WHM Attack
I recently got attacked on my VPS ( which is a hosted VPS with WHM / cPanel on it)
I have cphulk active on it and locks them out after 3 attempts but somehow my root password got changed and a customers site had nice "you've been hacked" messages on it.
What can I do to protect WHM / cPanel?
Help!
Please check /http://www.whmsecurity.com/linux-security/7-how-whm-cpanel-hardening-security-basics-part-1-a.html lots of tips here for overall security.
Re: WHM Attack
Use only strong passwords. Also check the logs to see more details.
www.PlotHost.com - Professional Web Hosting Solutions
Re: WHM Attack
Hello Astral,
That website contains very misleading information such as turning on magic quotes, safe mode, disabling shell access for all (other than root), suhosin etc.Originally Posted by Astral God
A new user should never have suhosin installed, in-fact, suhosin doesn't really harden WHM but more of PHP.
All these are terrible mistakes and I suggest not to follow them.
There are smarter ways of hardening your WHM.
Firstly, you need to actually find out HOW the attacker actually hacked into your server.
After finding out how the attack hacked into your server, it will eventually be better rather than just guessing the leak hole and anyhow- patching everything that is useless.
Yours truly,
GIANT_CRAB
Support operator @ LoomHosts
Re: WHM Attack
you will use strong pass ex:minhtikh@23$
Re: WHM Attack
Let's hope that isn't one of your passwords!
As for password strengthening, you could configure that in WHM > Configure Security Policies > Password Strength and then WHM > Security Center > Password Strength Configuration areas.
cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
-- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support
Submit a ticket | Check an existing ticket
LinkBack URL
About LinkBacks
Reply With Quote