Welcome to World of IPTV

With

+23k members
+11k threads
+105k posts

we are the most popular IPTV community on the web. 

IMPORTANT NOTE:
WE HAVE RECENTLY NOTICED THAT TOO MANY DOUBLE FAKE ACCOUNTS ARE CREATED IN THE PAST.
TO PREVENT THIS ISSUE THE DECISION WAS MADE THAT IN THE FUTURE A ANNUALLY FEE 20 EURO WILL BE RAISED FOR NEW MEMBERSHIPS.

Join now to the World of IPTV !>

Forum Rules

Before you start, check out the forum rules first

Account upgrade

Upgrade your account to get access to full features

Advertising

Would you like to place your advertisement with us ?

Resources Manager

Hundreds of IPTV scripts and apps are available for download

Info how to secure your server

Mariozix

Member
Member
Joined
Oct 25, 2019
Messages
106
Reaction score
588
Points
104
Location
CHINA
i want to open this discussion for all how to secure your server from A to Z
secure Server
secure database
secure web app


actually i feel it is easy to have attack and hacker to scre* up servers
i didn't know what is the best steps to secure your servers and service i think this topic will be helpful for all beginners
so i want to let this discussion open to see what is the best steps to do that
every one can explain what he do and we can organize this in points to be reference for all of us

best servers to buy
best scripts
best ddos saver
etc best ...
 

urgodfather

Member
Member
Joined
Sep 22, 2019
Messages
2,114
Reaction score
5,699
Points
124
Location
neither here, nor there
i want to open this discussion for all how to secure your server from A to Z
secure Server
secure database
secure web app


actually i feel it is easy to have attack and hacker to scre* up servers
i didn't know what is the best steps to secure your servers and service i think this topic will be helpful for all beginners
so i want to let this discussion open to see what is the best steps to do that
every one can explain what he do and we can organize this in points to be reference for all of us

best servers to buy
best scripts
best ddos saver
etc best ...
Best method is simple. Spend money and hire a professional. Any advice you read will also be read by same people who hack your servers. 😂
 

poojatiwari

Registred
Registred
Joined
Jun 6, 2021
Messages
22
Reaction score
105
Points
39
Location
Bangalore
To be frank there is nothing called as best, there is always something better comingup.

1. Create a new root user. Keep a decent strong password.

2. /etc/ssh/sshd_config
- Disable root login ( PermitRootLogin prohibit-password )
- Change SSH port from 22 to somethingelse. ( makesure ull remember it or note it somewhere :p )
u could filterout almot 50% of the unnecessary bots testing user passs combinations this way, still 50% bots will get throught by scanning which ssh ports ur using.
- Allow ssh login from only certain ips ( Better not do this if your main network is a wifi or mobile network that has dynamic ip or u will b lockedout ).

3. Enable UFW Firewall & setup iptables & Firewall rules for ur needs.
- iptables will block out ips of the other 50% unnecessary bots that are trying different combinations according to ur setup.

4. If you got phpmyadmin, you are better off changing phpmyadmin path & allowing access only from certain ips to access phpmyadmin.

5. Nulled / cracked scripts are always a risk, its ur choice whether to take the risk, u can always check them for backdoors / shells but no method is perfect. there is always a new method to get access to ur server via nulled scripts / cracked scripts. I actually have a seperate server for checking the cracked / nulled scripts if any user cheaps out & askes me to install nulled / cracked content.

Those are some of the things i do before handingover a server to user.

I just came in to see whats new, Im too busy to copy paste methods from google search :D, simply googling those things will get u a long way & its the best way to learn, all u need is a lead in & u can go a long way with google search.

Hoping to see the other methods used by WOL masters.

Good luck.
 

