Portal Home > Knowledgebase > Articles Database > Securing my cPanel VPS
Securing my cPanel VPS
| Posted by DaveB, 02-27-2010, 07:32 PM |
| I am making my way through securing my cPanel VPS, I have come across several guides to do this but they are quite old.
Obviously since the guides were created there will have been updates to cPanel etc. What I do not want to do make any changes that undo any security updates that have been released.
So far I have implemented Logwatch, mod_security, locked down SSH root access, enabled Brute force detection from within cPanel and installed chrootkit.
What absolutes have I not done that I need to do?
|
| Posted by Mark Muyskens, 02-27-2010, 08:04 PM |
| What about CSF?
|
| Posted by DaveB, 02-27-2010, 08:11 PM |
| No, I haven't implemented that, there is the default firewall running on the CentOs server, I take it I should disable that in favour of CSF?
|
| Posted by Mark Muyskens, 02-27-2010, 08:16 PM |
| Your choice really, I just like how CSF adds a module in WHM.
|
| Posted by DaveB, 02-27-2010, 08:20 PM |
| I would prefer that too, I will look into it, thanks very much!
|
| Posted by inspiron, 03-01-2010, 09:26 AM |
| Also its must needed to secured your /tmp partition as most of the attacks are targeted through this partition only.
|
| Posted by cPanelDavidG, 03-01-2010, 01:42 PM |
| I recommend reading the recommended security settings for cPanel/WHM 11.25, available at: http://docs.cpanel.net/twiki/pub/All...d_settings.pdf (PDF).
|
| Posted by esupports, 03-01-2010, 02:38 PM |
| Try to run chkrootkit, rkhunter regularly on the server to check the rootkits and suspicious files.
Hardened the SSH service by disabling the direct root login and changing the ssh port from 22 to someother.
Optimize apache/php and mysql.
|
| Posted by DaveB, 03-01-2010, 02:50 PM |
| this has been mentioned before, I will contact my host and ask them to mount the /tmp partition as suggested.
thanks for that, i will browse through it!
I have disabled root SSHlogins, changed the port etc. I have also installed CSF and configured cPanel as per the warnings that CSF generated.
I receive emails about failed login attempts etc, quite alarmed by the amount I receive to be honest! chrootkit and rkhunter also emails me daily.
The root MySQl password has been changed. As for optimise Apace and PHP can you suggest best practice.
Thanks everyone!
|
| Posted by gabil, 03-01-2010, 03:55 PM |
| Optimizing apache/mysql is a tricky task and depends a lot on the server's hardware + the script(s) you're using.
However, there is a perl script, called MySQL Tuner, that will help you in optimizing the MySQL server. You can download the script at: http://github.com/rackerhacker/MySQL...perl/downloads
It is best to run this script after running MySQL server for at least 24 hrs.
|
| Posted by tjohnson3757, 03-02-2010, 01:54 PM |
| If I were you I would get professonials like platinumservermanagement to secure the server.
|
| Posted by michaelpoulsen, 03-03-2010, 06:15 AM |
| I can attest to that. Unless you dont have anything valuable to lose, you really want this done by savvy pros
|
| Posted by jweeb, 03-03-2010, 11:36 AM |
| i agree. get professionals to help you. search wht forums to find one.
|
Add to Favourites 
Print this Article
Also Read
