[WTS] The most reliable hosting provider with affordable prices!

Legion box is a leading provider of VPS and dedicated server, which was created and has worked successfully for those who constantly need high performance, reliability, stability and server security.

Linux virtual private servers

With Legion box We provide the virtual server, RAM, storage and capacity without any overload.

Each VPS comes with:

– Bandwidth not measured;
– Instantaneous installation (without downtime);
– Free panel ISPmanagerLite 4;
– 7 day refund guarantee.
– Payment options: Paypal, Bitcoin, WebMoney and the main credit cards;
– High security (Tier III security level).

Xen VPS (most popular plans)

Choose one of the options: CentOS, Ubuntu, Debian, Fedora or CentOS in cPanel.
Available locations: United States, Los Angeles, Switzerland, Zurich, Germany, Nuremberg, Russia, Moscow

CPU: 1hE5-2680
RAM: 0.5 GB
Disk space: 15 GB
$ 7 / month

CPU: 2хE5-2680
Disk space: 25 GB
$ 11.99 / month

CPU: 2хE5-2680
Disk space: 50 GB
$ 23.99 / month

Do you need another configuration for XEN VPS? See more options here: https://legionbox.com/virtual-servers/

SSD VPS (most popular plans)

Choose one of the options: CentOS, Ubuntu, Debian, Fedora or Windows.
Available locations: USA, Los Angeles, Switzerland, Zurich, Germany, Nuremberg.

CPU: 1hE5-2680
Disk space: 20 GB
$ 9.95 / month

CPU: 2хE5-2680
Disk space: 30 GB
$ 19.95 / month

Do you need another configuration for SSD VPS? See more options here: https://legionbox.com/virtual-servers/

In Legionbox you can also get Windows VPS starting at $ 11.99 / month >>>>

CPU: 2хE5-2680
Disk space: 25 GB
$ 11.99 / month

CPU: 2хE5-2680
Disk space: 80 GB
$ 44.99 / month

Check here for more Windows VPS

Do you need dedicated server? Check the best and fastest dedicated Windows and Linux servers here!

I have a question?
Feel free to open a ticket



security – nginx only allows Encryption in ports 80 + 443

I want to configure a nginx reverse proxy behind a NAT. It will project multiple internal servers to the outside world. ALL services will run on a non-standard port (that is, not 80 or 443). nginx will also perform HTTPS encryption for internal servers that use HTTP. For that I want to use Let's Encrypt with certbot. Therefore, I need to allow connections on ports 80 + 433 to nginx.

Is there any way to block any access to these ports other than when certbot renews the certificates? As stated earlier, these ports are not used for anything else.

keyloggers – Are mechanical keyboards a security risk (in your network)?

I bought my first mechanical keyboard (Razer Black Widow Elite) and quickly noticed that the entire keyboard configuration MUST be done using the manufacturer's web application in the cloud. There was no separate software for the keyboard configuration.

It may be from the old school, but I do not expect my keyboard to be too smart. My main reason for the purchase was the mechanical feel of the keyboard, but not how smart the keyboard is. My biggest challenge is the fact that the main manufacturers do not offer us any alternative that allows us to make changes in the keyboard configuration.

You could use the keyboard without the cloud with the basic Windows driver and without configurations, but how could you trust that there is no software hidden and hidden on a keyboard like this because they are becoming very smart and therefore can be more prone to being hacked. All I want is a secure mechanical keyboard without connection to the manufacturer. Is that possible these days?

Coins – Cryptocurrency collateral security box service?

There are N participants who have agreed to some contract compliance that can not be reliably verified by a third party.

To ensure that all participants comply with the contract, each participant is required to place a certain amount of collateral cryptocurrency in a trusted public "safe".

A participant sends a confirmation request to the "safe deposit box" service if he believes the contract has been fulfilled. If all participants do, all collateral assets are returned to all participants, otherwise, they remain in the "safe" forever.

Is there such a "safe deposit" service?

security – Possibility of a DDoS attack

Theoretically, this is not a mechanism of any type of attack, but it is about the "lost" coins. Perhaps. It's just for an educational experiment.

What happens if someone has the ability to send transactions to the memory pool of each node? It also has the ability to send TCP packets from some list of Internet protocol addresses (65533 IP against 9686 nodes, for example).

You sent transactions, but R and S in your signature are not formed in the way they can be formed by the true owner of the private key. Each node must obtain an unsigned TX hash, and then verify that it is Sig to confirm the expense of the output amount. It will take a little time.

Is a DDoS attack theoretically possible for [any]network of coins? Each node needs to verify the signature and it takes some time. As long as the attacker has the full set of UTXO locally in his [XXXX] IPs of the machine.

Or does IPv6 double this "problem"? Or what does "bitcoin full-node" really mean?

security – Is the NetCat command dangerous?

I'm a server-side developer and I used to invoke the North Carolina command to check if a remote port is open.

Suddenly, the security guy banned the command and as soon as I use the North Carolina order my accessibility to the EC instance be lost.

They are saying

Use telnet.

My questions are

  • Is the North Carolina dangerous command?
  • Do you have a security hole?
  • Can you use some functionality in some dangerous way?

