Checking for SSHD Rootkit hack

Since the past few days the SSHD Rootkit issue has caused havoc amongst server admins. It is still unknown how the attackers manage to get root access to the servers and modify the keyutils-libs package. This has been affecting mainly 64 bit Operating Systems with control panels like cPanel, Direct Admin, Plesk, Webuzo, etc.

We recommend every server admin to check whether your server has been affected. To do so please type the following command :
root> ls -la /lib*/libkey*
If the list displays any of the following files, your server may be compromised :


The symlink of /lib64/ will be pointing to one of the above files instead of the following correct ones e.g.

In order to remove this, you will need to do the following :
1) Remove the wrong file which is there on your system, e.g.
root> rm -rf /lib64/

2) Remove the symlink as well, e.g.
root> rm -rf /lib64/

3) Make a symlink to the correct file :
root> ln -s /lib64/ /lib64/

Then restart the system. Restarting the services will do no good. So please restart the system.

Though there is a possibility of the server being re-infected I have personally found from more than 20 servers I manage, that servers with NON-STANDARD SSH ports were not infected.
Hence please do change the SSH port for your servers safety.

Talk back: Have you noticed the SSHD rootkit on your servers? What have you done to clean up your infected servers? Please do share with everyone.

Getting Started with Piwik

In a digital world, Piwik gives you insights on your website’s visitors, your marketing campaigns and much more, so you can optimize your strategy and online experience of your visitors. Piwik is an open source alternative to Google Analytics available in 48 languages!

piwik logo

Piwik can be installed with one click via Softaculous.

1. Select a Date Range :

By default, Piwik will show data for ‘yesterday’. You can click on the calendar and select another date range to view reports. Piwik supports any day, week, month, year or custom date ranges. You can change the default date that loads in the reports in the User Settings.

2. A Look at a Piwik Report :

The report is displayed in various formats

  • A simple table of just the main metric that the widget features
  • A table with more metrics
  • Goals information about this metric (if you are using goals)
  • A bar chart (usually, hovering your mouse over the icon will give you the option of choosing other types of chart, for example pie charts or tag clouds)
  • Export the data
  • Save the graph as an image
  • Configures the report’s data. Some reports can be “flattened”, or rows with low visits excluded.

You can experiment with clicking on these icons. You can easily go back to the original appearance by clicking the relevant icon. If you hover your mouse over any of these icons a tooltip will appear to remind you of what they do.

3. Dashboard & Widgets :

You can add new widgets to your Dashboard, to ensure it reports on all of your most important metrics. Click on the “Add a Widget” link: it will expand and you will see a list of categories. Run your mouse over the list and it will display a list of the individual widgets available. There are more than 30 in total. In the example below, the mouse hovers over Visitors and the top item on the list is “Visitor countries (world map)”.

  • Click on the widget name to add it to the Dashboard. By default any new widget will appear in the top left of the Dashboard.
  • Click and hold on the dark grey title bar to drag and drop the widget into a new position.
  • You might not be interested in some of the default widgets; it’s easy to remove them from your Dashboard. Hover your mouse over that widget (anywhere within the gray outline box) and you will see a cross appear in the top right corner of the box. Click the cross, validate, and the widget will be removed from the Dashboard.
  • You can also select a different Dashboard layout. You could, for example have a wider column on the left and 2 narrow columns on the right. There are several column layouts that you can choose from the “Dashboard & Widgets” menu.

4. Creating and customizing a new Dashboard :

Often, there are widgets we wish to see monthly or weekly, but others we must check daily. For this purpose and others, it is recommend to create Custom Dashboards. For example one could track in the default dashboard the sources of traffic (campaigns, websites, keywords) but have another dashboard with widdgets focusing more on the users behaviour (top pages, engagement, time on site) and Goals conversions. You can create new dashboard, reset dashboard to the default widget layout, rename dashboards, remove dashboards.

5. Graphs (Data Visualization) :

There are often several metrics that are relevant (visits, page views, bounce rate, conversions, revenue, timme on site, etc.). By default, graphs in Piwik will show the historical evolution of a given metric. You can also choose to plot on the graph a different metric to the default one. You can also plot several metrics at once, for example here we compare Ecommerce orders and Total Ecommerce revenue.

