admin
Site Admin
Joined: 23 Jan 2003
Posts: 256
Location: India
|
 Posted: Tue Oct 18, 2005 5:43 pm Post subject: A Beginner's Guide to Securing Your Server |
 |
|
These are items inside of WHM/Cpanel that should be changed to secure your server.
Goto Server Setup =>> Tweak Settings
Check the following items...
Under Domains
Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)
Under Mail
Attempt to prevent pop3 connection floods
Default catch-all/default address behavior for new accounts - blackhole
Under System
Use jailshell as the default shell for all new accounts and modified accounts
Goto Server Setup =>> Tweak Security
Enable php open_basedir Protection
Enable mod_userdir Protection
Disabled Compilers for unprivileged users.
Goto Server Setup =>> Manage Wheel Group Users
Remove all users except for root and your main account from the wheel group.
Goto Server Setup =>> Shell Fork Bomb Protection
Enable Shell Fork Bomb/Memory Protection
When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.
Goto Service Configuration =>> FTP Configuration
Disable Anonymous FTP
Goto Account Functions =>> Manage Shell Access
Disable Shell Access for all users (except yourself)
Goto Mysql =>> MySQL Root Password
Change root password for MySQL
Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans:
/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod
_________________
HostOnNet.com - Reseller Hosting
Free Ads Forum, Promote your site
NetFreeHost.com - Free Web Hosting, phpBB Hosting |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
