Server Security

Audiopro

Audiopro

Active Member
Feb 15, 2014
37
0
6
cPanel Access Level
Root Administrator
I was quite surprised to see that my VPS was delivered with some security issues unresolved, is it normal for them to be delivered this way?
I have closed a lot of the obvious holes but security advisor reports that there are still some outstanding issues.
Which of the following security alerts should be dealt with urgently and which, if any can I ignore or is it a case of, if they appear in the list they must be dealt with as soon as?

Apache vhosts are not segmented or chroot()ed.

ClamAV is not installed.

Frontpage is installed

Current kernel version is out of date. current: 2.6.32-358.14.1.el6, expected: 2.6.32-431.11.2.el6

SSH password authentication is enabled.

SSH direct root logins are permitted.

Outbound SMTP connections are unrestricted.
 
P

pauloray

Well-Known Member
Jan 16, 2012
76
0
56
Philippines
cPanel Access Level
Root Administrator
Is this a new Unmanaged VPS?

Usually, VPS providers will just install the OS and Control Panel and you take care of the rest.

You can also use CSF with your Cpanel, it's a good firewall.
 
Audiopro

Audiopro

Active Member
Feb 15, 2014
37
0
6
cPanel Access Level
Root Administrator
Thanks for the reply, yes it is unmanaged.
CSF is not installed, is that something I can install myself or does the ISP have to do that for me?
 
Audiopro

Audiopro

Active Member
Feb 15, 2014
37
0
6
cPanel Access Level
Root Administrator
Thanks - I will look into that tomorrow when the beer has worn off.
I am sure I will get my head round all this eventually and the journey is made easier with the help from you guys.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
Hello :)

To answer your question, it's not out of the ordinary for a VPS provider to setup your server from a template. This may result in an older kernel version, and require you to make some changes to the server in order to increase the security. Let us know if you have any questions about the specific recommendations listed on the Security Advisor.

Thank you.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
Yes, personally I would follow the recommendations and implement the changes. However, you may need to review the suggested changes and see if it works for your particular environment, or consider alternatives if necessary.

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
I ModSecurity Tools showing server ip as source ip Security 6
N ModSecurity update causing 403 Forbidden for PUT requests to server, requires editing tx.allowed_methods Security 10
M ModSecurity false-positive with ConfigServer cXs ModSecurity rule Security 3
J SOLVED Is it possible that ConfigServer Security & Firewall blocks communication of WHMCS with registrar? Security 3
P How to Improve Server Speed and Security. Security 2
Similar threads
ModSecurity Tools showing server ip as source ip
ModSecurity update causing 403 Forbidden for PUT requests to server, requires editing tx.allowed_methods
ModSecurity false-positive with ConfigServer cXs ModSecurity rule
SOLVED Is it possible that ConfigServer Security & Firewall blocks communication of WHMCS with registrar?
How to Improve Server Speed and Security.
Top Bottom