6. Inline help :

When a report title is hovered, a Help icon appears which will display a short description of the current report and the “freshness” of the report.

7. Flattening reports :

Several reports in Piwik can be organized in groups: Page URLs are grouped by directory name, Custom Variable values are grouped by name, a click on a Search Engine Keyword will display the list of search engines used. It is sometimes useful to “flatten” the table so as to compare all elements together.

8. Detailed historical report about any data point :

Piwik provides a very useful feature which they call “Row Evolution”. You can hover the mouse on any row, click on the little graph icon, and it will open a detailed view of the historical values for this specific row. You can also compare several rows together, for example to compare Browser market share over the last 30 months or compare the Mobile devices used.

Source :

Protect your Simple Machines Forum from SPAM

Simple Machines Forum SMF in short is a free, professional grade software package that allows you to set up your own online community within minutes.

SMF Logo

Its powerful custom made template engine puts you in full control of the lay-out of your message board and with our unique SSI – or Server Side Includes – function you can let your forum and your website interact with each other. It is designed to provide you with all the features you need from a bulletin board while having an absolute minimal impact on the resources of the server. SMF is the next generation of forum software.

Once you have installed SMF one more task remains is to restrict bots from your forum. SMF can be installed with one click via Softaculous.

How to restrict bots from your SMF installation :

1. Email Activation

  • Turn on email activation for all new registered members.
  • Login to Admin panel » Administration Center » Registration » Settings
  • Choose the method of registration for new members.
  • This will not allow new members to post unless they activate their account.

2. Code Verification before posting for new members

  • Login to Admin panel » Administration Center » Security and Moderation » Anti-Spam
  • Change the value for “Post count under which users must pass verification to make a post” value to 10 (or more if you want).
  • This will ask the user to pass verification unless they reach the above amount of posts.

3. Code Verification for new Registrations

  • Login to Admin panel » Administration Center » Security and Moderation » Anti-Spam
  • Enable “Require verification on registration page”
  • This will make all the new registrations to enter a verification code in order to register on your forum.
  • Choose among the various verification methods available.

4. That’s it !!

  • We have made the registration process difficult for the bots.
  • And even if they manage to register they wont be able to mess up due to code verification added in step 2.

Source :

10 things you can do with Joomla

Joomla Logo

Joomla is one the most popular content management systems in the world, used by over 20 million sites, being the most popular content management system it has lots of things to offer and here we would share some of the things we can do with Joomla. You can get started with Joomla by installing it through Softaculous right away.

1. Ads & Affiliates
Every user creates a website to market its business and for over seas communication, in this type of economy any type of income is appreciated. Joomla helps its user by integrating many ads and affiliates by just selecting the code and pasting it in your Joomla website where you want it.

2. Page Editor
Installing extension to your Joomla installation can add several features in the original editor such as background color, fonts, better multimedia control and many more. This lets you style your text by accessing it from the text editor itself.

3. Mobile Joomla
You always want to edit your website on the go Joomla offers variety of extension where you can edit your website on phone with this feature you can manage your website right from your mobile phone.

4. E-commerce
Creating an online shopping portal or an auction site is very easy. You can create an e-commerce site where you can sell products, auction things online and accept donation from your users.

5. Communication
You always want your website to communicate with your customers/user for feedback or help if required, your Joomla installation can offer almost every type of communication like live chat, forums, live support, video conference and many more.

6. Social Networking
Most people nowadays use social networks to publicize their ideas and to bring in new visitors to their sites, so social media is an easy way for people to connect to you and is becoming a “must have” for most sites. Joomla allows you to integrate such social networking on your website which bounds to attract more users.

7. Photo Albums
A Joomla website can be converted to a gallery with photos being displayed online though using a photo & image extension.

8. Platforms for Modules
It is a bit difficult to add a custom javascript, php, html etc to a Joomla website but there are many extension available which integrate any script with the Joomla website very easily with this type of feature you can easily add a script or create a custom form on your Joomla installation.

