Cpanel Steps For Security
Jan 24, 2008
I just signed up for a shared hosting plan that uses cpanel and got a simple page up and running with no problems. I need to know if there are any steps I need to take as far as security. I have read info about password protecting directories but I'm not sure if that needs to be done on directories that are already there like /etc /mail /accesslogs or just ones that I create like /myimages for example.
I don't have visitors yet and don't think I will for awhile but would still like to take all precautions early and get them out of the way.
View 4 Replies
ADVERTISEMENT
Feb 20, 2008
1. Install CSF
2. Install Iptables if it's not installed (apt-get install iptables on redhat/centos)
3. In WHM under "# ConfigServer Security&Firewall" click on firewall deny ips
4. Open a 2nd window, Goto Main >> Server Status >> Apache Status
5. Check if there are any spammers with lots of connections to a specific file, that's how I got a lot of the IP's.
6. Goto http://ws.arin.net/whois/?queryinput=99.225.243.201
7. Enter the IP you found at "Server Status" and enter it at ws.arin.net to get the proper CIDR which you can easily add to your CSF deny hosts file (which is open in another window)
8. Get a tea and watch the server status closely.
View 8 Replies
View Related
Apr 5, 2008
When I take delivery of a dedicated server setup with CentOS and cpanel; what is the first I need to do? Is there somewhere any tutorial how help beginners on the right way?
View 14 Replies
View Related
Nov 7, 2007
I have moderate experience in administrating. I recently got a quarter cabinet, and I have 2 servers in there.
I have registered a company name, as a domain which is currently hosted at GoDaddy (www/mail) (mydomain.com)
But I have installed centos5 on one server, and called it web1.mydomain.com, added the web1 CNAME in GoDaddy's DNS control. Even did an rDNS to it through my provider.
I have installed Webmin on it to help me add virtual servers (who will be my customers)
And web1.mydomain.com has a mail server on it (Postfix).
Might even put DNS on it. These virtual servers will send emails as well (as I'll be hosting them)
But for now, what will be my next steps in getting my mail server (or the main server) accepted in the web world, for example, I've done SPF records, and rDNS. But what else do I need to do so my email is accepted everywhere?
The virtual domains will be sending mail using the postfix, and ofcourse it'll mean they're piggybacking on web1.mydomain.com, so I guess I need to do stuff so email from web1.mydomain.com will be accepted worldwide.
View 10 Replies
View Related
May 5, 2009
Can someone please provide me steps to install FFMPEG on centos5.
View 4 Replies
View Related
Jan 3, 2009
I've been with midphase/autica on a $10 reseller plan for several years, but I think it's time for a change. I have a personal site, and 2 small business websites.
I think I'm just going to sign up for a shared hosting plan, as I really don't need the separate cpanel access for each domain.
These are the migration steps as I understand them. Am I missing anything?
1. Sign up with hostgator
2. Set up main domain and 2 other domains.
3. FTP over all files and folders, including mail folders.
4. Set up email addresses with new host
5. Go to my registrar (namecheap) and change the name server from old to new (that hostgator gave me).
Is that about it? Am I missing any critical steps? Mainly, I just don't want to miss any emails. According to the chat at hostgator, once I switch the name servers, the change should be instantaneous. True?
View 11 Replies
View Related
Jul 14, 2009
I resell hosting and for the first time in 10 years, the hosting company's servers have gone down and my clients sites are currently down, including email (ouch!).
Any experience with this or suggestions on how to communicate and rectify the situation with my customers? None of them are doing major ecommerce so I don't think there is a significant loss of sales, but regardless, their site is down. I take pride in providing great service and want to be straight up with them and more than fair.
I was thinking of extending their current hosting and acquiring a backup host in the rare event that this happens again so at least their site will be live, even if email is not.
View 6 Replies
View Related
Apr 12, 2008
one of the worst things (in hosting) has happened. I received a notice this morning from lfd (configserver) that someone had logged into my server as root and it wasn’t me.
Unfortunately I didn’t notice it until eight hours later so I have no idea (yet) what happened during that period. Thankfully I don’t have any really critical data on the system that could have been stolen.
I’m in the process of restoring from a full system backup right now. After that’s done I’m going to look to see what the differences are between the files from the backup and that on the comprised drive. I’m not sure if I’ll get anything useful from the diff but hopefully I’ll find a clue as to how they got root access.
Then of course I need to get my server back up. However, I don’t want to do this until I’ve taken some steps to identify how the individual got in and take some additional preventative steps.
Here’s what I am planning on doing:
1) Check to make sure all exposed services are patched and look at some security sites to see if there are any known vulnerabilities for these services. Anyone know which sites are good to look at?
2) Change firewall to only allow ssh access from a couple specific IP addresses.
3) Disable root ssh access so I have to login via a different account and perform sudos, etc.
4)?
I’ll also look for a good server-hardening guide to see if there are some obvious things I forgot to secure.
Do any of you find folks have any other suggestions or resources that I should check out?
View 11 Replies
View Related
Oct 25, 2007
What else do I have to do?
I don't understand.
Please see attached screen-shots.
