My webserver is insecure

Discussion in 'Server Operation' started by madlars, Jul 4, 2013.

  1. madlars

    madlars New Member


    Someone tested my server and got it offline relatively easy.
    I was not on good terms with him so he would not tell me how I could improve it.
    I am far from an expert in servers so I would like some advice as of how to improve it as I intend to use it for the webhosting of my client's site's.
    the url of one sites is running in php5.3 fpm.

    You don't have to bother in writing tutorials, theres plenty of those here!
  2. madlars

    madlars New Member

    Stuff resolved!

    I havent had Apache configured well, so I upped the maximum connection limit which really boosted performance.
    Then I installed mod_security which did not do the trick against the "slowloris attack" So I installed antiloris on Apache and now When I Dos myself my connections get refused! :D

    For people wanting to know if their servers are "slowloris proof" you can google for the utility, then type in the url of your site server.
    You can then look up here if your server is fending off the attack:

    This worked for me very well and I hope this helps other people with this issue :D
  3. madlars

    madlars New Member

    Wow I just noticed how vague my first post was! :O

Share This Page