The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Random Phishing attacks

Discussion in 'Security' started by hozyali, Sep 4, 2011.

  1. hozyali

    hozyali Well-Known Member

    Joined:
    Jan 24, 2007
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I have over 120 customers on my dedicated server loaded with centos and whm. Some of my clients are having random phishing attacks on their site and ftp accounts.

    I am not sure how do I handle this situation. Most of my clients are using wordpress and other cms based websites. and they usually update them frequently too.

    For the same purpose, I asked soft layer support too. They gave me just a hint with this info.

    Additional things that can be done to help secure sites are installations of ModSecurity(ModSecurity: Open Source Web Application Firewall), SuPHP(suPHP - Home), and Suhosin (Hardened-PHP Project - PHP Security - Suhosin). These are all available through WHM and easy Apache however will require some configuration.

    Now, I am not sure how these 3 things will impact on the existing sites of my clients on the server.

    I wanted to know the following.

    1- Is it safe and good to just go an enable thru easy apache?
    2- Won't my clients' sites have any trouble?
    3- Do I have to do any extra configuration for any of these modules if I enable them? If yes, what and how?

    Please advise.

    thanks
     
  2. k-planethost

    k-planethost Well-Known Member

    Joined:
    Sep 22, 2009
    Messages:
    199
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Athens Greece
    support told you to recompile php with suhosin
    there is an option from suhosin on easy apache update.
    also to switch from dso to suphp with mod suphp clicked on easy apache update.
    also mod security is an option from easy apache update.for extra rules have been discussed on this forum what to do
    do you have a firewall on the server?
    if you switch from dso to suphp if the permissions are correct there shouldnt be any trouble after
    i think you have to revise and apply some security options on your servers for spam etc
     
  3. hozyali

    hozyali Well-Known Member

    Joined:
    Jan 24, 2007
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    thanks for your reply. there is no firewall on the server I think.

    so you mean to say is it safe to go ahead and enable those 3 modules?

    thanks for your help

     
  4. k-planethost

    k-planethost Well-Known Member

    Joined:
    Sep 22, 2009
    Messages:
    199
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Athens Greece
    yes you have to install a firewall and apply these things
    check server for spam
    secure/tmp
    check the box for viruses is a good beginning
    this forum has some suggestions for securing a cpanel server
     
  5. hozyali

    hozyali Well-Known Member

    Joined:
    Jan 24, 2007
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    thanks. I am newbie, can you provide more hints on how to enable these things?


     
Loading...

Share This Page