Mariozix

Member
Member
Joined
Oct 25, 2019
Messages
106
Reaction score
588
Points
104
Location
CHINA
Best method is simple. Spend money and hire a professional. Any advice you read will also be read by same people who hack your servers. 😂
Good
Introduce the best way
and companies to do that
Offer price list
 

Mariozix

Member
Member
Joined
Oct 25, 2019
Messages
106
Reaction score
588
Points
104
Location
CHINA
that is what i talk about

you gave great wooooow advise ( hire and pay money)

it is okay ou are welcome gave us an example
for one of your great experience

dark and silent sound every where and you come out from clouds going as a wise man {google it}

all of us googling of course
same if some one tells you if you are hungry go to eat
wooow
what a great add
of course if i hungry i will go find something to eat

do you know the humanity starts from more than 7000000 years and all of this years all people update and upgrade other people experience

you didn't ride the same car from 18th century


50% is your self experience

50% other's experience summary and others add little touch to improve until you now ou can see and have knowledge about Bugatti


if you don't wanna help

why you reply ??? if it is very foolish and your experience already goes far than this point why you answer!!!!
i already say it is for beginners at first of my topic ???
 

urgodfather

Member
Member
Joined
Sep 22, 2019
Messages
2,114
Reaction score
5,699
Points
124
Location
neither here, nor there
that is what i talk about

you gave great wooooow advise ( hire and pay money)

it is okay ou are welcome gave us an example
for one of your great experience

dark and silent sound every where and you come out from clouds going as a wise man {google it}

all of us googling of course
same if some one tells you if you are hungry go to eat
wooow
what a great add
of course if i hungry i will go find something to eat

do you know the humanity starts from more than 7000000 years and all of this years all people update and upgrade other people experience

you didn't ride the same car from 18th century


50% is your self experience

50% other's experience summary and others add little touch to improve until you now ou can see and have knowledge about Bugatti


if you don't wanna help

why you reply ??? if it is very foolish and your experience already goes far than this point why you answer!!!!
i already say it is for beginners at first of my topic ???
Why you make thread and ask same stuff that others already ask? You are above doing your own research?

You say you want to eat, I tell you to go to restaurant. You say you want to make food to eat, I tell you how to find recipes to cook. It is you who being lazy. There is a reason why people are professionals. You do not hire mechanic to cook for you and you do not hire cook to be your doctor, but yet you ask everyone how to be own doctor. As I tell you before, any easy solution you try to find, hackers are 5 steps ahead. Real professionals spend their time to try to stay 1 step ahead of hackers. You will not find easy solutions. Pay for a professional who spend that time just as you would for a chef to cook your food, a mechanic to fix your car, and a doctor to analyze your health.
 

Mariozix

Member
Member
Joined
Oct 25, 2019
Messages
106
Reaction score
588
Points
104
Location
CHINA
Why you make thread and ask same stuff that others already ask? You are above doing your own research?

You say you want to eat, I tell you to go to restaurant. You say you want to make food to eat, I tell you how to find recipes to cook. It is you who being lazy. There is a reason why people are professionals. You do not hire mechanic to cook for you and you do not hire cook to be your doctor, but yet you ask everyone how to be own doctor. As I tell you before, any easy solution you try to find, hackers are 5 steps ahead. Real professionals spend their time to try to stay 1 step ahead of hackers. You will not find easy solutions. Pay for a professional who spend that time just as you would for a chef to cook your food, a mechanic to fix your car, and a doctor to analyze your health.


did you gave any answer not yet just goes around the thread for keep your opinion the correct one
why you didn't gave a names for good chef to cook the food. good restaurant name to go and don't waste time and money with bad providers
why you want people search and start from zero point experience
if you already find a good chef why you keep for your self and don't share

tell people
company 1 is very good and price is reasonable
company 2 is the best but the price is very high
company 3 is very bad don't hire them

(it's up to you if you want keep secret)

but don't spam the topic also as all topic i search i find your answer same
{google it} {use the search tool } don't want people help each other

i make the thread because i didn't find a good answer of course i search and find this answer at most of topics
{google it} {use the search tool }

so what the benefit to be at this Forum is it a community to keep info secrets

if you don't want help don't spam topic and let people do and help each others
 

urgodfather

Member
Member
Joined
Sep 22, 2019
Messages
2,114
Reaction score
5,699
Points
124
Location
neither here, nor there
did you gave any answer not yet just goes around the thread for keep your opinion the correct one
why you didn't gave a names for good chef to cook the food. good restaurant name to go and don't waste time and money with bad providers
why you want people search and start from zero point experience
if you already find a good chef why you keep for your self and don't share

tell people
company 1 is very good and price is reasonable
company 2 is the best but the price is very high
company 3 is very bad don't hire them

(it's up to you if you want keep secret)

but don't spam the topic also as all topic i search i find your answer same
{google it} {use the search tool } don't want people help each other

i make the thread because i didn't find a good answer of course i search and find this answer at most of topics
{google it} {use the search tool }

so what the benefit to be at this Forum is it a community to keep info secrets

if you don't want help don't spam topic and let people do and help each others
i will not recommend one company more than other because it is not the company that makes systems secure, it is the people who work for the companies. same as if i say that restaurant is good. just because location near me has good cook does not mean that location next to you has good cook also. same applies to service from companies.

what @poojatiwari mention is very true but it is not enough.

i will simply tell you this:

if you want to keep system safe then never place system on internet. if you must place on internet then it will never be 100% secure. every day there are new vulnerabilities found. apply every principle mentioned by @poojatiwari but know that it is not enough. never leave any software configured with default configurations. if there is a configuration to be changed, then you must change it! do not expect software to be safe. use different software for different purposes. when you try to unify solutions, you depend on solution to be all inclusive and you will find yourself to land on your face when it fails (because it will). just as i say about having cook to be mechanic and mechanic to be doctor, this applies to software also.

always run latest security updates and patches but not always latest release of software. never use beta. if there is a LTS version, this is best. use software as it is designed. different software for different purposes. example: just because php can be own webserver does not mean that it is wise to use it. instead, use apache, or nginx because they are "application (usage) specific." just because nginx can block bad requests does not mean it is meant to be trusted as solution. use other intermediate solution. log everything and monitor logs for unusual activity. create jails so that no user can do more than what is necessary for its own purpose. block everything then allow only what is needed.

security is a practice, not a solution. what is secure for one system may be weak or too secure for another.

all of this and much more has been mentioned in various parts of the forum but clearly you do not wish to do your research! you just want others to share their own and dump into one single place. again i will tell you, there will never be just one place to find answers for this or any other generalized question. especially when people spend many years and there are thousands of books, multiple organizations, certifications, etc that all focus on this one specific but generalized topic. those who wish to exploit always lurk around the corner and monitor the same discussions.

do you know kung fu?

jackie chan and jet li are both great at kung fu. however, there are many styles of kung fu. jackie chan is great at drunken monkey but jet li's tiger paw is better. jackie chan's preying mantis is better than jet li's tiger paw, but jet li's white crane is far superior.

you remark about my repetitive "use the search tool" or "google it" responses. everyone wants to eat fish but no one wants to learn how to catch fish. you ask bullshit questions like where can i get fish, or how to cook fish. the strongest man is not the one with the most questions, it is the one who knows where to look to find answers.....
 

Mariozix

Member
Member
Joined
Oct 25, 2019
Messages
106
Reaction score
588
Points
104
Location
CHINA
i will not recommend one company more than other because it is not the company that makes systems secure, it is the people who work for the companies. same as if i say that restaurant is good. just because location near me has good cook does not mean that location next to you has good cook also. same applies to service from companies.

what @poojatiwari mention is very true but it is not enough.

i will simply tell you this:

if you want to keep system safe then never place system on internet. if you must place on internet then it will never be 100% secure. every day there are new vulnerabilities found. apply every principle mentioned by @poojatiwari but know that it is not enough. never leave any software configured with default configurations. if there is a configuration to be changed, then you must change it! do not expect software to be safe. use different software for different purposes. when you try to unify solutions, you depend on solution to be all inclusive and you will find yourself to land on your face when it fails (because it will). just as i say about having cook to be mechanic and mechanic to be doctor, this applies to software also.