[url]
[url]
[url]
[url]
View 1 Replies
View Related
Oct 1, 2006
somewhere on my cpanel server a script has been able to be used by a spammer and im now getting tonnes of returned mails from aol etc. 1000's are coming in every hour.
I think i have found the culprit, but i can't be sure. how can i find out for sure which script this was? the email headers dont even show the user from what i can see!
View 6 Replies
View Related
Feb 25, 2008
When I try to access my CPanel, I get the following error message
r00t-x...here ]
your Security...Get DoWn
sorry ..
YOU ARE OWNED!
#my Email
:: Members::
HaCkeR Al-MaDiNaH~_~eVil CeLL
Is it a problem with my account, or a server problem. Is there anything I can do to prevent this problem? Mods please remove anything which is not as per TOS
View 14 Replies
View Related
May 10, 2007
How do I stop the common cpanel/whm "domain mismatch" security warning popup for good WITHOUT the need to install a server hostname certificate and access through that.
Is there a way to save the cert in the browser? I could not find that option and I am using Firefox 2.
View 1 Replies
View Related
May 8, 2007
I've noticed our cpanel still uses phpmyadmin 2.9.0.2 but there is a serious xss issue in versions up to 2.10.0
How can I install the new 2.10.1 around cpanel without it being overwritten?
[url]
View 3 Replies
View Related
Aug 30, 2007
Just have some questions regarding server settings and security
1) What will happen if
Open_basedir in php.ini is changed to
Open_basedir = /home:/tmp
?
2) What will happen if all hosted users in passwd file are set to /sbin/nologin ???
Dose it effect running the web site?
What are the effects if
Sync if set to /sbin/nologin default is /bin/sync
shutdown if set to /sbin/nologin default is /sbin/shutdown
halt if set to /sbin/nologin default is /sbin/halt
news if set to /sbin/nologin default is empty
netdump if set to /sbin/nologin default is /bin/bash
Mysql if set to /sbin/nologin default is /bin/bash
mailman if set to /sbin/nologin default is /bin/bash
cpanel if set to /sbin/nologin default is /bin/bash
3) How to make /bin/bash in passwd file is the default path for each new user added (automatically) in cpanel/whm server
4) What is the effect if base64_encode and base64_decode if been added in disable functions?
5) How to secure host.conf and nsswitch.conf to prevent DNS lookup poisoning and also provide protection against spoofs?
6) How to secure the system configuration file sysctl.conf to prevent the TCP/IP stack from syn-flood attacks?
7) What is ClamAV and how to disable it?
View 2 Replies
View Related
Apr 4, 2008
I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
View 10 Replies
View Related
Dec 4, 2008
I just signed up for dedicated server at Softlayer with cPanel, mySQL and CentOS. I'm moving a site that is on a VPS with WHM. I know that cPanel has a transfer site feature.
I was considering hiring a service to migrate my site and to harden my server. Is this necessary or should I simply move it via cPanel? Things are tight and I don't want to incur an unnecessary cost if I don't have to. I defer to the members here at WHT for your recommendations.
View 3 Replies
View Related
Apr 22, 2008
I've been all over the Net trying to find a solution to the 'mismatched' certificate error when a user tries to access cPanel.
I'm on a VPS and have discovered that if I use [url]that FireFox (bless them) doesn't popup with a warning. It will if I use my Shared IP like [url]
IE7 on the other hand ( may the wrath of Khan be on its head) displays it's egregious Red Seal with a warning that Kafka would have a hard time outdoing.
So here's the question with an IE7 gotcha:
Do I purchase a WildCard cert for "hostname.com" so that when a user tries to access cPanel via my.hostname.com they won't get a warning from IE? I've been all over the M$ IE forum and I couldn't find anyone that has a workaround for a shared SSL. I'm concerned now, that even a WildCard cert won't fix the IE problem.
View 12 Replies
View Related
Jul 16, 2009
I have regarding hosting/designing my application. Users of my website upload highly sensitive files to the server. I'll use SSL but will that be enough since the files are not encrypted on the server. I tried to encrypt the files but that is adding a huge overhead.
My first question is - is it a good idea to store the files on the server rather than a database? My other question is regarding hosting; I'm thinking of building my own server and host it in a colo. Is colo more secure than dedicated hosting? Currently i'm still in the process of developing my App and my environment is Windows Server 2008/SQL Server 2005.
View 13 Replies
View Related
Feb 9, 2007
Is there any problems with having duplicate rules in different files as I have downloaded some rules and am going to make them all into one file to give me the best protection, but this is going to take time and I really need some sort of protection now
View 2 Replies
View Related
Aug 25, 2007
after install ConfigServer Firewall i get the following ...
ConfigServer Security & Firewall - csf v2.89 >>
PHP Check >>
Check php for register_globals >>
WARNING >> You should modify the PHP configuration (usually in /usr/local/lib/php.ini) and set:
register_globals = Off
unless it is absolutely necessary as it is seen as a significant security risk
must i modify it?or not? put in ur consideration i tried to download it to modify an error occured!
View 2 Replies
View Related
