Welcome to Vastspace, provides Reliable Web Hosting since 2014

Welcome to Vastspace

Archive

Improve anti-virus and anti-spam in Plesk & cPanel

Recently, we have noticed an increase in unwanted emails attached to infected documents. These are things you can do on your Plesk and cPanel control panels

But I still reinstate that local protection on your computers and devices like smartphones are extremely important. Most malware remains inactive until users intervention. Thus, these protections are your last defense.

For Plesk, I suggest you buy the extension known as Premium anti-virus.  After you have obtained the addon license you need to install through your ‘updates & upgrades’. The add-on license is not too expensive and it is worthy especially you are in business and many mailboxes.

For cPanel, installing ClamAV is a must. However, if you are running a VPS with a Gb memory or below, you might want to think twice as ClamAV uses resources especially during updates ad you have plenty of emails.

You can enhance the ClamAV by using 3rd party rules, but again you will need memory. The next solution you might want to consider is the MailScanner from Configserver. I recommend the Front-End costs USD 55, one-tine fee for its license. Useful and it makes your jobs so much easier.

DKIM exempted you as Spammer?

A while ago someone came to me, asked if I can add DKIM so his company is not identified as a spammer. In a way, yes but in another way is a no. Why do I say so?

DKIM is easy to advertise in the zone records nowadays. Many popular control panels have such ability to publish whether your DNS is hosted on the same server or just copy them into your DNS hosted elsewhere. Whichever the case, DKIM allows you to sign an outgoing email is to match with the public key you have advertised in the public DNS, to tell others it is sent by real me.

DKIM is one of the best methods to identify email is spoofed, impersonating a person in the organization. Here’s the catch, only the authorized mail server signed that email. If you are using another email server signed with different keys, it will cause a failure if DKIM of your recipient mail server is validating DKIM.

2 things, if your recipient mail server is not checking on DKIM or no action is taken. The real sender email account has been compromised. For these cases, how can DKIM protect your organization?

ConfigServer MailScanner Front-End

Today, I want to mention a product or rather an installation for cPanel users is the ConfigServer MailScanner Front-End. Do not mix up with the Configserver MailScanner, even they are the same in the backend, MailScanner’s front end made your life easier and made anti-spam effectively. I recommend to cPanel users if they are looking for a cost-effective antispam solution.

MAILSCANNERMost anti-spam is not integrated. They use MX to help you filter spam emails. If it is injected to the mail server, it is local delivery though LMTP, this kind of solution is not effective. However, the integrated means you need resources, and there is on overhead especially to those have a high volume of email traffic.

MAILSCANNERIf anti-spam is your top priority, Configserver MailScanner with the Front End is worth considering. With my past experience, you are safe to quarantine emails with a score as low as 2. In addition, the front end gives you the ability on how you want to keep the quarantined emails.

Anti-spam is not 100%, users unwanted email considered to a user as spam might not be the case for antispam. Antispam a few rules and gives a score of each rule to add them up should the email’s score is more than the threshold. There are cases, spam or unwanted emails have slipped through your anti-spam, MailScanner Front End allows you to click on the button to learn, to learn and port as spam, or blacklist sender and its domain.

Configserver charges USD 55 onetime fee for MailScanner front end, I personally think it is affordable and cPanel users should install if they want effective antispam.

What is HPMVPS?

HPMVPS stands for High-Performance Managed VPS, it is a fully managed service for businesses on their websites and email hostings.

We have observed many business owners have spent plenty of time choosing their web hosting and yet many have not met the expectation. Nowadays, due to the malicious traffic on the internet, many business owners of how their data is protected.

Thus, HPMVPS is a total solution to it. The business owner will find Vastspace’s HPMVPS is a complete solution and an answer to all these. They need not hunt high and low for their websites and email hosting services.

HPMVPS is a one-stop hosting solution for businesses. As t is fully managed, you do not employ a server admin to take care of your hosted environment. This aspect is being taken care too, we will deploy the necessary personnel and monitoring tools to ensure smooth operation. We bring down to service failure near zero  is our objective for HPMVPS, it is about business continuity.

Why Premium Shared Hosting?

Many asked why Vastspace has premium shared hosting? Basically, this is how we have differentiated the ordinary shared hosting with the premium one. Why premium?

The ideal of marketing shared hosting is affordable. We see 2 groups of customers have chosen shared hosting. The beginners or the first-timers and the budget users. However, we decided to break the tradition and give more in shared hosting are things like protection and anti-spam.

