A Beginner's Guide to Securing Your Server

gpilot

Member
Nov 26, 2006
12
0
151
Daily email of chkrootkit results

Credit goes to Webhostgear, but works for me on my server. This assumes you already have chkrootkit installed:

Daily Automated System Scan that emails you a report

While in SSH run the following:
pico /etc/cron.daily/chkrootkit.sh

Insert the following to the new file:
#!/bin/bash
cd /yourinstallpath/chkrootkit-0.42b/
./chkrootkit | mail -s "Daily chkrootkit from Servername" [email protected]

Important:
1. Replace 'yourinstallpath' with the actual path to where you unpacked Chkrootkit.
2. Change 'Servername' to the server your running so you know where it's coming from.
3. Change '[email protected]' to your actual email address where the script will mail you.

Now save the file in SSH:
Ctrl+X then type Y

Change the file permissions so we can run it
chmod 755 /etc/cron.daily/chkrootkit.sh

Now if you like you can run a test report manually in SSH to see how it looks.
cd /etc/cron.daily/

./chkrootkit.sh

You'll now receive a nice email with the report! This will now happen everyday so you don't have to run it manually.
 

agentblack

Well-Known Member
Mar 28, 2008
59
0
56
Indiana
Can admin's please sticky this, this is a great guide for any beginner or advanced user to help cover a base you might have missed, PLEASE sticky this! :)

Thank you to the creator of this post.
 

Ishware

Well-Known Member
Nov 7, 2003
211
6
168
Williamsburg, VA
cPanel Access Level
Root Administrator
As has been pointed out - it's old info, even if mostly still relevant.

Would be better for the experts (of which I am not one) to try and work on a new guide, re-using from here what's appropriate. :)
 

KeB

Member
Feb 22, 2010
22
0
51
As has been pointed out - it's old info, even if mostly still relevant.

Would be better for the experts (of which I am not one) to try and work on a new guide, re-using from here what's appropriate. :)
I was just going to ask a similar question, I notice the original article is over 4 years old, i would guess that maybe some of the recommendations have been implemented by Cpanel themselves.

From the original article, what is still applicable to the current version of Cpanel and would should be implemented?
 

deejay

Registered
Jul 31, 2009
4
0
51
Same question here!

Can we have this updated please (the original post is over 4 years old).

Thanks
 

Kevinfrom

Well-Known Member
Jan 18, 2008
47
1
56
Thanks to all who contributed to this great thread.

We will be making alot of this part of our "Securing your Server" article that should hopefully be available officially soon.
 

Lygas

Member
Mar 6, 2010
19
0
51
Greece
cPanel Access Level
Root Administrator
Hi there, New in WHM/cPanel here.

The first post's Guide is still active? i mean i was only do the basic setup in WHM but nothing about Firewall or Security issues.

Is there some Basic setting to do for more Security or is enough the default firewall settings..?


Thanks, Demetris
 

Kevinfrom

Well-Known Member
Jan 18, 2008
47
1
56

Acaherb

Registered
Feb 23, 2013
3
0
1
cPanel Access Level
Website Owner
A Beginner's Guide to Securing Your Server Part 1 of 3 (Security Inside WHM/CPanel)


These are items inside of WHM/Cpanel that should be changed to secure your server.



Goto Server Setup =>> Tweak Settings


Check the following items...


Under Domains

Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)


Under Mail

Attempt to prevent pop3 connection floods

Default catch-all/default address behavior for new accounts - blackhole


Under System

Use jailshell as the default shell for all new accounts and modified accounts



Goto Server Setup =>> Tweak Security

Enable php open_basedir Protection

Enable mod_userdir Protection

Disabled Compilers for unprivileged users.



Goto Server Setup =>> Manage Wheel Group Users

Remove all users except for root and your main account from the wheel group.



Goto Server Setup =>> Shell Fork Bomb Protection

Enable Shell Fork Bomb/Memory Protection



When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.



Goto Service Configuration =>> FTP Configuration

Disable Anonymous FTP



Goto Account Functions =>> Manage Shell Access

Disable Shell Access for all users (except yourself)


Goto Mysql =>> MySQL Root Password

Change root password for MySQL



Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans:

/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod
Awesome tutorial. This is what i neaded