Indlela yokubona ukuba sesichengeni kweVestaCP 0-day?Lungisa/uPhucule kunye noHlaziyo lweMiyalelo

VestaCPIphaneli yokulawula ifumana ubunzima beentsuku ezi-0:

• Iingxelo zangoku zibonakalisa ubuthathaka kwi-VESTA API evumela ukuba ikhowudi iqhutywe njenge-ROOT.
• I-wave yokuqala kuthiwa yenzeke ngo-Aprili 2018, 4.
• Iseva eyosulelekileyo ifunyenwe, isebenza nge-2018 ka-Epreli 4 /usr/lib/libudev.so Qala i-DDoS ye-remote host.

Ngokusekwe kuqwalaselo ukuza kuthi ga ngoku, xa umncedisi esulelekile, isetyenziselwa ukuthumela uhlaselo lweDDoS.

Ukubona ubuthathaka

Njani ukubona ukuba wosulelwe VestaCP 0-day Trojan?

• Landela la manyathelo angezantsi ukuze ubone ukuba umncedisi wakho wosulelekile?

inyathelo 1:Nceda ungene kwiseva yakho njengengcambu.

inyathelo 2:In /etc/cron.hourly Khangela ifayile enegama elithi "gcc.sh" kwisiqulathi seefayili ▼

cd /etc/cron.hourly 
ls -al

• Ukuba ifayile ikhona, umncedisi wakho wosulelekile.
• Ukuba usulelekile, gcina iifayile zakho kunye nogcino lwedatha ngoko nangoko, buyisela eyakhoLinuxumncedisi.
• Guqula igama eligqithisiweyo lesiseko sedata kunye nephasiwedi ye-ROOT yomncedisi.

Hlaziya / Phucula iMiyalelo yePhaneli yeVestaCP

• Ukuba akukho fayile ye "gcc.sh", ithetha ukuba ayisulelwanga yiTrojan.
• Ukuba awusuleleki, nceda uphucule (ulungise) ubuthathaka bephaneli yeVestaCP ngokukhawuleza.

Isiqendu 1:Sebenzisa lo myalelo ulandelayo ukuze ubone ukuba yeyiphi inombolo yoguqulelo lweqela leVestaCP ▼

v-list-sys-vesta-updates 

Isiqendu 2:Sebenzisa lo myalelo ulandelayo ukuhlaziya iphaneli yeVestaCP▼

v-update-sys-vesta-all

Isiqendu 3:Qala kwakhona iVestaCP ▼

service vesta restart

Isiqendu 4:Qala kwakhona umncedisi ▼

reboot

Nazi ezinye izifundo kwiiphaneli zeVestaCP ▼

Ukwandisa iVestaCP phpfcgid template inkqubo yoqwalaselo multi-memory ukudinwa iimpazamo 500

Emva kokuba inkonzo ye-WEB yeVestaCP ikhethe ithemplate ye-"phpfcgid", inani elikhulu leenkqubo ze-PHP-CGI libangela ukuba imemori iphelelwe ngokukhawuleza: kwiiyure ezimbalwa zokuqalisa kwakhona umncedisi, ngokusisiseko kwimemori enganeleyo.Inkqubo yangaphambili ye-PHP-CGI yayingeyo...

VestaCP yangasemva 8083 port https ayisebenzi?Faka iSifundo seSatifikethi se-SSL

Iphaneli yokulawula ye-VestaCP ilula kwaye kulula ukuyisebenzisa: ukufaka ipaneli yokulawula ye-VestaCP kunokufaka ngokuzenzekelayo umsebenzi wokhuseleko weSitifiketi se-SSL se-Let Encrypt SSL, ngoko ke idume kakhulu phakathi kwabasebenzi be-SEO bangaphandle.Yintoni iLet's Encrypting? Masi Fihla yi S...

Uyisebenzisa njani ipaneli yeVestaCP?Faka i-Post Office/Yongeza iiDomain ezininzi kunye noLawulo lweeFayile

IVestaCP yiphaneli yolawulo yokubamba iwebhu yeLinux elula kakhulu, kodwa inamandla kwaye isebenzayo.Ngokungagqibekanga, iya kufaka iseva yewebhu ye-nginx, i-PHP, i-Mysql, iseva ye-DNS kunye nenye isoftware ekufuneka iqhube umncedisi wewebhu opheleleyo, zonke ziyi-SEO...