<![CDATA[Dewlance® Forum - Security Issue]]> https://www.dewlance.com/forum/ Mon, 11 May 2026 22:49:45 +0000 MyBB <![CDATA[How to keep your hosting account secure?]]> https://www.dewlance.com/forum/Thread-How-to-keep-your-hosting-account-secure Sun, 04 Sep 2016 11:45:58 -0400 DewlanceCTO]]> https://www.dewlance.com/forum/Thread-How-to-keep-your-hosting-account-secure
1. If possible then do not use your default email account, Use secondary account which is unknown for public and make sure you check your account regularly so you can't miss any invoice.

2. Use secure password, Any password like test, etc is insecure and it will be easy to guess your password.

3. If you are using gmail type email and they provide 2 step authentication then enable it so hackers can not hack your account.

4. Login from your local IP Address and If possible then never use dynamic IP or random IP Address. If you use static IP of your local ISP then your hosting provider will be assured that you always access from a xyz IP and If hacker open any ticket with your hosting provider for resetting your password then they will deny to reset password by looking at their IP Address.

There is more way to make your account secure.]]>
1. If possible then do not use your default email account, Use secondary account which is unknown for public and make sure you check your account regularly so you can't miss any invoice.

2. Use secure password, Any password like test, etc is insecure and it will be easy to guess your password.

3. If you are using gmail type email and they provide 2 step authentication then enable it so hackers can not hack your account.

4. Login from your local IP Address and If possible then never use dynamic IP or random IP Address. If you use static IP of your local ISP then your hosting provider will be assured that you always access from a xyz IP and If hacker open any ticket with your hosting provider for resetting your password then they will deny to reset password by looking at their IP Address.

There is more way to make your account secure.]]> <![CDATA[Xen Venom Vulnerability]]> https://www.dewlance.com/forum/Thread-Xen-Venom-Vulnerability Mon, 18 May 2015 04:37:04 -0400 DewlanceCTO]]> https://www.dewlance.com/forum/Thread-Xen-Venom-Vulnerability
Our customers don't need to worry about this vulnerability, We're already applied a patch on our all servers.


Thanks,
Kunnu]]>
Our customers don't need to worry about this vulnerability, We're already applied a patch on our all servers.


Thanks,
Kunnu]]> <![CDATA[How to Disable SSLv3 on cPanel/Lighttpd/SolusVM/Lighttpd?]]> https://www.dewlance.com/forum/Thread-How-to-Disable-SSLv3-on-cPanel-Lighttpd-SolusVM-Lighttpd Sun, 19 Oct 2014 02:37:02 -0400 DewlanceCTO]]> https://www.dewlance.com/forum/Thread-How-to-Disable-SSLv3-on-cPanel-Lighttpd-SolusVM-Lighttpd
If you are using a cPanel/WHM then immediately disable SSLv3 on your server because of SSLv3 is not anymore secure.

How to Disable SSLv3 on cPanel/Apache via SSH Command?
Type this command in your SSH Client:

Quote:cd /usr/local/apache/conf/includes

Edit pre_main_global.conf file
Quote:nano pre_main_global.conf

Now copy and paste this code in this file.
Quote:SSLHonorCipherOrder On
SSLProtocol -All +TLSv1

Save file and exit then restart your apache server
Quote:service httpd restart


How to test for poddle SSLv3 Attack?


How to Disable SSLv3 on Lighttpd or SolusVM Master Server?
Note: SolusVM use Lighttpd Webserver so we need to disable SSLv3 on SolusVM Master and Slave Server

Edit ligghttpd.conf file
Quote:nano /etc/lighttpd/lighttpd.conf

Search ssl.engine code and enter this code before bracket close } and after "ssl.ca-file" line.
PHP Code:
#SSL Poddle v3 attack
ssl.use-sslv2 "disable"
ssl.use-sslv3 "disable" 


Here is example code:

Quote:$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/solusvm/ssl/solusvm.pem"
ssl.ca-file = "/usr/local/solusvm/ssl/solusvm.ca-bundle"

#SSL Poddle v3 attack
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
}

and

Quote:#If any other custom port is listed then also you need to disable SSLv2,V3 on your custom port
$SERVER["socket"] == "0.0.0.0:customport" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/solusvm/ssl/solusvm.pem"
ssl.ca-file = "/usr/local/solusvm/ssl/solusvm.ca-bundle"

#SSL Poddle v3 attack
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
}

[b]Restart lighttpd:[/b]
Quote:service lighttpd restart



How to Disable SSLv3 on SolusVM Slave?

