From your host name or Ip address, do a whois.com lookup. the unix host command will also give you different into. Also put the host name or Ip address into a google search.

From your host name or Ip address, do a whois.com lookup. the unix host command will also give you different into. Also put the host name or Ip address into a google search.

1.) When you say "hostname" I think of what my server is called, e.g. "server.mydomain.com"

Is that what you mean?


2.) Why do you say "host name" instead of "domain name"?


3.) How would I do a unix lookup?

Do I have to SSH into my VPS? If so, then what? (I have limited Linux knowledge, which is why I am concerned!)


4.) The context of my question is that if I set up a 2nd website on my VPS and use it for sharing work files with people I know, can that website - which wouldn't be listed on Google - end up being tied back to my other website on my VPS?

Whois lists the domain owner's information on file at your domain registrar. I noticed my registrar is still offering privacy as a paid service, but the details publicly available depend on the country. Since GDPR went into effect earlier this year some of that information is less available except for certain purposes (such as legal). That is something that can depend on where you live and where you register domains.

Have you considered restricting access via passwords, cookies or IP restrictions?

Whois lists the domain owner's information on file at your domain registrar. I noticed my registrar is still offering privacy as a paid service, but the details publicly available depend on the country. Since GDPR went into effect earlier this year some of that information is less available except for certain purposes (such as legal). That is something that can depend on where you live and where you register domains.

I am in the U.S., but use a registrar based in Europe. They have offered free privacy for years, so that should protect me on the domain.

Have you considered restricting access via passwords, cookies or IP restrictions?

Yes, I will use a .htaccess file with password.

But in my OP I am asking about how to isolate this new cpanel account from my primary cPanel account which is on the same server...

That is to say, I do not want someone to be able to figure out from temporary-domain.com information about my other domain name and website and cPanel account...

Switch your site to HTTPS by adding a TLS (SSL) certificate and making your file paths secure then add HTTPS Security Headers [webmasterworld.com] to stop cross domain info scraping.

I would like to better understand how someone can do reconnaissance on me by simply knowing my domain name or IP addrss.

Excepting if you use a host in China / Russia (and are not a dissident) , it will always be possible to identify the owner of a site by law enforcers. Now, this requires legal reasons to force the registrar / host / etc... to reveal the identity of their client.

From your IP address I will be able to find out your host provider, regardless of your domain name registrar, which I should be able to find as well. If you are on a shared server I will be able to find out other sites on your server. If you provide a tech contact email address and or your name I should be able to find your other sites as well. This is all open to all. With a little bit of Googlefu all this is possible.

There are open source hacking tools, which I have mentioned in past discussions, that I can use to scan your site for vulnerabilities (reconnaissance). Scanning for vulnerabilities is not illegal. Once I have a list of vulnerabilities I can look up in a database, conveniently included in the tool, on how to hack your site. It is the hacking part, the attemped breaking into your site, that is illegal.

Some CMS have better security than others. Wordpress is by far the worst. As a WP site user and owner I need to work hard to defend my and my customer's sites. With a WP target I can scan the site with another tool and get a list of login IDs. From there my hacking tool can use an external password file to try to hack into one or all of the IDs I found.

If you are concerned you need to do more research. Two factor authentication will go a long way in preventing a hack. These tools are out there. They are open source and free. People are using them daily against sites, I see them daily in my logs and shut them down. There is really nothing you can do to prevent someone from Russia, China, US from doing reconnaissance on your site.

Switch your site to HTTPS by adding a TLS (SSL) certificate and making your file paths secure then add HTTPS Security Headers [webmasterworld.com] to stop cross domain info scraping.

Thanks, but that has nothing to do with what I asked.

Yes it does. It's one way your info is scraped.

Server type, server version, server IP address, domain name, other domains hosted on server, etc.

@TorontoBoy:

From your IP address I will be able to find out your host provider, regardless of your domain name registrar, which I should be able to find as well.

I assume people would start with the domain name and then get the IP address from there, but I follow you.

If you are on a shared server I will be able to find out other sites on your server.

I am on a VPS, so what could you find on that?

Could you find the other websites hosted on the VPS? On the physical server?

Most importantly, could you determine any other websites (i.e. other cPanel accounts on my VPS) that are hosted from my particular VPS?

If you provide a tech contact email address and or your name I should be able to find your other sites as well. This is all open to all. With a little bit of Googlefu all this is possible.

If I register a new domain tomorrow from my registrar using the "privacy" option, won't that keep my personal details offline forever?

Also, since my registrar is in Europe and under the new GDPR, won't that further help?

There are open source hacking tools, which I have mentioned in past discussions, that I can use to scan your site for vulnerabilities (reconnaissance). Scanning for vulnerabilities is not illegal.

Are you a security person?

What tools are those?

Once I have a list of vulnerabilities I can look up in a database, conveniently included in the tool, on how to hack your site. It is the hacking part, the attemped breaking into your site, that is illegal.

