Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed last year.
Improve this question
Does anyone know how to access Cpanel on 1&1(IONOS). One of the biggest in the web hosting market but I didn't know it was one of the worst. Knowledge Base is empty. Searching on Google doesn't result in anything.
I am startled by the fact that I found NO INFORMATION online. Absolutely NO information on google. How could it be possible? No one has ever tried to ask this question before?!?!? BTW IONOS is the worst web host. If someone has to search for 20 mins to access even cpanel, then it's the worst web host.
IONOS Screenshot
Note the below is only available if you have the right build assigned to your account.
Server administration with Plesk is conveniently done right in your browser.
Since Plesk provides its own HTTPS service for this, a web server (e.g. Apache)
does not need to be running on the server.
Open your web browser and enter your domain name (or IP address)
followed by :8443 in the address bar.
Log in with the user name Admin and your initial password.
You can log in to IONOS and find your initial password in the Server Access Data section.
I am sure by now you managed to fix your problem. But I figured I must just post how I accessed it for other people. I am assuming that you wanted to remove some of the files on your website (i.e. if a WordPress plugin destroyed your site). The way I accessed my files is as follows: Firstly go to your Ionos dashboard. Then click on the contract you are using (i.e. WP Business). Thereafter go to hosting and click manage, then a page will open and click webspace. Once you click webspace you will be able to access all of your files.
I hope this helps someone out because truly getting information about Ionos seems like thesis research.
I nearly fell for their $6-for-the-first-year Business Plan account. Whups! Good thing I asked some questions first.
The sales person answered the chat after approx 20 mins, and was not customer friendly. When I enquired about included CPanel apps, I was abruptly told that CPanel is not included - you must purchase it separately. She did not tell me (this is what I mean by "abrupt"), but I read elsewhere, that they wrote their own "CPanel-like" administration tool - but from what I can tell it is significantly less capable. And as of this writing, I still do not know if they offer Node.js (which was something that I asked the sales rep but she did not answer).
I would be interested to see a screenshot of the IONOS CPanel replacement. I also would like to know what included apps they offer, such as phpBB, SimpleMachinesForum, Node.js, Python, Ruby - and how Git management/deployment works. As of this writing, and over 30 minutes on chat with them (including wait time), I have no idea.
Here is a fairly recently article from Dec 2021 that sheds more light:
https://websitesetup.org/hosting-reviews/ionos/
You can access your Cpanel using below URL,
http://IP:2082
Note: In IP you have to set your Cpanel IP.
above link redirect to login page, In login page you need to enter your username and password,
From the look of your screenshot it looks as if the package you have purchased is not one that contains a server. Here are two options for packages with servers.
Cloud
Dedicated
Ref
Go to Servers & Cloud -> Infrastructure -> Servers and select the server you want to access.
Then, go to either the Plesk or cPanel section, there you'll find user, password and host for your server.
Related
guys I just want to ask a couple of questions about security problems, if this is not the place to ask these questions then please close the question.
I want to make a web application with Laravel where u can watch movies (it would be used only by me and a few friends of mine). I'm going to turn my old pc into a server and use it for the app. My questions are: (if the answers are too long then please provide a link where I could read about this).
What can a hacker do if he hacks into my server (don't care about data that much since there will be no personal information inside of it) and how to prevent it? Keep in mind I don't want to pay for any firewalls if it's not absolutely necessary.
if the hackers gain access into my server and the server is connected to my router. Can he gain access to the router and then other devices connected to the router. How can I prevent this from happening?
I am using shared hosting.
My site was showing "ERR_CONNECTION_REFUSED".
So i went to see visitors to my (SSL) site.
I found that instead of regular names in the "User Agent" list,
cpanel visitors list is showing
user agent Expanse indexes the network perimeters of our customers. If you have any questions or concerns, please reach out to: scaninfo#example.com"
I want to know whether this is harmful and if yes,
How to avoid such unknown user agents?
Is there something i should do with ".htaccess" file?
Once again, i am using shared hosting (so, i have limited accessibility).
The ERR_CONNECTION_REFUSED you saw when accessing your website had nothing to do with the visitor you saw in cpanel. You might have had a different issue with your server configuration/shared hosting provider.
That "visitor" was an internet crawler, most likely from Palo Alto Networks, who owns Expanse. Long story short, it shouldn't cause any harm. They say that their crawlers are used to index/categorize URLs around the internet and/or to spot malicious content.
I advise you to ignore it, since there's not much you can do - I assume they have some ranges of IPs for their crawlers so you wouldn't be able to blacklist all of them anyway.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
During Blockchain Hackathon Kyiv 2020 we picked NEAR Protocol challenge and found several issues.
Accound and account keys are created in web wallet. Then you should run "near login" command at your server which should launch curl to web wallet and authorize near-cli app for accessing keys. However in our case keys weren't imported into server deployed at Digital Ocean with Ubuntu 20.0.4 and accessed via console. Near Discord channel didn't responded to our questions at all. Telegram devs chat support guys didn't helped much, their last offer was "copy keys from localstorage to json file and put into your server .near-credentials folder"
But after all - and that was amazing - a new key created at those remote machine with near addkey command - was added to those accoundID which was not authorized to use app!!! :D
enter image description here
https://examples.near.org/ - GITPOD links doesn't properly configured, not working with errors
https://gitpod.io/#https://github.com/near-examples/token-contract-as
https://gitpod.io/#https://github.com/near-examples/wallet-example
Excited that you chose to build on NEAR, but disheartened to hear about your subpar experience. NEAR is currently growing at an exponential rate and engineering resources certainly can be limited at times.
