The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Some noob questions about vps setup

Discussion in 'Workarounds and Optimization' started by daveb1, Aug 5, 2008.

  1. daveb1

    daveb1 Registered

    Joined:
    Jul 30, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi All

    I've had reseller hosting accounts for several years so I'm used to WHM and cpanel, but I've just bought a vps and a bit lost on the higher level functions.

    The setup is

    WHM 11.23.2 cPanel 11.23.4-R26138
    CENTOS Enterprise 5.2 i686 on virtuozzo - WHM X v3.1.0

    I'm in the process of securing the box, but stuck on some simple issues that I haven't found an answer even with several hours of googling.

    1. Given that the box is working, I have accounts and websites up and running, I've found the box doesn't have suphp set up. Can this be added retrospectively, and if so, how?

    2. I keep reading about easyapache3. It appears to be setup on my box, but can I run it, what settings should I use for a box that will predominantly run accounts with Joomla! installations?

    3. If I run easyapache, will it overwrite/destroy any accounts I've already got, or things like the csf/lfd firewall I've painstakingly set up over the last few days?

    4. If anyone has any good resources they could post for installation/setup information for noobs, I'd be grateful. For anyone interested, I've found the following links that could be useful...

    "HOW TO: Secure and Optimize your VPS" at Web Hosting Talk
    "How-to: Migrate Accounts From One Server To Another" at The Planet Forums
    "Common SSH Commands" at Web Host Gear

    Thanks

    Dave
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator

    Yes, you can set up SuPHP after the fact, using EasyApache. To run EasyApache, simply go to your WHM interface and in the Software section click on Apache Update. If prompted to update, it is important that you do so then come back to this screen.

    Begin by ensuring "Previously Saved Config" is selected and then clicking on "Start customizing based on profile." All settings displayed will be your current configuration. There's no need to change these unless you desire to change these settings.

    Once you reach step 5, you can check the box for SuPHP and then click "Save and Build" to begin the process of enabling SuPHP support.

    EasyApache will not adversely affect any websites and does not modify any firewalls. However, if you have made custom modifications to httpd.conf, that could be an issue. If you have not done this, you will be okay. Otherwise, these modifications may be lost. Refer to our documentation for EasyApache 3 for information on properly modifying httpd.conf in a cPanel/WHM environment. This documentation is available at:

    http://www.cpanel.net/support/docs/ea/ea3/
     
  3. daveb1

    daveb1 Registered

    Joined:
    Jul 30, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for the info. I followed the instructions, and it built successfully. I didn't realise how long it would take' my monitoring service only showed around 5 minutes of downtime, but the actual build took around 15 mins. I assume that this is normal?

    Also, looking through the other options, I noticed suhosin. I've already looked at this but couldn't decide if I should load it. Are you aware of any restrictions or oddities I should know about when installing on my system setup?

    Thanks

    Dave
     
  4. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Generally Suhosin should only be installed by those who are familiar with Suhosin's nuances.

    The actual build can take 15-30 minutes, if not longer. As for downtime, it should be seconds rather than minutes. Though, depending on what you use for checking downtime, the frequency of the uptime checks may not be fine enough to indicate a few seconds of downtime vs. a few minutes of downtime.
     
  5. daveb1

    daveb1 Registered

    Joined:
    Jul 30, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Thanks David for your informative answers once again.

    So I have Apache 2.0, but it appears 2.2 is a relatively minor upgrade so I'm going to upgradeto this.

    I have PHP 5.26.

    I have mod_suPHP and Zend, nothing else. I'll leave suhosin until I read more about it. I'm also installing Ioncube, eAccelerator and mod_sec.

    Apart from all of that, is there anything else that should be added for general security? I'm seeing loads (thousands) of password attacks on root and other ports including whm and cpanel. I'm assuming this is normal, even for a new server? Is there anything I should be doing to combat these apart from hard passwords?

    Finally, I notice in your sig you say "Want our technical analysts to take a look at something for you? Then please submit a support ticket..." Can I ask as a noob, can I submit a ticket so that someone takes a look generally to make sure it's all set up properly and securely, and is there a cost?

    Thanks again

    Dave
     
    #5 daveb1, Aug 5, 2008
    Last edited: Aug 5, 2008
  6. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    If you need assistance with functionality of cPanel/WHM itself, we'll be glad to assist. However, we do not provide any sort of service where we would inspect your server and proclaim it to be secure.

    I'm sure there are companies out there to do that for you, but you may be better off hiring an experienced server administrator to handle those issues for you. There may even be companies where you can outsource that for a nominal fee.
     
Loading...

Share This Page