The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security

Discussion in 'Security' started by Xiode, Mar 23, 2007.

  1. Xiode

    Xiode Well-Known Member

    Joined:
    Oct 14, 2005
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    OK.. I have taken the time to fallow a lot of the security tweaks in the forums.. I have read quite a few articles... Is there anything other than snort that can give me a good sense of security for my web server?

    I have APF, BFD, RootKit, With other security tweaks installed..... What more should I be doing...
     
  2. rone

    rone Well-Known Member

    Joined:
    Jan 14, 2007
    Messages:
    179
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    The Netherlands
    cPanel Access Level:
    Root Administrator
  3. Xiode

    Xiode Well-Known Member

    Joined:
    Oct 14, 2005
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    This is all I need to secure my server?
     
  4. rone

    rone Well-Known Member

    Joined:
    Jan 14, 2007
    Messages:
    179
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    The Netherlands
    cPanel Access Level:
    Root Administrator
    It's not "all" you need, but the best beginning. Read very carefull the manual and when you have done the configuration after installation, then you have a very secure server. Take a look at the other solutions on this website. And when you are not shure that you can do it by yourself then contact the owner of this great stuff, for a small fee this xpert will do the installation and configuration for you.
     
  5. Xiode

    Xiode Well-Known Member

    Joined:
    Oct 14, 2005
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    I know chirpy does a great job at what he does... I just thougth csf was just a fw... didn't know it did all this other stuff..
     
  6. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Bad idea. Don't remove what you did. APF, BFD are real good firewall related applications. Install RKhunter, chkrootkit, Mod Security, Mod Evasive. Update your server's applications and services to the latest release, and you should be good to go.
     
    #6 AndyReed, Mar 23, 2007
    Last edited: Mar 23, 2007
  7. Xiode

    Xiode Well-Known Member

    Joined:
    Oct 14, 2005
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    OK for mod security should I use the one from cPanel or install the standalone?

    and mod evasive? what is that.
     
  8. Xiode

    Xiode Well-Known Member

    Joined:
    Oct 14, 2005
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    Got Mod evasive installed... How would I interface it with my firewall...

     
  9. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    You can install the default version embedded with the cPanel/WHM. If you wish to add more rules, you can search these forums or go to: http://www.gotroot.com/
     
  10. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    There's nothing wrong at all with removing APF+BFD and using csf+lfd. A simply feature comparison shows csf by far exceeds the feature set of APF+BFD which has some severe limitations and known bugs and doesn't appear to have been supported for a couple of years now. csf+lfd offers far more security checks and alerts giving you more information on what's happening on your server.
     
    #10 chirpy, Mar 24, 2007
    Last edited: Mar 24, 2007
  11. JamesCTotalWeb

    JamesCTotalWeb Well-Known Member

    Joined:
    Mar 20, 2005
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I would have to agree with Chirpy csf+lfd does surpass APF+BFD when it comes to features and security. Once configured (which is simple with the WHM integration) the hack attempts that are found and stopped are far grater then APF+BFD could ever do.

    I once was a big fan of APF+BFD but for a cPanel server I would highly recommend CSF+LFD.
     
  12. ujr

    ujr Well-Known Member

    Joined:
    Mar 19, 2004
    Messages:
    290
    Likes Received:
    0
    Trophy Points:
    16
    Out of fairness, each, discussed here has their pros and cons. You can secure a server quite nicely with BFD, APF plus the other mentioned applications. Nevertheless, I'd have to say that for users new to WHM/cpanel and server management, Chirpy's solution is extremely effective, elegant and user-friendly.

    I suppose it all depends on your knowledge level and needs.... And again, out of fairness, chirpy's solution is slightly more resource intensive, (in general).

    On the subject of mod sec, I would go with a custom install and not cpanel's, for two reasons:
    1. easier maintenance and adaption of new rules (from got root for instance)
    2. runs slightly less cpu and memory intensive
     
Loading...

Share This Page