The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

harden the server avoid spam ?

Discussion in 'Security' started by tyuuu, Sep 25, 2015.

  1. tyuuu

    tyuuu Well-Known Member

    Joined:
    Oct 16, 2005
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    156
    Hi,

    may i ask,when you install your cpanel server,

    do you take what setting modify to secure your server to avoid spam on your server,

    because some site may be upload script to spam,

    1. i hope those script can not be uploaded.

    2. of course,if cms is not updated and those spam script be upload,
    how can i limit those spam script to have mailbox auth before sending mail oit ?


    thanks
     
    #1 tyuuu, Sep 25, 2015
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,308
    Likes Received:
    45
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello :).

    First of all, Please secure your server. Try to scan your server with cPanel security advisor. WHM >> >> Security Center >> SecurityAdvisor

    https://documentation.cpanel.net/display/ALD/Security+Advisor#SecurityAdvisor-Overview

    I would suggest you to have a look on below security checklist that you should perform.

    ==================================
    CSF hardening
    Install Mod-Security with Advanced Rules
    Install Clamav Anti Virus
    Install Maldet
    Install LSM
    Install PRM
    Lockdown & Hardening the Root Password
    Secure SSHD Port
    sysctl.conf Hardening
    host.conf Hardening
    Network Security with hosts.allow & hosts.deny
    nsswitch.conf Hardening
    Enable DDOS Protection
    Root Login Email Notifications
    Noexec, Nosuid Temporary Directories (noexec Directories such as /tmp, /var/tmp, /dev/shm)
    Security Updates as released by OS and/or Control Panel
    Disable Unwanted Services
    Enable PHP Open_Basedir Protection
    Enable mod_userdir Protection
    Securing Console Access
    PHP5 Hardening with disabling php functions.
    Configuring Anti-Spam Features to Reduce Spam
    ==================================

    Also please try to install configserver exploit scanner on your server. ConfigServer eXploit Scanner (cxs) performs active scanning of files as they are uploaded to the server.
     
    #2 24x7server, Sep 25, 2015
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,600
    Likes Received:
    1,128
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    #3 cPanelMichael, Sep 30, 2015
  4. lx24

    lx24 Member

    Joined:
    Oct 2, 2014
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    with CXS + modsecurity you stop hacker from uploading such a scripts.
     
    #4 lx24, Oct 2, 2015
  5. tyuuu

    tyuuu Well-Known Member

    Joined:
    Oct 16, 2005
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    156
    if i only install modsecurity with atomicorp.com's rule,it will not block those uploading ?
     
    #5 tyuuu, Oct 2, 2015
  6. lx24

    lx24 Member

    Joined:
    Oct 2, 2014
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Yes, definitely it will. Depends on the way the hacker uploading the files. However, not all code in file restrict by Mod-security rules. You really don't know what sort of code is included in file and mod-security rules works as they are defined. Mostly such files being uploaded by vulnerabilities found in site/plugins/modules etc.. Mod-security helps from uploading files from such a way.

    And with addition of CXS (ConfigServer eXploit Scanner). CXS does scan each uploaded file in real time. It may be from web upload or FTP. If CXS found any such malicious code in file it quarantine such file immediately.

    And a rule of mod-security for cxs, you can blocked the hackers IP on the server to prevent further uploading.

    Its up to you , you can first test with only atomic rules and if necessary go with cxs as well :)
     
    #6 lx24, Oct 2, 2015
  7. tyuuu

    tyuuu Well-Known Member

    Joined:
    Oct 16, 2005
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    156
    may i ask more..

    does CXS use Mod-security rules(such as atomicorp.com's rule) to scan ? or CXS has his own rule ?
     
    #7 tyuuu, Oct 2, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - harden server avoid
  1. tss

    SOLVED hardened kernel installed? not reported by server after reboot.

    tss, Jan 6, 2017, in forum: Security
    Replies:
    3
    Views:
    406
    cPanelMichael
    Jan 9, 2017
  2. danielpmc

    ConfigServer lfd Hardening

    danielpmc, Nov 9, 2016, in forum: Security
    Replies:
    1
    Views:
    326
    cPanelMichael
    Nov 9, 2016
  3. linux4me2

    cPanel-Hardened Kernel Release Notification Email?

    linux4me2, Apr 19, 2017, in forum: General Discussion
    Replies:
    6
    Views:
    136
    cPanelMichael
    Apr 26, 2017
  4. webmasteryoda

    cPanel hardened kernel safety?

    webmasteryoda, Feb 26, 2017, in forum: Security
    Replies:
    4
    Views:
    374
    webmasteryoda
    Mar 2, 2017
  5. mikefromnz

    Latest Kernel not Hardened?

    mikefromnz, Feb 25, 2017, in forum: Security
    Replies:
    6
    Views:
    445
    mikefromnz
    Mar 3, 2017

Share This Page