Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Server Security

Discussion in 'Security' started by Audiopro, Apr 12, 2014.

  1. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I was quite surprised to see that my VPS was delivered with some security issues unresolved, is it normal for them to be delivered this way?
    I have closed a lot of the obvious holes but security advisor reports that there are still some outstanding issues.
    Which of the following security alerts should be dealt with urgently and which, if any can I ignore or is it a case of, if they appear in the list they must be dealt with as soon as?

    Apache vhosts are not segmented or chroot()ed.

    ClamAV is not installed.

    Frontpage is installed

    Current kernel version is out of date. current: 2.6.32-358.14.1.el6, expected: 2.6.32-431.11.2.el6

    SSH password authentication is enabled.

    SSH direct root logins are permitted.

    Outbound SMTP connections are unrestricted.
     
    #1 Audiopro, Apr 12, 2014
  2. pauloray

    pauloray Well-Known Member

    Joined:
    Jan 16, 2012
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    Philippines
    cPanel Access Level:
    Root Administrator
    Is this a new Unmanaged VPS?

    Usually, VPS providers will just install the OS and Control Panel and you take care of the rest.

    You can also use CSF with your Cpanel, it's a good firewall.
     
    #2 pauloray, Apr 12, 2014
  3. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Thanks for the reply, yes it is unmanaged.
    CSF is not installed, is that something I can install myself or does the ISP have to do that for me?
     
    #3 Audiopro, Apr 12, 2014
  4. PenguinInternet

    PenguinInternet Well-Known Member
    PartnerNOC

    Joined:
    Jun 20, 2007
    Messages:
    175
    Likes Received:
    11
    Trophy Points:
    68
    Location:
    Cardiff, UK
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 PenguinInternet, Apr 12, 2014
  5. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Thanks - I will look into that tomorrow when the beer has worn off.
    I am sure I will get my head round all this eventually and the journey is made easier with the help from you guys.
     
    #5 Audiopro, Apr 12, 2014
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,793
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    To answer your question, it's not out of the ordinary for a VPS provider to setup your server from a template. This may result in an older kernel version, and require you to make some changes to the server in order to increase the security. Let us know if you have any questions about the specific recommendations listed on the Security Advisor.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 cPanelMichael, Apr 14, 2014
  7. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Do you recommend I carry out all the changes highlighted by security advisor or are some of them not required?
     
    #7 Audiopro, Apr 14, 2014
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,793
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Yes, personally I would follow the recommendations and implement the changes. However, you may need to review the suggested changes and see if it works for your particular environment, or consider alternatives if necessary.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #8 cPanelMichael, Apr 14, 2014
(You must log in or sign up to post here.)
Loading...
Similar Threads - Server Security
  1. Lillike

    Security Advisor: close port 3306 in the server’s firewall

    Lillike, Jun 20, 2018 at 8:51 AM, in forum: Security
    Replies:
    1
    Views:
    40
    cPanelLauren
    Jun 20, 2018 at 11:59 AM
  2. Liam McArthur

    SOLVED 404 when I click ConfigServer Security & Firewall

    Liam McArthur, May 18, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    54
    Infopro
    May 18, 2018
  3. cPanelResources

    Tutorial Interested in increasing the security of your server? Read this. (sshd hardening)

    cPanelResources, May 10, 2018, in forum: Security
    Replies:
    0
    Views:
    38
    cPanelResources
    May 10, 2018
  4. vlee

    Security Advisor on CentOS7 servers with KernelCare have an incorrect reboot message.

    vlee, May 9, 2018, in forum: Security
    Replies:
    2
    Views:
    255
    vlee
    May 9, 2018
  5. sunilsaini

    Question about server security

    sunilsaini, Oct 9, 2017, in forum: Security
    Replies:
    2
    Views:
    262
    webhostuk
    Oct 10, 2017

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice