Those services you mentioned in the initial post are as useful for preventing break-ins as fire insurance is for preventing fires. Sitelock at least provides vulnerability scans, but if it turns something up (like a recently-published vulnerability in cPanel), to extend the above metaphor further, you now know you have a fire, but you have no fire department for you to call to put it out.
So long as you have no one wearing the security admin "hat" you need to be looking for a web hosting provider, not a full-fledged server hosting service. Basically, you need to shift the responsibilities to *someone else* for keeping the server itself online. Shifting your email to be managed by Google is an *excellent* first step. That should completely mitigate the chances your email server could become compromised and start shipping out spam/malware/phishing mails. Taking a quick look-see, I didn't see any of the usual horrorshow precursors on the site, at least, none that eclipse the fact that *you are using Joomla. * Now I'm not saying that Joomla is any better or worse than any other CMS (at least, I'm not saying it right now) but is an additional liability for you because you're apparently presently responsible for it's care and feeding as well. I'm not particularly happy about the search box being present, but again, that's a part of Joomla and people really seem to like having branded search pages. Just be glad you're not trying to do anything like take* file uploads* from random users on the internet. So specifically, you need to find a reliable company that will offers hosting of *Joomla* *for you *so you can push your content into Joomla, and let *them* worry about keeping Joomla (and the search functionality plugin) updated and the server instances free of script kiddies while you worry about the day-to-day matters of putting up your content. The only logins you are going to want to be responsible for are the ones that let your content creators push their articles up, and some filesystem access logins (SCP, not shell account) for managing the video/audio files (looks like you're using AWS). Hostgator *appears* to actually offer this as a service, so it may be that you just need to be paying them for a "smaller" service than having an entire host (and the associated responsibilities) to yourself. You've already got a business relationship with them, so ring them up and ask about Joomla as a "managed service". On Thu, Aug 6, 2015 at 7:54 PM, Michael L <[email protected]> wrote: > I'm thankful for all the input, > > I 'believe' webserver and email is all that's there, so it crossed my mind > going back to just a "cheap" shared hosting arrangement for $5-$30 / month. > > BUT, two reasons I don't know for sure that will be adequate are: > 1. I'm (obviously) not a web admin / IT pro, (I'm responsible for video > production, but I get "asked" other technical IT questions, so I go to NLUG > and all other possible venues) > 2. That video and audio is in the thousands of hours (3000+) and it is > being distributed online; that's > where this little organization isn't so little > > The current workflow is to "link" to the massive video content in AWS S3 > (I guess you call that the cloud), and Vimeo and of course Youtube. > > M > > > > On Thu, Aug 6, 2015 at 5:15 PM, Michael Chaney <[email protected] > > wrote: > >> I again strongly suggest: >> >> 1. Move email *immediately* to gmail or another like service. >> 2. Identify issues with the web site that allow attackers in. >> 3. Move web hosting elsewhere if possible. >> >> It's a Joomla site, so I assume the database is simply the Joomla stuff. >> If that's the case, your best bet is to simply find a Joomla-capable host >> and move it there (even hostgator has this as a solution). >> >> If you can't do that then they should move to a managed server solution. >> But unless they're doing something much different than what it looks like >> gmail + joomla hosting would serve them well and probably cost 1/10th what >> they're paying for a hacked server, especially since gmail is free for them. >> >> Michael >> >> On Thu, Aug 6, 2015 at 4:45 PM, Michael L <[email protected]> >> wrote: >> >>> Webserver and Email is all I know of; I know there is a litlle mySQL db >>> of about 13MB. I can look in the cPanel if I know what to look for. >>> Thank you >>> M >>> >>> On Thu, Aug 6, 2015 at 2:03 PM, Michael Chaney < >>> [email protected]> wrote: >>> >>>> I have to again ask: is there *anything* besides these services running >>>> on that server? >>>> >>>> 1. Email >>>> 2. Webserver >>>> >>>> Let's start there. >>>> >>>> Michael >>>> >>>> On Thu, Aug 6, 2015 at 12:56 PM, Michael L <[email protected]> >>>> wrote: >>>> >>>>> Hello NLUG, >>>>> I found on the cPanel that standard email security features involving >>>>> spf and DKIM were disabled, so I enabled them; that helped matters >>>>> somewhat. I've gotten a few notifications that 'someone' is logging into >>>>> our cpanel. One of those cPanel logins at 3am July 30th was supposedly >>>>> the >>>>> IP address of Comcast's "security" desk out of Murfreesboro with all their >>>>> contact info. >>>>> >>>>> The company hosting our dedicated server is Hostgator out of Houston. >>>>> When I contacted support 3 weeks ago regarding our blacklist and security >>>>> issues, I was told that being a dedicated server, everything is on us. >>>>> Asking further, I was.given suggestions of Sitelock, ClamAV, and >>>>> Codeguard. >>>>> Jjust paid $60 for one year's worth of Sitelock protection. Hostgator >>>>> (when asked) installed and (when asked again) supposedly ran a ClamAV scan >>>>> for us, which supposedly took 2+ days to complete, which was a week ago; >>>>> haven't heard anything regarding scan results. Checking into CodeGuard, >>>>> looks like a useful site back up and restore service. >>>>> >>>>> Am I to believe that Sitelock and Codeguard will get the job done as >>>>> far as security and recovery? Or should I be looking to go from dedicated >>>>> server at about $250/mo to managed dedicated server at $600+ / month? >>>>> >>>>> What say those more knowledgeable than I? I'm thankful to get to ask >>>>> these questions here. >>>>> >>>>> MichaelL >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "NLUG" group. >>>>> To post to this group, send email to [email protected] >>>>> To unsubscribe from this group, send email to >>>>> [email protected] >>>>> For more options, visit this group at >>>>> http://groups.google.com/group/nlug-talk?hl=en >>>>> >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "NLUG" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> >>>> >>>> -- >>>> Michael Darrin Chaney, Sr. >>>> [email protected] >>>> http://www.michaelchaney.com/ >>>> >>>> -- >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "NLUG" group. >>>> To post to this group, send email to [email protected] >>>> To unsubscribe from this group, send email to >>>> [email protected] >>>> For more options, visit this group at >>>> http://groups.google.com/group/nlug-talk?hl=en >>>> >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "NLUG" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To post to this group, send email to [email protected] >>> To unsubscribe from this group, send email to >>> [email protected] >>> For more options, visit this group at >>> http://groups.google.com/group/nlug-talk?hl=en >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Michael Darrin Chaney, Sr. >> [email protected] >> http://www.michaelchaney.com/ >> >> -- >> -- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/nlug-talk?hl=en >> >> --- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- Sent from an actual computer. -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
