The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM Attack

Discussion in 'Security' started by cjrisk, Jun 21, 2012.

  1. cjrisk

    cjrisk Member

    Joined:
    Jan 11, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I recently got attacked on my VPS ( which is a hosted VPS with WHM / cPanel on it)

    I have cphulk active on it and locks them out after 3 attempts but somehow my root password got changed and a customers site had nice "you've been hacked" messages on it.

    What can I do to protect WHM / cPanel?

    Help!
     
  2. Astral God

    Astral God Well-Known Member

    Joined:
    Sep 27, 2010
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    Please check /http://www.whmsecurity.com/linux-security/7-how-whm-cpanel-hardening-security-basics-part-1-a.html lots of tips here for overall security.
     
  3. PlotHost

    PlotHost Well-Known Member

    Joined:
    Apr 29, 2011
    Messages:
    253
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Twitter:
    Use only strong passwords. Also check the logs to see more details.
     
  4. GIANT_CRAB

    GIANT_CRAB Well-Known Member

    Joined:
    Mar 23, 2012
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello Astral,

    That website contains very misleading information such as turning on magic quotes, safe mode, disabling shell access for all (other than root), suhosin etc.
    A new user should never have suhosin installed, in-fact, suhosin doesn't really harden WHM but more of PHP.
    All these are terrible mistakes and I suggest not to follow them.

    There are smarter ways of hardening your WHM.

    Firstly, you need to actually find out HOW the attacker actually hacked into your server.
    After finding out how the attack hacked into your server, it will eventually be better rather than just guessing the leak hole and anyhow- patching everything that is useless.

    Yours truly,
    GIANT_CRAB
     
  5. minhtu1989

    minhtu1989 Registered

    Joined:
    Jun 27, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    you will use strong pass ex:minhtikh@23$
     
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Let's hope that isn't one of your passwords!

    As for password strengthening, you could configure that in WHM > Configure Security Policies > Password Strength and then WHM > Security Center > Password Strength Configuration areas.
     
Loading...

Share This Page