megacount trojan / server security

[Chilihost]

I had a client hit with this megacount trojan yesterday (due to a weak password) and so I thought I would give a few tips on how to avoid getting hit by this or by any other hacker:

these are for your webhost (or for you if you are on unmanaged hosting)
1) ensure your server is always patched with the latest security patches and updates
2) ensure your apache, php, mysql and kernel are upgraded to the latest version in their respective levels (for example, if you are using php4 you should be using php 4.4.4)
3) ensure you are running mod_security and get yourself a decent ruleset for the conf file
4) if you are running on unmanaged hosting, you need to know how to lock down your server. This is vital and if you don't know how to do this then perhaps you should consider managed hosting

these are for you:
5) always keep updated on all scripts you are running (blogs, forums, tgps, linklists, portals, etc...) and remove all unused scripts
6) ensure you are using a strong MiX3d c@S3 password for your FTP and control panel accounts AND your sql databases
7) if you share your password for a script install, change it immediately after the install is completed
8) always keep a backup of your data on your local PC
9) keep an ear open for the latest security threats and be proactive in keeping your sites secure
10) ensure you have antivirus / antitrojan software running on your PC - keylogging is the easiest way to capture your passwords

This is a good start, if you have more tips please add them into this thread for all to benefit. Security is an ongoing battle and you should be working closely with your hosting provider to ensure you are as safe and secure as possible.

cheers,
Luke

[Xstr8guy]

This deserves a bump before it falls off page 1. Thanks for the warning Luke.