The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How can you know your server is secure?

Discussion in 'General Discussion' started by Kent Brockman, Mar 11, 2008.

  1. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi, I've installed mod_security + DOS deflate script and everything seems to be ok but, how can I check if these scripts are working properly and will protect me when needed?
     
  2. Tymsah

    Tymsah Well-Known Member

    Joined:
    Apr 6, 2007
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hi,

    Upload your server Shell script c99 r57 or another php shell scripts.
    and try something :)


    hackers and lamers usually upload and try hack server.

    Regards,
     
  3. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Hi Kent, I'm not one of the more "advanced" users here, but I'm pretty good about keeping my servers secure. Don't know how to answer your question directly, but here is how I secure my servers and it seems to work well:

    - change SSH port to something unusual like 4269 or something like that (make sure the port is not used by another specific process)

    - create a new user in shell, then give that user Wheel Group permissions in WHM. This will allow that user to shell in and "su -" to root with root password

    - disable direct root (and telnet) access

    - Install a good firewall security script such as ConfigServer's CSF/LFD (which I have been very happy with, it does a great job and has a ton of features)

    - obviously keep your version of cpanel/whm up to date. I prefer to use the "Release" version.

    Those are a few of the basics, there are several more, but those are a good start IMO.

    Disclaimer - as I do not consider myself a "guru" at this stuff by any means, please check with other experts for their opinion on my advice before you use any of it.
     
  4. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    That advice is all good. You'll also want to install and run rkhunter and chkrootkit.

    If you take the earlier advice and install csf/lfd it will do a good security scan for you too.

    If you're really unsure, you can also get configserver.com or someone like them to do a security audit for you. It's money well invested if you don't want to take the time yourself, or are really unsure.
     
  5. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    c99 r57? what's that?


    Thank you everybody for the advice.


    Metro2:
    I've already implemented all that security measures. Another interesting measure that IMHO it's worthy a note, is to hide the Server signature provided by Apache. This will sustract another clue about what kind of server you are running on:
    1. Open your httpd.conf for editing: pico /etc/httpd/conf/httpd.conf
    2. Look for the "ServerSignature" instruction and set it to off: ServerSignature Off
    3. Save & exit from pico.
    4. Restart the http server: httpd restart


    Cheerz
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Make sure you've added your IP to bypass in CSF first, then grab this.

    http://www.nessus.org/nessus/

    Update it after install then run it against your server. That should help you to see how things are going security wise, a bit more I think.
     
Loading...

Share This Page