Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cpanel in a hostile minefield

Discussion in 'General Discussion' started by axishost, Oct 6, 2003.

  1. axishost

    axishost Active Member

    Joined:
    Sep 10, 2002
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    156
    I am launching a new free hosting service that uses cpanel with modified skins / and custom scripts etc. My question is..

    What things do I need to make sure are secured before doing this? I used the feature manager and took away about everything that could pose a risk / compiled it with php suexec with the "no read other webdirs" option.

    The freehosting environment is the most hostile and abused sector of hosting - so I am looking for things to check considering that I would get people from all over the world with explicit attempts at fraud / illegal material and hacking.


    What would I check on my server and is cpanel up to the challenge?

    JDT

    cPanel.net Support Ticket Number:
     
  2. sleuth1

    sleuth1 Well-Known Member

    Joined:
    Mar 16, 2003
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    156
    just a couple of things to help out ,there are many more no doubt

    1/ dont allow telnet or shell
    2/ dont allow irc , phpshells
    3/ watch for web sites with no front page carrying over 10 MB
    4/ check home/user/files via ssh often
    5/ disallow mail except to trustees
    6/ get a forum with stong fascists mods to help keep the abusers out
    7/check /tmp everyday for hidden scripts
    8/block all ports not in use with APF or similar
    9/ run the command in ssh everyday to see if you have leaches on your bandwidthnetstat -an
    10/ terminate any account with out mercy that shows a hint of abuse
    11/ the most likely hacks will come from within accounts so lock the machine down so they cant get out , even if they get some degree of internal access.
    12/use iptables to block individual abusers ( you will get cries I cant access my site ) works everytime.

    scary stuff mate, good liuck.

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice