BuycPanel Blog

BuycPanel Blog

Latest news and updates

How to Secure your cPanel Server

Posted by Allura on 24 07 2018.

Restricting System Compilers

C++ or C compilers aren’t required by most users. It is highly recommended that compilers be disable for users that do not belong to the compilers group within the /etc/group file. Functional compilers are necessary most pre-packaged exploits.

  • You can deactivate compilers through the Compiler Access interface in WHM.
  • You can also use the following command in the command line:

/scripts/compilers off

Disabling redundant daemons and services

There is a risk of attracting hackers through a daemon or service that enables connections to your server. To improve security, deactivate any daemon or service that you do not require. Use the Service Manager interface found in WHM > Home > Service Configuration to do this.

 

Monitoring your system

Keep track of any account that a user has created. You must be privy to all the information related to your server such as when updates are required and what softwares are used. Execute the following commands often to make sure that your system is running as expected:

  • netstat -anp  – This will look for programs on ports that have not been authorised or installed by you.
  • find / \( -type f -o -type d \) -perm /o+w 2>/dev/null | egrep -v ‘/(proc|sys)’ > world_writable.txt – Using this option you can find out the location for an attacker to store files on your system.
  • find / -nouser -o -nogroup >> no_owner.txt – Looks for a file without a group or user associated with them in the no_owner file.
  • ls /var/log/ – This is will let you access your logs for security problems. Go through mail logs, system logs and Apache logs to know if your system is properly running.

You can use third-party applications like Logwatch or chkrookit to monitor and scan your system.

 

Controlling IP Address access to services

You can allow only specific IP addresses to access services on the server using WHM’s Host Access Control interface (WHM Home > Security Center > Host Access Control). These services include

  • POP3 (pop3)
  • Webmail (webmaild)
  • Web Disk (cpdavd)
  • FTP (ftpd)
  • cPanel (cpaneld)
  • SSH (sshd)
  • IMAP (imap)
  • SMTP (smtp)
  • WHM (whostmgrd)

Using a Firewall

Activate a firewall to prohibit malicious elements from accessing your system. Do this before you uninstall or disable redundant daemons and services.

Staying updated

It is highly recommended that you use only the latest and stable versions of the software. These will contain all the new patches and security fixes.

Conclusion

Always ensure that your system is safe by constant monitoring and scanning the services that it is running. Uses the latest firmware to keep up with the international security standards.