Suggestions for new server optimizations?

[Larkolag]

Hello friends,
I create a new cPanel server, I want this server to be at the top level of performance and security because I will host an eCommerce site with whmcs for this server.
Could you give me advice on what to do in this matter I want suggestions for maximum security and maximum performance.
Thank you from now

 

[HostingH]

Suggestions,

1. Hardware: Go with higher CPU/Ram along with hardware RAID-10 or RAID-1
2. Server Optimization: Apache/PHP/Mysql
3. Security: Install couldlinux/kernelkare/cxs/csf/2FA/Basic server security etc
4. Keep updated OS/eCommerce
5. Security auditing.
6. Use CDN
7. Use CloudFlare

 

[Larkolag]

Suggestions,

1. Hardware: Go with higher CPU/Ram along with hardware RAID-10 or RAID-1
2. Server Optimization: Apache/PHP/Mysql
3. Security: Install couldlinux/kernelkare/cxs/csf/2FA/Basic server security etc
4. Keep updated OS/eCommerce
5. Security auditing.
6. Use CDN
7. Use CloudFlare

thank you so much @HostingH

I am thinking of using software such as cloudlinux, imunify360, maldet, etc .. It is a problem to use the trial version of cloudlinux already, because when I do setup and settings, I will not have any more work with the server anymore.

 

[RadWebHosting]

You may be referring to KernelCare or K-Splice, which are capable of maintaining rebootless server updates. This will be a nice convenience.

I would recommend using SSD storage on your primary drive, on which the operating system resides. For best performance, consider configuring the database on a separate server, not accessible over public internet.

 

[cPWilliamL]

The recommendations so far have been good. I definitely second the use of CloudLinux and KernelCare for security. And as the previous commenter mentioned, use of an SSD can go a long way. Having an SSD at the very least for your MySQL partition will essentially ensure no I/O bottlenecks for queries.

 

[Larkolag]

For best performance, consider configuring the database on a separate server, not accessible over public internet.

Thank you, I think this is still waiting for the plan.
I already use SSD disk, I chose to use it as VDS, I did not raid.

I am thinking of using maldet for instant malware scanning, what are your ideas about this?

 

[cPWilliamL]

Most scanners are bad for PHP due to obfuscation. The core code in the majority of the malware scripts are similar if not the same, but they are obfuscated(and customized) in an almost unlimited ways. Any scanner that works on hash sums or strings is typically not very effective. I'm not saying maldet/clamav isn't helpful, its effectiveness is just limited due to complex PHP obfuscation and the hacker adding a "cool" font/color to the same old shell. Searching using specific regex strings, unusual entropy levels, using an IDS, or version control system will be your best bet.

 

[Larkolag]

Helle @cPWilliamL ,
can I see the effect of using a trial version of cagefs software, cloudlinux, imunify360?
I want to make a one-time optimization.

 

[cPWilliamL]

I don't know if imunify360 offers a trial, but I know CloudLinux does:
CloudLinux OS Trial

You may also check the cPanel store or our Custom Service about trials. If you purchase the CloudLinux License through cPanel, we will support CloudLinux as well, and any issues discovered about CloudLinux software will be escalated directly to CloudLinux through our ticket system so their developers can address it.

 

[Larkolag]

@cPWilliamL If I take the Cloudlinux license with you, will you give me a discount