sitesol

Registered
Jul 11, 2012
2
0
1
cPanel Access Level
Reseller Owner
Hi,

I make websites and I am reseller of a dutch hosting company that works with C-panel.
So I work often with C-panel. I also have the control about the WHM.

A lot of my sites work with Joomla.

In 2011 I had often hacking of my sites.
Often the index.php was infected first with some spamlinks.

Now at about a month ago my hosting took extra measurements by whitelisting IP's who want to have access to C-panel/FTP. All other IP's don't come in.

I think that was a good decision.
I have much less hacking now.
But the Joomla-installation is now the weak point.
It still can be hacked (even when I upgrade always to the latest version). Check Google, you tube, and you 'll see it inmediately.
That's why I wonder/ask how I can secure in C-panel my Joomla-installation extra?
Because that is now clearly my weak point now.
I upgrade always to latest version of Joomla, so that's no good suggestion.

Gr Davy
S. Solutions
 

Infopro

Well-Known Member
May 20, 2003
17,090
519
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
It still can be hacked (even when I upgrade always to the latest version). Check Google, you tube, and you 'll see it inmediately.
A lot of times it's out of date addons, lousy passwords, out of date installs that's the problem, and/or lack of proper server security.

What sort of server security do you have in place right now?
 

borgia

Member
Jun 27, 2012
12
0
1
cPanel Access Level
Root Administrator
Hi,
Now at about a month ago my hosting took extra measurements by whitelisting IP's who want to have access to C-panel/FTP. All other IP's don't come in.
What the company will do with legitimate users with dynamic IP's ? Any way the hack will come in, without accessing account on cPanel, the best way is to use Mod_Security and control any upload (by a webform etc). With a good Mod_Security configuration you can avoid hacking on Joomla. The best way is to stop using Joomla :). Just joking.

But mod_security is a server level so it depends on your hosting provider.

Regards,
George B.
 

srpurdy

Well-Known Member
Jun 1, 2011
101
0
66
cPanel Access Level
Root Administrator
As mentioned installing mod_security and atomtic rules is a first good step.

CSF Firewall is useful as well.

Other things you can do is run php as suPHP, and disable custom php.ini files. Then also disable any functions that are considered bad functions that hackers will take advantage of if they are available. For example if joomla is hacked and they gain access to the joomla installation admin area. They could install plugins that do stuff that shouldn't be allowed. If you limit the functions that users can use you can prevent that type of attack, and mod_security will help with known exploits and know mysql injection or XSS/CSRF attacks.

Personally my suggestion is to use suHosin for this and php 5.3+ with it's path feature so you can control which functions are enabled/disable on a domain by domain basis.

Although if they did gain access they could still de-face the website, but by limiting what a domain can do you can prevent further damage.
 
Last edited: