi as default, right?

No. It uses mod_php, to run webmail, and any PHP enabled i-bays.
Logged

Offline Tillebeck

  • ****
  • 76
  • +0/-0
Re: best security practice or inhancements like mod_security
« Reply #3 on: March 04, 2014, 10:59:23 AM »
Thanks a lot for the info.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Contribs.org Forums
  3. General Discussion
  4. Topic: best security practice or inhancements like mod_security