Security of my VPS server...

Discussion in 'The Lounge' started by ftp, Mar 6, 2010.

  1. ftp

    ftp New Member

    A bit of a dumb question: - How do I know what programs need to be updated with security patches? (Outside of Apache, php, cpanel) -- whom I regularly check to see if new versions are available.
     
  2. khiltd

    khiltd New Member

    You pretty much either have to keep tabs on things like that yourself or pay someone else to do it for you. There's a fairly healthy number of security related blogs with RSS feeds out there.
     
  3. ftp

    ftp New Member

    Manually checking for updates is easy, but I don't know what types of programs require periodic updates. On another server I have elsewhere (I have a company that is paid to look after it for me) I seen imagemagick had to be updated -- if I hadn't gotten a copy of their audit log, I would have never known that program needed security patches. I'll re-phrase my question: How do I know what programs I should be checking on, for updates? :)
     
  4. khiltd

    khiltd New Member

    There's no program in the world that doesn't need updating to survive. It sounds like you want a substitute for experience, and I'm afraid there simply isn't one. If there were, then nobody would pay security consultants $500+/hr to do the things that they do.
     
  5. ftp

    ftp New Member

    True, I can understand where you'd see that from my post -- but considering Knownhost VPS' are managed, I need to let them know which programs to update; correct? I have to imagine the vast majority of us that host through managed providers aren't 'experienced' enough to know these programs on our own.

    Also, I am not referring to software such as scripts: cpanel, oscommerce, wordpress, phpbb, etc.
    I am referring to programs installed to the server that usually don't have any user-end interaction; such as kernels, the operating system, imageshack and the like.

    The stuff that gets hacked and people are like 'I didn't even know that was ON my vps'
     
  6. khiltd

    khiltd New Member

    Imageshack is an image hosting service which is not installed on anybody's VPS.

    The operating system and its kernel are beyond your control on a VPS account, and you should assume that KH employees will apply any genuinely critical patches as they come along.

    Everything else is pretty much up to you, though support will certainly help you out if you ever get stuck installing anything.
     
  7. ppc

    ppc Moderator

    Try shooting an email off to support asking for advice.
     
  8. KH-Paul

    KH-Paul CTO Staff Member

    cPanel updates itself and the underlying OS on the daily basis unless update functionality was disabled at WHM >> Server Configuration >> Update Preferences.
    Apahe, PHP and MySQL are not automatically upgraded as version change (even minor one) could cause problems with the applications you run on your system. All 3 can be easily upgraded through the web interface. If you need any assistance with such upgrades please feel free to create a ticket with our support team.
    oscommerce, wordpress, phpbb, etc are 3rd party softwares. When it comes to 3rd party software the best we can do is to attempt to troubleshoot specific problems, etc. We can't really support 3rd party software and/or provide information about such application versions, upgrade paths, etc. It would be best to talk to the specific application support team/community to find more information about upgrades. In most cases there is an announcement list you can subscribe to in order to be notified when new version is being released.
     

Share This Page