9. Financial
With a simple module or plugin you can add all the financial features to your installation like simple calculator to stock quotes from currency converter to mortgage calculator.

10. Feedback
The most important part of any website or business is feedback you have to take your users feedback to improve your product or website your would like take feedback in may forms like survey, polls, suggestion and many more with Joomla you can integrate all those features into your Joomla installation.

How to customize your Dolphin installation

Dolphin is an open-source community building software. It can be used for development of dating sites and social network portals. It provides various features which will allow the webmasters to build web sites similar to Facebook, Youtube, MySpace, Flickr and others.

The application provides different tools like chats, multimedia functionality, forums, groups, e-mail functionality, events and much more.

dolphin logo

Dolphin Community Software is a scalable, open source, downloadable and independent and having platform with rich contents for producing exceptional dating websites, social networking and web community websites. There are countless features such as recorder, video chat, forums, events, mailbox, video player, video sharing, desktop app, iPhone app, photo sharing and many other things to be received from, to be utilized and to make profits.

You need not to be an expert to install it. Its very easy. You can install Dolphin with a single click using Softaculous, provided by your web host.

How to customize Dolphin according to your needs :

1. Customize logo :
Create your logo on your local machine. Once you have your logo created and saved to your local computer, you upload it via Admin>Settings>Basic Settings>Logo. There is an option to “Enable resizing” and settings for the width and height – deselect this option. If you want to resize your image, do it using a graphics program instead or you will slow down the loading of every page of your site.

2. Change Site Title :
Go into Admin>Settings>Basic Settings and look under “Main Settings,” type in your Site Title. This is what will show at the top of your browser window. Or you can simply choose the Site name on the install form when installing via Softaculous.

3. Change your Copyright :
Change your Copyright to your company name or site name using the Language Settings. Admin>Settings>Language Settings>Manage Keys, type “copyright” into the search box and click the box next to Apply. Click the Edit link next to _copyright (System).
In the popup edit box, edit it as you want. “©” is the code for the copyright symbol. “{0}” is the code for the current year.

4. Customize banners :
Customize your rotating Promo Banners by creating your own personalized images with the dimensions of 994px x 262px. Add and/or delete banners, or even switch to an html reloader, in Admin>Basic Settings>Promo. There are several free graphic editors available if you don’t have one.

5. Personlise your page design:
Unless the default look of Dolphin’s design is exactly what you want your site to look like, you’re going to want to personalize your Dolphin’s design in order to make your site your own. Personalizing your Dolphin’s design can be as simple or as complicated as you want it to be, depending on how many elements you want to change. In order to keep your customizations intact, make sure that any design changes you make are on in your own Template files (UNI or create your own) rather than in the Base Template files. When Dolphin upgrades are released, they will upgrade the Base files and overwrite your customizations.

  • Here are a few ways you can personalize your site’s design :
    To change your Template: Admin>Advanced Settings>Template.
    There are free and purchasable templates available in the Boonex Market (
    There are free and purchasable templates available at various websites, just google “Dolphin Templates”.
    Make sure that any template you install is compatible with your installed version.
    It is recommended making sure that the Template designer/developer offers support for their template, otherwise if something goes wrong you are on your own and there is next to no documentation or support available for Templates.
    To create your own template visit :

6. Personalize your Page Layout :

  • Navigation Menu:
    You can customize your Navigation Menu via Admin>Builders>Navigation Menu, where you can adjust which menu items will show in the top nave menu for which users.
    Active Items are items which are in your menu currently.
    Inactive items are items which are not in your menu currently (or repeats of ones that are in your menu currently!) but can be placed in your menu by dragging them to the Active Items area.
    Blue Items are the top level Navigation Menu listings (the ones you see on your menu)
    Green items are the secondary Navigation Menu listings (the ones you see in a dropdown menu when you hover over the main listings and that appear in the submenu when you navigate to the top level page)
    Red items are system level menu listings, they will show when navigating to certain pages but do not show on the main navigation menu.
    Here you can use the grey grabber part of any one of the items to rearrange the menu items into the order you prefer. In the Navigation Menu Builder, you can control how your Navigation.
  • Menu looks on your site :
    To control the order of menu items, grab the grey grabber bar on the side of the item and drag it to where you want it to be. You can rearrange the top level items to control the order of tabs in your main menu and the secondary levels to control the order of items in the dropdown menus.
    To control what menu items visitors and members of your site see, click on the hyperlinked name of the menu item. A popup edit box will appear where you can select/deselect visibility for Guests and Members.
    To change the text of menu items, click on the hyperlinked name of the menu item and make note of the Language Key for that item.
    Go to Admin>Settings>Language Settings>Manage Keys and enter the Language Key you found in the Nav Menu edit box above, click the box next to Apply. The language key will appear, click the edit button next to it. In that edit box, you can change the language key in the box labeled “String text for English language:” to whatever you want to appear in the Navigation Menu.
    To change from text to icons in your menu, double click on the name of the item and simply add an icon in the edit box.