Edit ligghtpd.conf
nano /etc/lighttpd/lighttpd.conf

and enter this code at end of file.
Quote:ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"

Save file and restart lighttpd
service lighttpd restart


How to test that you are safe from poodle attack?
Visit https://www.ssllabs.com/ssltest/ and enter your Master SolusVM Website Address and click on test. If show SSLv3 is supported then it means your server is vulnerable for SSLv3 attack.

If you want to check your SolusVM Slave Server then you need to enter your slave server IP Address and ssl port number. Eg: https://12.3.4.5:port



How to Disable this in Lighttpd?
You can follow our SolusVM SSLv3 Tutorial because of SolusVM use Lighttpd Webserver however I am writing this tutorial for you so you can easily understand this.

Enter this command in your SSH Client
Quote:nano /etc/lighttpd/lighttpd.conf

In lighttpd.conf enter this command in your $SERVER["socket"] == ":443" line but don't forget to enter this after { bracket start and before } bracket close line.


Here is example:

Quote:$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = var.confdir + "/example.org.pem"
ssl.ca-file = var.confdir + "/example.org.bundle.crt"
server.name = var.confdir + "/example.org"
server.document-root = "/srv/html"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"


Save your file and then restart ligghtpd.
Quote:service lighttpd restart


Note: "service ligghtpd restart" command works on CentOS but If you are using any other Operating system then you need to search in google on how to restart lighttpd on your xyz operating system]]>
If you are using a cPanel/WHM then immediately disable SSLv3 on your server because of SSLv3 is not anymore secure.

How to Disable SSLv3 on cPanel/Apache via SSH Command?
Type this command in your SSH Client:

Quote:cd /usr/local/apache/conf/includes

Edit pre_main_global.conf file
Quote:nano pre_main_global.conf

Now copy and paste this code in this file.
Quote:SSLHonorCipherOrder On
SSLProtocol -All +TLSv1

Save file and exit then restart your apache server
Quote:service httpd restart


How to test for poddle SSLv3 Attack?


How to Disable SSLv3 on Lighttpd or SolusVM Master Server?
Note: SolusVM use Lighttpd Webserver so we need to disable SSLv3 on SolusVM Master and Slave Server

Edit ligghttpd.conf file
Quote:nano /etc/lighttpd/lighttpd.conf

Search ssl.engine code and enter this code before bracket close } and after "ssl.ca-file" line.
PHP Code:
#SSL Poddle v3 attack
ssl.use-sslv2 "disable"
ssl.use-sslv3 "disable" 


Here is example code:

Quote:$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/solusvm/ssl/solusvm.pem"
ssl.ca-file = "/usr/local/solusvm/ssl/solusvm.ca-bundle"

#SSL Poddle v3 attack
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
}

and

Quote:#If any other custom port is listed then also you need to disable SSLv2,V3 on your custom port
$SERVER["socket"] == "0.0.0.0:customport" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/solusvm/ssl/solusvm.pem"
ssl.ca-file = "/usr/local/solusvm/ssl/solusvm.ca-bundle"

#SSL Poddle v3 attack
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
}

[b]Restart lighttpd:[/b]
Quote:service lighttpd restart



How to Disable SSLv3 on SolusVM Slave?

Edit ligghtpd.conf
nano /etc/lighttpd/lighttpd.conf

and enter this code at end of file.
Quote:ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"

Save file and restart lighttpd
service lighttpd restart


How to test that you are safe from poodle attack?
Visit https://www.ssllabs.com/ssltest/ and enter your Master SolusVM Website Address and click on test. If show SSLv3 is supported then it means your server is vulnerable for SSLv3 attack.

If you want to check your SolusVM Slave Server then you need to enter your slave server IP Address and ssl port number. Eg: https://12.3.4.5:port



How to Disable this in Lighttpd?
You can follow our SolusVM SSLv3 Tutorial because of SolusVM use Lighttpd Webserver however I am writing this tutorial for you so you can easily understand this.

Enter this command in your SSH Client
Quote:nano /etc/lighttpd/lighttpd.conf

In lighttpd.conf enter this command in your $SERVER["socket"] == ":443" line but don't forget to enter this after { bracket start and before } bracket close line.


Here is example:

Quote:$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = var.confdir + "/example.org.pem"
ssl.ca-file = var.confdir + "/example.org.bundle.crt"
server.name = var.confdir + "/example.org"
server.document-root = "/srv/html"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"


Save your file and then restart ligghtpd.
Quote:service lighttpd restart


Note: "service ligghtpd restart" command works on CentOS but If you are using any other Operating system then you need to search in google on how to restart lighttpd on your xyz operating system]]>