The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Quick Security Scan

Discussion in 'Security' started by popeye, Jul 6, 2013.

  1. popeye

    popeye Well-Known Member

    Joined:
    May 23, 2013
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Hi was just about to do a scan but got this message below just wanted to know if this was normal ?

    There are services enabled by default with your operating system that are not necessary for most web servers. This function will disable the following services: portmap - Used by NFS to map network drives cupsd - Used for printing nfs statd - Used for NFS file system mounting. nis - Network information service gpm - Console mouse services If you see a [FAILED] error message, this means that the service was not running when the scanner tried to shut it down. This is not a problem, the service will still be prevented from automatically starting.
     
  2. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Yes it is normal.

    If you have CSF I suggest you go to WHM-> Plugins-> ConfigServer Security&Firewall-> Check Server Security.
     
    #2 quietFinn, Jul 6, 2013
    Last edited: Jul 6, 2013
  3. popeye

    popeye Well-Known Member

    Joined:
    May 23, 2013
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Hi only want to do a scan which i have just done and it finished and just said done, but why did you say go to ConfigServer Security&Firewall ?
     
  4. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Because CSF's "Check Server Security" tells you something, instead of just saying "Done".
     
  5. popeye

    popeye Well-Known Member

    Joined:
    May 23, 2013
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    How can i do a scan with CSF ?
     
  6. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    You can check your server security through CSF firewall, Here are the CSF demo link, Please check it

    Main CSF plugin interface : ConfigServer Security & Firewall

    And click on : "Check Server Security" on your server you will get the full server security report

    Check this demo Report page : ConfigServer Security & Firewall
     
  7. popeye

    popeye Well-Known Member

    Joined:
    May 23, 2013
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Yes i did all that when i installed it but i do still have some red warnings, left the ones i was not sure about.
     
  8. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    For which options are you getting red warnings ?
     
  9. popeye

    popeye Well-Known Member

    Joined:
    May 23, 2013
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Check csf PT_SKIP_HTTP option
    Check /dev/shm is mounted noexec,nosuid
    Check MySQL LOAD DATA disallows LOCAL
    Check for cxs
    Check SSH on non-standard port
    Check SSH PasswordAuthentication
    Check mod_userdir protection
    Check php for disable_functions
    Check php for ini_set disabled
    Check compilers
    Check proxy subdomains
    Check Accounts that can access a cPanel user account
    Check Cookie IP Validation
    Check Referrer Blank Security
    Check Referrer Security
    Check AppConfig Required
    Check AppConfig as root
    Check AppConfig ACLs
    Check AppConfig Feature List
    Check server startup for portreserve
     
  10. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    At least you have to clear the following warning on your server

    If you have any help to clear all warnings let me know I will assist you in this regard
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Yes, this is a normal message. It's letting you know which services will be disabled in-case you utilize any of them.

    Thank you.
     
Loading...

Share This Page