Server Administration 24/7 based in the United States *** PCI Security Audits *** Amazon EC2 Experts ***

ServerWizards.com provides specialized server security and management solutions and we have been doing this for the past 13 years, we work with all technologies and all our administrators have at least the RHCE certificate. We support all Sys-V and BSD systems and all control panels available in the market at this time. We also have a huge experience with all the cloud and virtual environment solutions available. Our star server management service contains all the functions listed below:

1) Server administration – $ 75 / month

– Administration hours and UNLIMITED tickets
– FREE remote backup for all your data (up to 100 GB per server)
– FREE advanced security plan (normally $ 75 is charged once)
– Response time of 10 minutes.
– Monitor the server 24/7 with restarts and reports
– Installation and configuration of third-party software.
– System / hardware optimization.
– Resolution of emergency problems
– Data restoration
– Regular server security patches.
– Regular explorations of server status
– Operating system updates
– Kernel updates.
– Migrations of servers.

We offer great discounts for multiple servers.

We support the following operating systems:

– Linux Redhat, Redhat Enterprise, CentOS, Fedora, Debian, Ubuntu, Slackware, Gentoo, SuSe, CloudLinux, Amazon Linux
– FreeBSD, OpenBSD, NetBSD
– OpenSolaris, OracleSolaris
– Microsoft Windows 2003, 2008 Server R2

Control panels:

– cPanel / WHM
– Ensim
– Plesk
– DirectAdmin
– Sphere
– rudder
– Kloxo
– InterWorx
– Webmin / Usermin / Virtualmin
– LayeredPanel
– ISPConfig


– Xen
– OpenVZ
– HyperVM
– SolusVM
– Hyper-V
– Proxmox
– Virtuozzo
– ESXi Vmware, ESX, vSphere
– Citrix XenServer


– Amazon EC2
– Amazon S3
– Amazon RDS
– CloudStack
– OpenStack
– OnApp Cloud

Custom configurations:

– Red5 Flash Server
– Nginx + PHP-FPM + NSD
– Lighttpd + PHP-FCGI
– Litespeed + PHP FastCGI
– FFmpeg + FFmpeg-PHP + Mplayer + Mencoder + flv2tool + LAME MP3 Encoder + Libogg + Libvorbis
– Postfix TLS + SpamAssasin + ClamAV + Amavis
– Exim + Exiscan + ClamAV + RBL + Spamassassin + SARE + Razor + DCC
– Ruby on Rails
– Tomcat Servlet / JSP
– Kernel Compilations (Linux / FreeBSD)
– Asterix VoIP
– Groups of HA
– Failover solutions
– much more

2) Server Security – Linux / FreeBSD plans – starting at $ 50:

– Update the kernel to the latest version + security patches (grsecurity / openwall)
– Complete security audit.
– Installation and configuration of firewall (KissFirewall / Bastille Firewall / APF)
– Installation of security updates as published by the control panel provider / OS
– Disable unused and insecure services.
– Elimination of insecure packages and unnecessary software.
– Audit record for unusual activity.
– Securing PHP
– Apache / MySQL adjustment for maximum performance.
– SSH server hardening
– Secure the directory / tmp
– Kernel tuning with sysctl
– PSAD (Port Scanning Detector)
– SIM (System integrity monitor)
– PRM (Process Resource Monitor)
– MRTG / RRDTool (Bandwidth Usage Monitor)
– SNORT (Network intrusion detection system)
– ACID (analysis console for intrusion databases)
– TRIPWIRE (tracks each file that is moved / edited in the system)
– AIDE (Advanced intrusion detection environment)
– CHkrootkit (scanner / rootkit scan reports sent daily)
– Samhain (File System Integrity Checker)
– Installation / configuration of Mailscanner
– Installation / configuration ClamAV
– Kernel tuning with sysctl
– Installation of SSL certificate
– Smartd (HDD reliability monitor)
– Tripwire (tracks each file that is moved / edited in the system)
– Configuration of the DDOS and SYN flood protection.

Check out our website:
or send an email to the Sales Department for quotes: sales@serverwizards.com

You can also answer your questions with MSN support: support@serverwizards.com or AIM: serverwizards

security – Securing Admin in a separate port

I am trying to secure the administration pages (/ admin / *) and the login page (/ user / login) to port 8443. I have done this successfully with the following in apache 2.4:

    ServerName example.com:443
ServerAlias ​​drupal
DocumentRoot "/opt/rh/httpd24/root/var/www/html/example.com/current"
            Require everything denied

    ServerName example.com:8443
ServerAlias ​​drupal
DocumentRoot "/opt/rh/httpd24/root/var/www/html/example.com/current"

The problem I have is when I go to https://www.example.com:8443/user/login and login, I am redirected to http://www.example.com:8443/user/1.

This creates an error 400 – Incorrect request. Trying to serve http content through an SSL port.

How do I tell drupal to stay on the https protocol and stay on port 8443?

security: scanning error of "The following CGI are not protected by a random token"

An analysis executed on my website Dev Drupal 7 shows the following error:

The following CGIs are not protected by a random token:
/ contact-ocr
/ civ-rts-coordinators

The content of these 2 URLs is generated by a view whose content is modified by the associated tpl.php files.

How can I make sure that a random token is generated for these pages?

Once a random token is generated, how can I confirm the random token generation when I see the source of the pages?

Magento2 Security: How to better filter the GET parameters before they reach Magento?

I want to increase the security of one of our Magento2 installations by filtering the GET parameters. It seems that, according to our WAF, we often try to exploit the "filter" parameters; for example:


This happens, it does not matter if the filters are used on the website or not. Therefore I want to block all requests to ? product_filter_tryout *, or better white list all parameters actually used on the site (such as ? p = * etc.). How I can get this?