7. Page Access Control :

Much in the same way that the Navigation Menu controls allow you to control what Navigation Menu items are visible to visitors and members, Page Access Controls allows you to control Top Menu, Member Menu and Page Blocks visibility/access by membership levels.

  • Page Access
    Here you can view your Current Access Rules and create New Access Rules.
  • Top Menu Access & Member Menu Access
    Click on the hyperlinked name of the menu item.
    Select/deselect the membership levels as needed.
    Click “Save Changes.”
  • Page Blocks Access
    Choose the page you want to control from the drop down menu.
    Click on the hyperlinked name of the Page Block.
    Select/deselect the membership levels as needed.
    Click “Save Changes.”

8. Personalize Email Templates :

Your default Dolphin installation has Email Templates preformatted for you, however you will definitely want to read through them even though it is a daunting task. You’ll want to edit the phrasing so that they are more clear, more professionally worded and in proper English. Remember that your Email Templates are how your site directly communicates with your subscribers & members, you want them to represent you well. In addition, if you have tweaked any of your modules or how your site and/or modules are used, you’ll want to edit the Email Templates so that they reflect these changes.

To edit your Email Templates, go to Admin>Settings>Email Templates. There you will find a long list of every email that the system sends out. To access individual templates, click the arrow on the right hand side of the bar next to the one you want to read or edit. There you will find language choices (it will only show the languages you have installed, the default is English only), The Subject of the email and the Body of the email. Edit the Subject and Body to your liking, keeping in mind that some of the emails are sent to onsite email boxes as well as offsite email and that more complex html coding is likely to fail in onsite email boxes.

Source :

How to make your WordPress installation Secure

WordPress Logo

WordPress is one of the most popular blog today. As it is the most popular application there are numerous hackers who are honing their skills to make it to the big leagues.

WordPress is pretty secure and they provide frequent updates but we can make the installation more secure by following some simple steps :

1. The most easiest way is to be updated with WordPress

WordPress provides security updates immediately if a loop hole is detected, so being updated with WordPress will help you to be more secure. It hardly takes a minute to update WordPress with Softaculous.

2. Generic admin username

Most users make a mistake by continuing with the default username for the administrator account ie is admin. Its a common username and every hacker would know that. Choose a username other than admin you can use your name i.e. john as your username. You can choose the username on the install form.

3. Choose a Strong Password

Using a simple password is a bad idea. Use a password that is more secure to let the hackers stay away from you. Use a combination of alphabets, numbers and special characters.

4. Secure permissions to the config file

The wp-config.php file contains all the configuration and settings of WordPress, exposing this file to hackers is a very big threat to your blog they could easily inject malware into your blog or delete the content on your blog. The solution for this is to revoke the permission to the config file. The WordPress config file is wp-config.php  which located in the root directory of your installation. Change the permission to something safe like 0600 if suPHP is enabled on your server. You can ask your host to confirm which permission is suitable on your server.

5. Backup regularly

Backing up your installation is very important because if your installation is hacked you can restore your installation from the backup. You should always take a back up of your database and files, it is recommended to take a weekly backup of your data there are several plugins that will do it for you or you can use Softaculous to backup and restore your installation.

6. Plugins

Make a point to update the plugins when there is an update available. It is always a good idea to be updated. Also, if you are not using a specific plugin, delete it.