Presentation is loading. Please wait.

Presentation is loading. Please wait.

2013-07-03 Website Hosting at Vilnius University by Eligijus Račkauskas senior programmer at VU ITTC.

Published byMyrtle French Modified over 9 years ago

Similar presentations

Presentation on theme: "2013-07-03 Website Hosting at Vilnius University by Eligijus Račkauskas senior programmer at VU ITTC."— Presentation transcript:

1 2013-07-03 Website Hosting at Vilnius University by Eligijus Račkauskas senior programmer at VU ITTC

2 596 hosted websites in several groups: –main website of the University and University news websitesmain website of the Universitynews –University departments/subdivisions –University projects and conferences –University staff blogs –websites of other Lithuanian research and education institutions (schools, kindergartens etc) info.tinklas.vu.lt 749th on Webometrics ranking (January, 2013)Webometrics 2013-07-03VU, ITTC

3 Hardware SUN SPARC T5220 ( 8 CPU 8 core each ) –LDOM or Zones Vmware SAN and NAS storages –2 GB by default –1 GB for schools, 0.5 GB for blogs –extra space on demand 2013-07-03VU, ITTC

4 Software Open source Solaris Apache suPHP PHP MySQL Most used CMS: WordPress Joomla CMS ImpressPages (developed by Lithuanian programmers)ImpressPages 2013-07-03VU, ITTC

5 Securing websites (1) 11 corrupted websites detected during the last half year mainly due to outdated CMS. Hackers now try: Guess passwords intensively on WordPress and Joomla from botnets Well known CMS holes SQL injection attacks Spamming of web forms (leave comments, send mail) Hack, sit quiet a month or two and then begin spamming or do something else. 2013-07-03VU, ITTC

6 Securing websites (2) PHP allow_url_fopen Off allow_url_include Off disable_functions system, exec, shell_exec, passthru, proc_close, proc_get_status, proc_open, proc_nice, proc_terminate, popen, pclose, symlink, link, disk_free_space, disk_total_space, highlight_file, chown, chgrp display_errors Off 2013-07-03VU, ITTC

7 Securing websites (3) FTP access from Lithuanian ISP WordPress and Joomla login page from Lithuania or University network Monitoring by Nagios and Cacti, SMS alerts Cron scripts counts POST requests from Apache logs Other tools like paranoia and suspicion Blocking suspicious IP on Apache or ipfilter Disabling abusing website 2013-07-03VU, ITTC

8 When corruption detected Block website (whole or a part of it) Search for vulnerability Patch the hole / restore website Inform website’s administrator about the incident Check other sites for the vulnerabilities Apply preventive means 2013-07-03VU, ITTC

9 Staff blogs web.vu.lt/department/n.surname WordPress account or “free” resources Mostly used for teaching purposes (summaries, assignments etc.) WordPress Multisite –one installation for a department –slightly adapted core for account name with dot symbol few lines in wp-admin/network/site-new.php and.htaccess 2013-07-03VU, ITTC

10 Problems Outdated Content Management Systems (CMS) –targets for hackers –forced to support old PHP versions Websites administrators lacking of IT experience (non IT staff mainly) Growing flow of junk No possibility to use reverse proxy servers 2013-07-03VU, ITTC

11 Future plans Move websites to Vmware environment Use FastCGI Get into the top 500 on Webometrics 2013-07-03VU, ITTC

12 Something more SSO https://filesender.vu.lt/ http://problemos.tinklas.vu.lt/ DokuWiki http://www.epaslaugos.vu.lt/ 2013-07-03VU, ITTC

13 Questions 2013-07-03VU, ITTC

14 Thank you for your attention! 2013-07-03VU, ITTC

Download ppt "2013-07-03 Website Hosting at Vilnius University by Eligijus Račkauskas senior programmer at VU ITTC."

Similar presentations

Getting Set-up with Hosting and WordPress Gregory Young Alternative Hosting

Getting Set-up with Hosting and WordPress Gregory Young Alternative Hosting
Introduction to WordPress. Learning Outcomes Describe WordPress Compare and contrast the difference between a WordPress hosted blog and a hosted blog.

Introduction to WordPress. Learning Outcomes Describe WordPress Compare and contrast the difference between a WordPress hosted blog and a hosted blog.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
The Division of Labor on a Campus Hosting Open Journal Systems and Open Conference Systems.

The Division of Labor on a Campus Hosting Open Journal Systems and Open Conference Systems.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Web Hosting Control Panel Always FREE to try for 30 days no obligation, our web hosting control panel has been created to provide you with all the tools.

Web Hosting Control Panel Always FREE to try for 30 days no obligation, our web hosting control panel has been created to provide you with all the tools.
About the CMS WordPress A brief overview of both Wordpress.org & WordPress.com WordPress is one of the most popular content management and blog publishing.

About the CMS WordPress A brief overview of both Wordpress.org & WordPress.com WordPress is one of the most popular content management and blog publishing.
The easy way to a nice looking website design By a total non-designer (Me!)

The easy way to a nice looking website design By a total non-designer (Me!)
Voyager Server Security and Monitoring Best practices and tools.

Voyager Server Security and Monitoring Best practices and tools.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Build a CMS Website. The topics this chapter covers are: What is CMS ? What you can do with CMS The benefits and disadvantages of using a content management.

Build a CMS Website. The topics this chapter covers are: What is CMS ? What you can do with CMS The benefits and disadvantages of using a content management.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
By Jeerarat Boonyanit. As you can see I have chosen Cpanel for my server management tool. cPanel is a Linux based web hosting control panel that provides.

By Jeerarat Boonyanit. As you can see I have chosen Cpanel for my server management tool. cPanel is a Linux based web hosting control panel that provides.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Higher Order WP Security Hacks, attacks, and getting your site back Dougal Campbell.

Higher Order WP Security Hacks, attacks, and getting your site back Dougal Campbell.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Content Management Systems Equals Distributed Web Site Maintenance Robert Gulick, EdD DBA / Technology Trainer Carmi Gulick.

Content Management Systems Equals Distributed Web Site Maintenance Robert Gulick, EdD DBA / Technology Trainer Carmi Gulick.

Similar presentations

Ads by Google