The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Optimisation and/or Security Checklist for WHM/cPanel?

Discussion in 'Workarounds and Optimization' started by sm9, Aug 20, 2010.

  1. sm9

    sm9 Active Member

    Joined:
    Oct 10, 2009
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Hi there,

    I use WHM/cPanel on my VPS's. Just wondering if there are any good practice optimisation and/or security checklists that anyone can recommend I follow?

    At the moment, here's the own basic steps I follow when I get a new VPS:

    • Login as root
    • cPanel > Upgrade to Latest Version
    • Software > Update Server Software
    • Software > Update System Software
    • Server Contacts > Change System Mail Preferences - Update Root's, Nobody's and cPanel's email addresses
    • Server Contacts > Contact Manager - Update notification preferences
    • Backup > Configure Backup - Change interval to Daily, Run on all days of week, Backup SQL Per Account & Entire MySQL Directory
    • Server Configuration > Server Time - Change to Europe/London
    • Service Configuration > Apache Configuration > Global Configuration - change MaxClients to 256
    • Service Configuration > PHP Configuration Editor > Advanced - Change memory_limit to 256M, post_max_size to 20M, upload_max_filesize to 20M, max_execution_time to 120, max_input_time to 320
    • Software > EasyApache (Apache Update) - 1. Use Previously Saved Config, then Start Customising Based on Profile, 2. Apache 2.0, 3. PHP 5, 4. PHP 5.2.14, 5. Choose Exhaustive Options List, 6. Remove Frontpage, add EAccelerator for PHP, Add Curlwrappers, Add EXIF, Then Save and Build
    • Packages > Add a Package - call it Default Package, don't include CGI access or Front Page Extensions.

    Thanks for any advice,

    Stephen
     
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
  3. B12Org

    B12Org Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    692
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle Washington
    cPanel Access Level:
    Root Administrator
    for php its probably a good idea to disable the following functions
    dl , exec , passthru , pcntl_exec , pfsockopen , popen , posix_kill , posix_mkfifo , posix_setuid , proc_close , proc_open , proc_terminate , shell_exec , system , leak , posix_setpgid , posix_setsid , proc_get_status , proc_nice , show_source

    and set enable_dl to off, expose php to off, allow_url_fopen to off, that sort of thing.
     
Loading...

Share This Page