Unfortunately, if you created your NEAR account on a different machine than the one you want to store the credentials for that account on, running near login won't work. You could get around this by copying your private key from your browser's local storage to the remote machine's browser's local storage, then running near login on that machine but thats a little more work than what’s necessary. The easier, more straightforward path, would be to run near login on your local machine (the one that created the NEAR account) and copy the newly created .json file located in ~/.near-credentials to the target machine. I think that’s what the devs on Telegram you chatted with were referring to. Currently, that would be the easiest solution to that issue.
But after all - and that was amazing - a new key created at those remote machine with near addkey command - was added to those accoundID which was not authorized to use app!!! :D
Could you clarify what exactly happened here and how you performed this action? You should not be able to add a full access key to an account without an existing full access key.
Also, thank you for raising our attention to the two broken GitPod examples. There have been several updates recently to the near-sdk-as dependency these two projects rely on, and looks like something broke. I will make sure this is resolved ASAP!
Please let me know if you have any other questions, comments, or suggestions, and thank you so much for bearing with us as we continue to enhance our platform and developer tooling.
Near Discord channel didn't responded to our questions at all. Telegram devs chat support guys didn't helped much, their last offer was "copy keys from localstorage to json file and put into your server .near-credentials folder"
I would like to point out that there is no paid service with 24/7 support. People have their weekends to spend with their family and friends.
But after all - and that was amazing - a new key created at those remote machine with near addkey command - was added to those accoundID which was not authorized to use app!!!
Which key are you talking about? The 3 keys you have on the screenshot were sequentially used to sign the next transaction adding the new key:
ETQeNJrRiqbcuqJyrfDTh1EYAUAetXZsnuuiEH8T6mnc transaction created the account with ed25519:HBi7mgC... key.
8heaysv121qhFjktwRm9ftF4jA7dgcYRHvKkcCnhXFVT transaction signed with ed25519:HBi7mgC... key (added in (1)) adds a new ed25519:DmNJSxx... full-access key.
DUp8VJ9aoUyC6r8ira6udpgHYxsKJWi3LXkxxn5btLW2 transaction signed with ed25519:DmNJSxx... key (added in (2)) adds a new ed25519:DoMh6uC... full-access key.
I have been doing a lot of research on this and I can't seem to find a definitive answer. Obviously these days security is a big issue, hacks are going on all over the place of major companies that invest millions into security and they're still getting hacked.
I work on Laravel a lot and use shared hosting with Hostgator or some similar company of high report. Laravel comes with a built in function for encrypting database info and decrypting to the user when requested.
However, I have a question on how secure this ACTUALLY is. If someone gets into my cPanel, my app key which is used for encryption is right there in front of them. Granted, my cPanel password is the one that's auto-generated by Hostgator and it's complete jibberish with semicolons and alphanumeric strings all over, so it's not easy to guess.
But I'm trying to learn a little bit more about security. If my app key in my env file is locked securely behind my cPanel login, is Laravels built in "encrypt()" method "enough" to call an app "secure"? Is there other measures within Laravel or my host provider that could make it more secure than just tight passwords? Is there some sort of practice of referencing the app key through an external source that's not located in the cPanel area? So even if my cPanel got hacked, my app key wouldn't be in those files and get exposed?
I'm not a security expert, but there are a few points I can share from my experience in working at highly-secured companies.
First, Laravel itself is fine. You can generally trust open source software since it's transparent and security bugs get discovered and addressed early. So you don't need to improve Laravel, just use it as is, preferably an LTS version.
Then, CPanel is a liability. You should minimize weak points on your system, i.e. those that are externally accessible. Get a VPS or a private server and access it via an SSH, don't use tools like CPanel and PhpMyAdmin on it. The less software you have that talks to the outer world, the less vulnerable you are to bugs in that software.
In my current company the production server can only be accessed via SSH from a single IP address, the address of the dev server. So I log in to dev server first, and then log in from there to the prod. It denies all connections from all other IPs.
If you are limited to using CPanel or something similar, consider protecting the login page with HTTP Basic Auth, some hosting providers allow that.
You also want to keep your system and software up to date. Not too new either as that may have bugs that haven't been caught yet. Our devops prefer to have it a couple of minor versions behind, so that the community has time to test it out and get hacked for you.
That's all I know as a web-dev, sure enough there are special tools and ddos protection services but that's beyond a dev's concern imo. If you just follow these steps, you should be safe. Hope that helped a bit, cheers :)
Forgive me if this would have been better placed somewhere else on the stackexchange network but I have seen a few Laravel questions being asked here so thought it would be OK.
Anyways...
I have a Laravel app which I want to get online and found some hosting here: https://www.server4you.net/virtual-server
The pricing is really good and there is root / SSH access. As I dont know if my web app will be a financial success I dont wanna go all out on a dedicated server but also don't mind migrating it at a later date (I know this will be a pain!)
I have seen a few people online recommend against using a VPS / shared server for a laravel app...my question is why?
If the servers can perform as advertised then this should be good?
I have never bought a vps or uploaded my own Laravel project to a server before so I feel like I should ask these questions now before I realise I have shot myself in the foot somehow way down the line...
Cheers!