brand_land

Active Member
Oct 18, 2018
40
2
8
Saudi Arabia
cPanel Access Level
Reseller Owner
Firewall D
I have a Centos 7 VPS, do I have to use firewalld ? if yes then what is the purpose of security adviser ? and if I do, do i need to configure it or just enabling it would do the work ?
I once tried to run it and the server stopped as I didn't open both ports 2223 and 2224, if I enable it and open the two ports, do I have to enable the SSH access in case anything wrong happens ? as I disable SSH for security.

ClamAV
It already came installed with the VPS, how di I make sure that it's database is up to date ?
and how do I configure a cron job to scan all users and send the result to an email ?

LMD
Do I need it with the clamav ?

And what else can I do to secure the server ?

Thank you
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,080
657
263
Houston
cPanel Access Level
DataCenter Provider
I have a Centos 7 VPS, do I have to use firewalld ? if yes then what is the purpose of security adviser ? and if I do, do i need to configure it or just enabling it would do the work ?
The two aren't really related at all, security advisor provides information and suggestions about matters of security that encompass a large range of items which do not include the firewall.

When you enable a firewall you need to ensure that the ports necessary for your services are open. cPanel has a script that will do this automatically for you:

Code:
/scripts/configure_firewall_for_cpanel
What are you using ports 2223 and 2224 for?


It already came installed with the VPS, how di I make sure that it's database is up to date ?
This should be done automatically but you can update the ClamAV database by running freshclam freshclam(1): update virus databases - Linux man page

how do I configure a cron job to scan all users and send the result to an email
For ClamAV configuration the documentation here should be useful: Configure ClamAV Scanner - Version 78 Documentation - cPanel Documentation


LMD
Do I need it with the clamav ?
If you're referencing Linux Malware Detect, it's a useful tool for finding malware and can be used along side ClamAV for additional protection, though it does essentially the same thing ClamAV does.


And what else can I do to secure the server ?
The documentation here should be helpful for this question: Tips to Make Your Server More Secure - cPanel Knowledge Base - cPanel Documentation


Thanks!
 

brand_land

Active Member
Oct 18, 2018
40
2
8
Saudi Arabia
cPanel Access Level
Reseller Owner
When you enable a firewall you need to ensure that the ports necessary for your services are open. cPanel has a script that will do this automatically for you:
So I don't need any configuration ?
and what about SSH access, do i have to enable it if I'm using a firewall ?

What are you using ports 2223 and 2224 for?
They are used in order to be able to manage my VPS through Godaddy dashboard, without them I won't have access to WHM unless I use SSH.


For ClamAV configuration the documentation here should be useful: Configure ClamAV Scanner - Version 78 Documentation - cPanel Documentation
I read this but I couldn't find out how to modify it to make it send an email with the infected files to my email address


Thank you very much for your reply