Installation completed, now about security?

[Atd]

Hi, I've just installed centos + cpanel to my first dedicated server, i dont have any experience with whm, I used only cpanel shared hosts in the past,

After installation I've completed 12-5 welcome steps, and setuped custom nameservers, created a package and created an account, and seems working fine,

But now to secure server from brute force attacks, ddos attacks, what do I need to configure or to install?

and since I like to host 2 friend's websites there, i saw a lot of discussions in the past that from 1 account they can access other's accounts hosted on that server with shell scripts or php scripts, what you preferr for me for this?


Thank you.

 

[Infopro]

You're going to want to spend some quality time with the documentation.

A good place to start: Recommended Security Settings - cPanel Documentation

 

[Atd]

Ok I followed that guide about securing ssh, and apache suPHP, Suhosin (mod_security not but I will check later, Im newbie and dont understanded)

installed chkrootkit but didnt understanded how to set up a cron job for this

Also installed CSF and followed csf guide and now to security check is "Your Score: 117/131*"


but now Im not understanding whats the best way for preventing users to access other accounts files,
so example.com domain to dont access example2.com that are different accounts?

Thanks.

 

[PlotHost]

Check this thread http://forums.cpanel.net/f185/how-prevent-creating-symbolic-links-non-root-users-202242.html

 

[Atd]

Check this thread http://forums.cpanel.net/f185/how-prevent-creating-symbolic-links-non-root-users-202242.html

Thanks for advice, now I've unchecked FollowSymLinks but as I saw on that thread this not help and seems there is no perfect protection for this,

Im using cent os, If I convert to cloudlinux is that a good solution?

 

[KurtN.]

Thanks for advice, now I've unchecked FollowSymLinks but as I saw on that thread this not help and seems there is no perfect protection for this,

With respect to the SymLinksIfOwnerMatch option in Apache, the EasyApache team is currently looking into a possible solution for the race condition mentioned in the Apache Docs. Due to programmatic issues, it will likely only apply to Apache 2.2 and 2.4. Of course, fixes like this often come with trade-offs. In this case, the trade-off will be slightly higher disk usage, and thus slower page retrieval for files that have this option applied to it.