Securing our Server

jordan2318's Avatar, Join Date: Jan 2011
Newbie Member
Hi

We have a server running several ecommerce sites, the problem is a couple of them get hacked on a regular basis and they are managing to upload a file to the server and then run a SSH on the server.

We are constantly monitoring this, but we really want to try plug the hole. Is there anything that could be recommended to do to find out how they get in.

We have the server locked down in terms of the firewall, ftp access only from certain ip locations etc.

The ecommerce sites use a bespoke based ecommerce platform so we are wondering if there is a loophole in our software.

So if anyone could help with any recommendations that would be excellent.

Thanks
0
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
What is your OS for the server. If it is CentOS refer to http://www.securecentos.com/
0
jordan2318's Avatar, Join Date: Jan 2011
Newbie Member
yeah it is centos, ill have a look at that, is there anything that could test the security of our bespoke ecommerce platform?