The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

harden the server avoid spam ?

Discussion in 'Security' started by tyuuu, Sep 25, 2015.

  1. tyuuu

    tyuuu Well-Known Member

    Joined:
    Oct 16, 2005
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    may i ask,when you install your cpanel server,

    do you take what setting modify to secure your server to avoid spam on your server,

    because some site may be upload script to spam,

    1. i hope those script can not be uploaded.

    2. of course,if cms is not updated and those spam script be upload,
    how can i limit those spam script to have mailbox auth before sending mail oit ?


    thanks
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello :).

    First of all, Please secure your server. Try to scan your server with cPanel security advisor. WHM >> >> Security Center >> SecurityAdvisor

    https://documentation.cpanel.net/display/ALD/Security+Advisor#SecurityAdvisor-Overview

    I would suggest you to have a look on below security checklist that you should perform.

    ==================================
    CSF hardening
    Install Mod-Security with Advanced Rules
    Install Clamav Anti Virus
    Install Maldet
    Install LSM
    Install PRM
    Lockdown & Hardening the Root Password
    Secure SSHD Port
    sysctl.conf Hardening
    host.conf Hardening
    Network Security with hosts.allow & hosts.deny
    nsswitch.conf Hardening
    Enable DDOS Protection
    Root Login Email Notifications
    Noexec, Nosuid Temporary Directories (noexec Directories such as /tmp, /var/tmp, /dev/shm)
    Security Updates as released by OS and/or Control Panel
    Disable Unwanted Services
    Enable PHP Open_Basedir Protection
    Enable mod_userdir Protection
    Securing Console Access
    PHP5 Hardening with disabling php functions.
    Configuring Anti-Spam Features to Reduce Spam
    ==================================

    Also please try to install configserver exploit scanner on your server. ConfigServer eXploit Scanner (cxs) performs active scanning of files as they are uploaded to the server.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. lx24

    lx24 Member

    Joined:
    Oct 2, 2014
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    with CXS + modsecurity you stop hacker from uploading such a scripts.
     
  5. tyuuu

    tyuuu Well-Known Member

    Joined:
    Oct 16, 2005
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    if i only install modsecurity with atomicorp.com's rule,it will not block those uploading ?
     
  6. lx24

    lx24 Member

    Joined:
    Oct 2, 2014
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Yes, definitely it will. Depends on the way the hacker uploading the files. However, not all code in file restrict by Mod-security rules. You really don't know what sort of code is included in file and mod-security rules works as they are defined. Mostly such files being uploaded by vulnerabilities found in site/plugins/modules etc.. Mod-security helps from uploading files from such a way.

    And with addition of CXS (ConfigServer eXploit Scanner). CXS does scan each uploaded file in real time. It may be from web upload or FTP. If CXS found any such malicious code in file it quarantine such file immediately.

    And a rule of mod-security for cxs, you can blocked the hackers IP on the server to prevent further uploading.

    Its up to you , you can first test with only atomic rules and if necessary go with cxs as well :)
     
  7. tyuuu

    tyuuu Well-Known Member

    Joined:
    Oct 16, 2005
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    may i ask more..

    does CXS use Mod-security rules(such as atomicorp.com's rule) to scan ? or CXS has his own rule ?
     
Loading...

Share This Page