Jump to content
uniGUI Discussion Forums
Sign in to follow this  
Abaksoft

Hackers : VPS Security ?

Recommended Posts

Hi all,

 

Anyone have knowledge about VPS security ?

1. If you have an importante Database wich is hosting in a folder, and working with your UNIGUI web application, can a hacker take control of :

- your application.DLL ?

- your database ?

 

2. Is it safe to show the url : www.xxx.xxx.x.x\myFolder\myappli.DLL

Where xxx.xxx.x.x is your IP server

 

3. So, hackers can see your IP server !

 

THX.

Share this post


Link to post
Share on other sites

Thank you Marlon,

 

Very nice is your page home.

So, it confirm that web attacks are possible !

We have to take care of this.

 

Now my question : even if i hide my VPS IP adresse (Rewrite technics)

can a hacker take control of my VPS server ?

 

Big THX.

Share this post


Link to post
Share on other sites

You must activate a firewall and only leave incoming ports open which you need.

You must also change the default ports. For example, don't keep the remote desktop port at its default value.

 

using security software and anti-viruses which are specially designed for Windows Server OS is useful too.

  • Upvote 1

Share this post


Link to post
Share on other sites

You must activate a firewall and only leave incoming ports open which you need.

You must also change the default ports. For example, don't keep the remote desktop port at its default value.

 

using security software and anti-viruses which are specially designed for Windows Server OS is useful too.

Hi,  Farshad!

 

Let's take out discussion about safety in a separate branch of a forum.

There is a wish to see responses of security specialists about check of the created server on vulnerability.

 

 

 

 

Share this post


Link to post
Share on other sites

Hi we are converting our delphi application in web using uniGUI. Please let me know how we do web security management for this web app.

Share this post


Link to post
Share on other sites

Hi we are converting our delphi application in web using uniGUI. Please let me know how we do web security management for this web app.

 

First step is to use UniLoginForm to create a login form for your app.

Share this post


Link to post
Share on other sites

Hello vipin,

In addition to what has already been said, you can add

some of techniques that you can improve :

1. Change your default DataBase "masterkey".

2. Even if your folder is stollen, allow runing your program only on your VPS (signature Mac adress etc...)

3. Protect your dll from reverse ingineering (unigui generate a no classical dll...i am testing a solution).

 

Greetings.

Share this post


Link to post
Share on other sites

Talking about security,The mere fact that uniGUI is a server centric environment is already an advantage over traditional Delphi desktop applications.

Application security and server security are two different subjects.

I see many people here concerned about html injection,even though its a valid concern ,SQL injection is still much more dangerous.I myself never write SQL statements in my client application (at least when I´m doing my own stuff and tell the rules).

In your client you should only call methods of  a service or stored procedures and work with the resultsets.

Allways use https ,encryption whatever tool you have in your hands.

If it make things slow,you should work in a VPN .

 

Talking about server security,no matter what you do ,you´ll probably never reach the same level of security of a hosting provider,but if you really want to host yourself the best thing is buying a good dimensioned embed Linux appliance(Fortigate,Sonicwall,etc),and make a course to at least understand the basic concepts.

Some of these appliances even have a kind of playgound to fool hackers.

 

Try not to have your database ,and web server in the same machine,make several backups each day,have periodic password changes,policies to do whenever you fire a system administrator and so on.

 

And of course,don´t use the database server,or the web server to surf the WEB.

  • Upvote 1

Share this post


Link to post
Share on other sites
Sign in to follow this  

×