always run latest security updates and patches but not always latest release of software. never use beta. if there is a LTS version, this is best. use software as it is designed. different software for different purposes. example: just because php can be own webserver does not mean that it is wise to use it. instead, use apache, or nginx because they are "application (usage) specific." just because nginx can block bad requests does not mean it is meant to be trusted as solution. use other intermediate solution. log everything and monitor logs for unusual activity. create jails so that no user can do more than what is necessary for its own purpose. block everything then allow only what is needed.

security is a practice, not a solution. what is secure for one system may be weak or too secure for another.

all of this and much more has been mentioned in various parts of the forum but clearly you do not wish to do your research! you just want others to share their own and dump into one single place. again i will tell you, there will never be just one place to find answers for this or any other generalized question. especially when people spend many years and there are thousands of books, multiple organizations, certifications, etc that all focus on this one specific but generalized topic. those who wish to exploit always lurk around the corner and monitor the same discussions.

do you know kung fu?

jackie chan and jet li are both great at kung fu. however, there are many styles of kung fu. jackie chan is great at drunken monkey but jet li's tiger paw is better. jackie chan's preying mantis is better than jet li's tiger paw, but jet li's white crane is far superior.

you remark about my repetitive "use the search tool" or "google it" responses. everyone wants to eat fish but no one wants to learn how to catch fish. you ask bullshit questions like where can i get fish, or how to cook fish. the strongest man is not the one with the most questions, it is the one who knows where to look to find answers.....
i am here from 2019 do you think i didn't read all topic here and do you think i didn't share my knowledge
and do you think i didn't have good friends from here also some bad

when you find someone just joined 12-07-2021 and ask this question you can say all what you say

but i am here for two years before i ask this question and i search too many as you can imagine and loss too much money as you can imagine also


why not to find some one good same as @poojatiwari
explains the most important points to secure

we find some one else share his knowledge

i think it is the benifits for this WOI community if not i think it is better to switch it off because it is the larger community for IPTV solution and when you search here about secure iptv service and server you can't find any answer :D :D :D what a pullshit the big community can't guide and answer :D :D :D


just for your info
i am aikido trainer ;) ;) and know to much about Martial arts Masters but all martial arts have same basic and vision also mission and all are to allow you to defines your self
with protect main points of your body with less effort
to allow kids (beginners of iptv) to get the knowledge
and oldies (advanced and experienced at iptv)
defense them self's even how much they are weak because oldies may forget the main and basic after too long time work and think the problem is too advanced but it is actually basic solution
 

kidpro

Member
Member
Joined
Jul 19, 2020
Messages
331
Reaction score
116
Points
54
Location
the moon
i am here from 2019 do you think i didn't read all topic here and do you think i didn't share my knowledge
and do you think i didn't have good friends from here also some bad

when you find someone just joined 12-07-2021 and ask this question you can say all what you say

but i am here for two years before i ask this question and i search too many as you can imagine and loss too much money as you can imagine also


why not to find some one good same as @poojatiwari
explains the most important points to secure

we find some one else share his knowledge

i think it is the benifits for this WOI community if not i think it is better to switch it off because it is the larger community for IPTV solution and when you search here about secure iptv service and server you can't find any answer :D :D :D what a pullshit the big community can't guide and answer :D :D :D


just for your info
i am aikido trainer ;) ;) and know to much about Martial arts Masters but all martial arts have same basic and vision also mission and all are to allow you to defines your self
with protect main points of your body with less effort
to allow kids (beginners of iptv) to get the knowledge
and oldies (advanced and experienced at iptv)
defense them self's even how much they are weak because oldies may forget the main and basic after too long time work and think the problem is too advanced but it is actually basic solution
amen!
 

