The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

general security

Discussion in 'Security' started by ozzieonline, Dec 24, 2012.

  1. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hi guys,

    Since almost 2 weeks I have my own VPS. My intention is to make websites for other people and place them on my VPS. These people will be able to use webmail, but won't get FTP access. It's the first time I have my own VPS. I'm actually a webdesigner/programmer and configurating a VPS is totally new to me. My question is: what are the BASIC things to do to secure my VPS? I want my VPS to be safe. I know there are all kind of freaky tweaky things I could do, but what are the BASICS?

    - I installed ClamAV (but I found out it eats memory and doesn't work real-time. Is there a better FREE alternative maybe?)
    - I'm planning on installing the firewall CSF/LFD
    - I enabled cPHulk
    - I turned off the "server signature" and the "server tokens"
    - I disabled anonymous FTP
    - I'm planning on disabling the root user login (set permitrootlogin to "no")
    - I'm planning on changing the SSH port number
    - I will be the only person who has FTP access
    - I'm planning on disabling /cpanel and /whm links (www.mysite.com/cpanel)

    Are there more things I should do?

    Many thanks in advance!
     
  2. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    If you don't know the first thing, scrap the VPS and be a reseller for a few years. You're starting off in the deep end, and it's a world of pain.
     
  3. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thanks, but this is not helping me.

    Anyone who can give some advice?
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,481
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Agreed.

    Yes, click here:
    Support | cPanel, Inc.

    Type in one word, security. Read all the links. Those are the best answers to get you going in the right direction. But there's lots, lots more you'll need to know as well.
     
  5. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Install CSF and then go to WHM-> Plugins-> ConfigServer Security & Firewall-> Check Server Security

    It "Performs a basic security, stability and settings check on the server".

    I would not enable it if you use csf/lfd
     
  6. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thank you quietFinn. That is a very good tip! I appreciate it!

    Why do you advice not to enable cPHulk with CSF/LSD? I read people who are using them both at the same time and say it's a good combination.
     
  7. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    I am one of those who do not wear both belt and suspenders. :p
     
  8. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    hehe :D that's a good one!

    But will it harm? I read people saying it's better to use both... so that's why i wonder why you advice the opposite?
     
  9. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    I use CSF/LFD, and if an IP is blocked I know it's done by LFD.

    I find it quite confusing when there are 2 applications doing blocking, for same reasons.
     
  10. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Allright... but does CSF also block false login attempts on the login screens for Power Panel, WHM and cPanel? (like cPHulk does)
     
  11. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Yes, it does, and that is something you would have seen if you'd spent even 5 minutes reading.

    Actually, it **is** helping you in pretty much the best way. I'm afraid you don't know even the basics, and you are asking questions here that could have been answered by spending 5 minutes with Google. Seriously, server administration is a skill that takes some years to learn. If you haven't done it before, and are trying to run a web hosting company, you're asking for trouble; take it from someone who has learnt the hard way. Best to pay a few extra dollars for someone to help you, which will in itself help you learn as you go. This forum isn't a replacement for that, nor is it a replacement for Google.

    Not trying to be harsh here, apologies if it comes across that way; if you do want to run a server yourself you will need to do a lot of reading about the issues involved.

    If you have specific, detailed questions that you can't answer in 30 minutes or so of Googling, by all means do come back and ask here. Please be prepared to do the work rather than expecting us to do it for you -- and also the answers you find via Google are often more carefully and thoroughly prepared than just brief comments here.
     
    Infopro likes this.
  12. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Wow... that's very nice :confused:

    I am learning. But in the beginning you always have to learn to find your way. It's hard to find something, if you don't know where to look. I believe your intentions are oke, but I do hope your social skills in real life are a bit better :D Hey, you're a programmer so I understand. Be aware though that some people are still learning and do their very best. A little help now and then is very welcome. I have a managed VPS by the way. My VPS should already be safe according to the hosting company. However, I want to learn what I can do to make it even safer. And yes I am learning, but remember... there is only 1 way to get on top of a mountain... step by step.

    Kind regards, and have a happy 2013
     
  13. Astral God

    Astral God Well-Known Member

    Joined:
    Sep 27, 2010
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
  14. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thanks Astral God!!! That will be very useful! :)
     
Loading...

Share This Page