Today, users are smarter and they know the cyberworld s vulnerable. Attacks come in many ways. They can penetrate from your website, the server, and the most via emails. There are the 3 areas are publicly accessible and it could be vulnerable to outdated software or codes.

Thus, protection in these areas is important. If you do not protects these places, it is like opening the doors to someone and asking them to steal things from you. When you have realized your belonging is stolen, it might be too late.

We have understood the reasons, we designed the premium shared hosting with adequate protection at a reasonable price. So, customers can enjoy the protections at a smaller price tag. In the past, they might be spending a few thousand dollars to enjoy the same but with the premium shared hosting, we change things. 

 

Using weak password

If you are reading this, it is not too late to update your weak password to a stronger one. What is a strong password? Why there is a need to use a strong password? Ai https://passwordsgenerator.net/ 16 characters and above is considered a strong password.

A strong password, I personally reckon that it must be 10 characters long, comprises of upper letters, lower letters, numbers, and at least one symbol. If your current passwords have not met this requirement, they are weak.

I have seen 123456, abc123, p@ssword and similar. They are an extremely weak password, they should be prohibited and updated immediately.

In today’s internet, access to the internet is easy, brute-force login attacks are common. Thus, you should refrain yourselves using a weak password. A strong password is difficult to remember, the introduction of 2FA will help with this situation. But strong password is the most effective defense from any authorized access.

Fail2Ban in your Plesk

Bruteforce logins attack is common nowadays. If the ports are opened to the internet, they are prone to such attempts to gain access to the services. Using a strong password can reduce your risk but you cannot stop this kind of attack.

To stop totally unless you can limit or restrict access to certain IP addresses. This is not likely possible with the email service. So Fail2Ban can reduce and stop such attempts but it can too block a genuine use from accessing the service in some situations. However, if you are able to understand and fine tweak the module, false-positive can be reduced.

Today, we take a look at this module and neglected it by many Plesk users. One of the reason, this module is not adopted by many Plesk users, it is because this module is not set up by default.

Fail2BanIf you do not see this module in your Plesk under ‘Tools & Settings’ you can install from updates and upgrades under Plesk further down your screen. You will see this module after successfully installed. Likely you have to login again to see the just installed module.

Once it has installed successfully, we need to configure and turn on the module. I recommend placing your current IP address in the trusted IP section. This will avoid if you are blocked accidentally after you switched on the module.

fail2banNext, we will tell the module which are the services I want to use Fail2Ban. You might not need all but the important one like ssh, Plesk-proftpd. Plesk-panel, Plesk-postfix & Plesk-dovecot. These are the common services we have observed, receive most brute-force attacks. After you have decided which services, switch on and make sure they are active.

fail2banThe final step is the settings. Define how long you want to ban an IP, the number of failed logins within how long each interval. The default is 5 failed logins within 10 minutes and banned for 10 minutes if violated. I felt that the ban period can be longer, 3600 seconds is an hour. Lastly, we check the box to Enable intrusion detection and apply.

Congratulation, we have set up Fail2Ban on Plesk.

 

An infected attachment

If you have received an email with an attachment especially with a *doc extension. This email may have sent from someone who has corresponded with you before with the same subject.

Their computers could have been infected by malware and sending you a trojan/malware.T his trojan steals contacts, credentials, banking information, etc.

We suggest you take the following preventive measures;

  1. Do not open any attachment on an email especially with doc extension, Scan the with your latest anti-virus if you are safe to open it.
  2. Do a full system scan on your computers and smart devices.

My personal opinion on CSF firewall

CSF firewall is available free and most cPanel users might have a copy because it is free? Today, I’m sharing my experiences. Not on how you install CSF or what are the items but opinions on hows the firewall serves its purposes.

For the last decade, CSF has been the part and parcel of cPanel users. However, I’m not actually fond of installing CSF. It is not that CSF has not served its purpose, it is all about individual perception and expectation. why? Let me shares;

a. I have seen CSF in test mode since day one. If you have installed CSF, you will know CSF is in TEST mode by default.

b. Block everyone in the office, cannot send and receive emails. So if your coworkers are sharing the internet through the same router, shared public IP address will be blocked if someone has entered the wrong password a few times.

c. No or non-optimised settings on CSF. Users have left the settings by default or minimum settings were done because they are difficult to understand in layman terms.

So, my experiences are never good with CSF installed. 90% of the time, require troubleshooting if someone has installed CSF. If you have a fully managed hosting service or you have planned to sacrifice your personal time (as they can be very time consuming) to adjust and tweak it.