Are you a white hat (or black hat) hacker?

Some CMS have better security than others. Wordpress is by far the worst. As a WP site user and owner I need to work hard to defend my and my customer's sites. With a WP target I can scan the site with another tool and get a list of login IDs. From there my hacking tool can use an external password file to try to hack into one or all of the IDs I found.

I don't think I explained my larger goal in my OP...

I have a VPS with a cPanel account and a business website - not up yet - which will clearly link to me in the real world.

I would like to create a side "work area" where I can temporarily post some work files that I want to give access to some people I talk to online who have offered to critque my work portfolio. To accomplish this, I would create a 2nd cPanel account, get a 2nd dedicated IP address on my VPS, and map it to a new domain that I register using privacy. These files would be hidden behind a .htaccess password file.

What I am trying to avoid is someone going to this temporary website, and then being able to systematically go from that site and domain back to that IP back to my web host and my VPS and then "jumping the shark" and figuring out my main cPanel account and website. (Because if someone could do that, then they would be able to easily find out who I am in real life. And, God bless the people offering to critique my work, but the relationship is an anonymous one and I want to keep it that way.)

So how can I accomplsih that? And will the above setup work?

There will be no email or WordPress sites or anything of the things that would complicate things.

What do you say about my strategy?

If you are concerned you need to do more research. Two factor authentication will go a long way in preventing a hack.

But that would apply here...

These tools are out there. They are open source and free. People are using them daily against sites, I see them daily in my logs and shut them down. There is really nothing you can do to prevent someone from Russia, China, US from doing reconnaissance on your site.

I just need something in place that will reasonably help me accomplish my modest goal...

@keyplyr:

Yes it does. It's one way your info is scraped.

Server type, server version, server IP address, domain name, other domains hosted on server, etc.

Fair enough.

So if I install an SSL cert on the temporary website I just described above, that will help protect me to some degree from ohers being bale to do reconnaissance on my "website"?

If I have a domain-verified SSL cert, wouldn't that give out PII about me?

Please see my previous post for a more detailed description of what I am trying to accomplish.

Thanks!

It's the security headers that stop cross-domain info scraping. However, the headers can only be used on a secure site.

Yes the security certificate does have your domain name assigned, but that doesn't reveal any more info than someone would already have being on the site to read that certificate.

However, the bottom line is... you are obliged to reveal a certain level of SPI (sensitive personal information) by having a website on the internet. Someone motivated enough can discover most anything by combining a little info from various sources.

If I register a new domain tomorrow from my registrar using the "privacy" option, won't that keep my personal details offline forever?

"Forever" is a word which doesn't exist, especially on the Internet. The day after tomorrow, the registrar can have a bug and accidentally expose information which were supposed to be hidden,... the registrar can also be hacked, and information stolen,... etc...

As about hiding your IP and other sites you are running at your VPS, you can use Cloudflare as a frontend.

@keyplyr:

It's the security headers that stop cross-domain info scraping. However, the headers can only be used on a secure site.

Can you explain more how this would work?

My workspace website would just be an empty Web Root with a couple files in it hidden behind a password.

I fail to see how anyone could do much there.

What I am concerned about is how easy/difficut it would be for someone to take temp-domain.com at 1.1.1.1 and somehow link it to my-business-domain.com at 2.2.2.2 either because of some hiddn linking or because of the commonality of my VPS.

I'm not worried about the first site and IP address, but don't want someone to be able to daisy-chain things together and ultimately link it back to me as a person.

It seems like a new privately registered domain, new IP, new cPanel account, and htaccess password would be enough.

Remember that anyone going to temp-domain.com doesn't know anything about me and shouldn't be able to find anything out about me short of a massive databreach at my registrar.

However, if you go to my-business-domain.com then you can find out a lot of stuff about me!

So as long as I keep them separated, and short of data-breaches and my web host getting hacked, I should be safe.

But then I am here asking to make sure I don't miss any "gotchas"!

Yes the security certificate does have your domain name assigned, but that doesn't reveal any more info than someone would already have being on the site to read that certificate.

So you think adding an SSL to temp-domain.com is money well spent, even though the site is already highly restricted to access?

However, the bottom line is... you are obliged to reveal a certain level of SPI (sensitive personal information) by having a website on the internet. Someone motivated enough can discover most anything by combining a little info from various sources.

Correct. And my goal is to make it difficult enough that I only have to worry about the NSA and the Russiians, and not casual surfers and hackers...

@JustPassing:

"Forever" is a word which doesn't exist, especially on the Internet. The day after tomorrow, the registrar can have a bug and accidentally expose information which were supposed to be hidden,... the registrar can also be hacked, and information stolen,... etc...

Fair enough.

As about hiding your IP and other sites you are running at your VPS, you can use Cloudflare as a frontend.

Yes, I am looking into the free version of Cloudflare...

Do you think the free version is any good for what I need it for?

I don't think Cloudflare will solve all your concerns. It won't erase the info on you.