5 {{ upvoteCount | shortNum }}
5 {{ upvoteCount | shortNum }}

Im looking for a hosting "Audit"

by Chargin
4 replies
Does anyone on here have any experience with getting an audit done on their server?
I have a VPS with about 50 domains on it, its grown over the years and these are all business websites. I have no real hosting qualifications so to speak, Ive just learnt as I go. Im sure there would be some practices Im using that arent up to par, and things a pro could tell me more about. I do worry about emails getting detected as spam sometimes, its happened to me and some of my clients.

So does anyone know of someone here or a company that they can recommend that offers an audit of a WHM / Cpanel VPS?
#audit #hosting
  • Profile picture of the author Kingfish85
    Originally Posted by Chargin View Post

    Does anyone on here have any experience with getting an audit done on their server?
    I have a VPS with about 50 domains on it, its grown over the years and these are all business websites. I have no real hosting qualifications so to speak, Ive just learnt as I go. Im sure there would be some practices Im using that arent up to par, and things a pro could tell me more about. I do worry about emails getting detected as spam sometimes, its happened to me and some of my clients.

    So does anyone know of someone here or a company that they can recommend that offers an audit of a WHM / Cpanel VPS?
    What exactly are you wanting an audit of? Security? Capacity? An audit of if you really need a VPS? I see you mentioned emails getting flagged a SPAM - how often does this happen? Are you selling hosting or just selling hosting to your design customers for example?
    Signature

    |~| VeeroTech Hosting - sales @ veerotech.net
    |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
    |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
    |~| Visit us @veerotech Facebook - Twitter - LinkedIn

    {{ DiscussionBoard.errors[8573043].message }}
    • Profile picture of the author Chargin
      I just sell hosting to website customers of mine.
      I guess a general audit. Not capacity as that seems ok but definitely security, I am using some older versions of php (5.29) and mysql as I have a few older sites that cant handle the new versions, so that may be an issue I dont know.
      Just want to know that things are setup well I guess.

      Its hard to say on the spam, sometimes it happens to me, sometimes clients complain. Seems to have been ok recently though. I know some of the sites I host have been targeted to send out spam using tell a friend type setups before but Ive locked that down.
      {{ DiscussionBoard.errors[8574236].message }}
      • Profile picture of the author Kingfish85
        Originally Posted by Chargin View Post

        I just sell hosting to website customers of mine.
        I guess a general audit. Not capacity as that seems ok but definitely security, I am using some older versions of php (5.29) and mysql as I have a few older sites that cant handle the new versions, so that may be an issue I dont know.
        Just want to know that things are setup well I guess.

        Its hard to say on the spam, sometimes it happens to me, sometimes clients complain. Seems to have been ok recently though. I know some of the sites I host have been targeted to send out spam using tell a friend type setups before but Ive locked that down.
        I can give you some tips, however, since I'm a hosting provider - to follow the rules on the forum that's really all I can do.

        PHP - Upgrade it, it's old and open to exploits. I'd recommend updating the sites to correct standards to support newer releases - there's a reason for new releases.

        Aside from that, only minor things I could recommend are changing SSH port (security through obscurity), using users in a wheel group, not allowing root login via SSH. Editing your sshd config file to require a user to elevate or "su" privileges.

        Are you using Apache or LiteSpeed Web Server?

        Are you taking backups?

        Are you using strong passwords?

        Do you refresh/change your passwords regularly?

        Do you have any software that's using remote access hashes? If so, do you change them regularly?

        Do you have a firewall installed? If so, has it been modified or simply using the default settings?

        Are your websites up to date? Obviously you mentioned some are not, hence the old version of PHP - are the others?

        Emails - by "detected as SPAM" do you mean the emails are getting into the junk/spam box, or are they actually bouncing back?

        Are you taking backups?

        How many people are logging into to this server with root access? Just you?

        Do you have root access restricted?

        What version of cPanel/WHM are you using?

        .................................................. .........
        Signature

        |~| VeeroTech Hosting - sales @ veerotech.net
        |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
        |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
        |~| Visit us @veerotech Facebook - Twitter - LinkedIn

        {{ DiscussionBoard.errors[8574560].message }}
  • Profile picture of the author kpmedia
    You need to give more details, or just hire somebody.
    There's too many variables.
    Signature
    FAQ: Need a Site5/Arvixe/Hostgator alternative? And who is EIG?
    Reviews:     Need a good VPS, dedicated server, or unlimited host? (This is NOT a fake "top 10" list!)
    {{ DiscussionBoard.errors[8574730].message }}

Trending Topics