Sure, it shows all, but it’s a lot of crap to look through if you are just looking for your own. But if you want to see who else is on your machine, it’s interesting. you can just do:
to see all your friends.
Sorry, I’m not sure about SFTP. I only use SSH and am on a shared server, so the location of the log files may be different for you. I would assume, though, that SFTP would produce the same log entries as it’s essentially FTP over SSH.[hr]
You can check your ~/.ssh/authorized_keys file to make sure no one has logged into your account and added their key. I was actually completely unaware of all the ruckus despite making many code updates to one of my sites over the past few days because I only use passwordless authentication. The bad part of that system, though, is the same as authenticated cookies. Should an adversary add their key or get an authenticated cookie, changing passwords won’t keep them out.
Another thing I do is a daily cronjob that emails a list of all files modified in the last 48 hours along with scanning the logs for 404 codes and sending the list of requests. Sometimes they are innocent, but often it’s a script looking for exploits. I occasionally add the request patterns to a blacklist even though they result in 404.
You can also ask Support to disable access to your databases via myPhpAdmin and access to your account via webFTP/AjaXplorer. They are not safe and there’s no reason to use them, but they are enabled by default on all domains.
Enabling an IP-based whitelist to your web panel account is also good practice.
I could go on and on as I’ve been working on this for a while now. You can see part of my notes here. Eventually I’ll add it all to the wiki.
I like the part where he wrote [quote]We’ve already implemented changes to prevent any similar attempted hacks, and we’re performing a rigorous security review including a detailed review of customer input on potential vulnerabilities.[/quote]
Um, a detailed review of customer input on potential vulnerabilities? Dude, check your little suggest-a-feature-thingie in the panel and you’ll notice that customers have been asking for non-recoverable passwords for eight years.
This is from the same company that still has the following statement at the top of their Contact Support section:
despite the fact that Support will tell you that it hasn’t worked for a long time. What’s up with that? It’s new, but it hasn’t worked for a long time? Then take it down.
I just extended my hosting plan by 5 years, despite some of my misgivings and concerns, because overall it seems like DH is still better than most others around the same price point. But come on, DH. You are supposedly pushing out updates to the panel weekly, so hide that announcement already. And the conueries which apparently don’t matter as much as long query times.
There are a lot of good things about DH, but some of the bad things are so blatantly and frustratingly bad… As I said, I’ve had a good enough experience to commit to 5 more years, but it would be nice to see some progress on those bad spots…