urgodfather

Member
Member
Joined
Sep 22, 2019
Messages
2,114
Reaction score
5,699
Points
124
Location
neither here, nor there
i am here from 2019 do you think i didn't read all topic here and do you think i didn't share my knowledge
and do you think i didn't have good friends from here also some bad

when you find someone just joined 12-07-2021 and ask this question you can say all what you say

but i am here for two years before i ask this question and i search too many as you can imagine and loss too much money as you can imagine also


why not to find some one good same as @poojatiwari
explains the most important points to secure

we find some one else share his knowledge

i think it is the benifits for this WOI community if not i think it is better to switch it off because it is the larger community for IPTV solution and when you search here about secure iptv service and server you can't find any answer :D :D :D what a pullshit the big community can't guide and answer :D :D :D


just for your info
i am aikido trainer ;) ;) and know to much about Martial arts Masters but all martial arts have same basic and vision also mission and all are to allow you to defines your self
with protect main points of your body with less effort
to allow kids (beginners of iptv) to get the knowledge
and oldies (advanced and experienced at iptv)
defense them self's even how much they are weak because oldies may forget the main and basic after too long time work and think the problem is too advanced but it is actually basic solution
Paragraph 2 and 3 do not suffice? It literally explains that there is no easy solution and advises of all “best practices.”

Maybe I should just recommend books?
 

CentOS

Member
Member
Joined
Oct 13, 2019
Messages
23
Reaction score
53
Points
24
Location
turkey
Best method is simple. Spend money and hire a professional. Any advice you read will also be read by same people who hack your servers. 😂
My first tip is to use things from trusted sources, the xtream UI is open source why then use "MODS" with everything encrypted?
if it's already something without a signature, there's nothing to hide...

many people worry about password protection, but forget what they install on their own server...


follow @urgodfathe's tip hire a professional

run away from "MODS" the only one I trust is the cesarkrespo that is no longer available but
 

Mariozix

Member
Member
Joined
Oct 25, 2019
Messages
106
Reaction score
588
Points
104
Location
CHINA
Paragraph 2 and 3 do not suffice? It literally explains that there is no easy solution and advises of all “best practices.”

Maybe I should just recommend books?
please recommend this books it will be graceful and very useful
 

code64

Member
Member
Joined
Sep 21, 2019
Messages
112
Reaction score
291
Points
74
Location
Algiers
Choose server with good ddos saver like ovh or use clouflare to protect and proxie your web server for databases ans ssh you have to use iptables rules to allow only some real ip and you can of course setup your own vpn server and allow it's ip to connect to DB and SSH and you can use fai2ban too .

all these are documented in google , of course if you are in company you can use hardware firewall Cisco , Sophos , juniper and more .
 

Eindje2000

Registred
Registred
Member
Joined
Dec 6, 2021
Messages
19
Reaction score
149
Points
39
Location
Netgerlands
To be frank there is nothing called as best, there is always something better comingup.

1. Create a new root user. Keep a decent strong password.

2. /etc/ssh/sshd_config
- Disable root login ( PermitRootLogin prohibit-password )
- Change SSH port from 22 to somethingelse. ( makesure ull remember it or note it somewhere :p )
u could filterout almot 50% of the unnecessary bots testing user passs combinations this way, still 50% bots will get throught by scanning which ssh ports ur using.
- Allow ssh login from only certain ips ( Better not do this if your main network is a wifi or mobile network that has dynamic ip or u will b lockedout ).

3. Enable UFW Firewall & setup iptables & Firewall rules for ur needs.
- iptables will block out ips of the other 50% unnecessary bots that are trying different combinations according to ur setup.

4. If you got phpmyadmin, you are better off changing phpmyadmin path & allowing access only from certain ips to access phpmyadmin.

5. Nulled / cracked scripts are always a risk, its ur choice whether to take the risk, u can always check them for backdoors / shells but no method is perfect. there is always a new method to get access to ur server via nulled scripts / cracked scripts. I actually have a seperate server for checking the cracked / nulled scripts if any user cheaps out & askes me to install nulled / cracked content.

Those are some of the things i do before handingover a server to user.

I just came in to see whats new, Im too busy to copy paste methods from google search :D, simply googling those things will get u a long way & its the best way to learn, all u need is a lead in & u can go a long way with google search.

Hoping to see the other methods used by WOL masters.

Good luck.
Thanks!
 
shape1
shape2
shape3
shape4
shape5
shape6
Top