ChrisEatsAlot
10-01-2006, 07:45 AM
Would closing CPanel ports (2082,2083,2086,2087) through APF help with security? :)
 | View Full Version : Close CPanel Ports for Security? P-nut 10-01-2006, 08:02 AM Sure :D But it might make getting into cPanel/WHM difficult ;) quicklyweb 10-01-2006, 08:46 AM hahahaha This question made my day ChrisEatsAlot 10-01-2006, 02:53 PM Is there a better way to prevent hackers from entering Cpanel/WHM? linux-tech 10-01-2006, 03:01 PM Is there a better way to prevent hackers from entering Cpanel/WHM? A> Don't use APF, use CSF, which will ban individuals who have made XX number of invalid logins from accessing your server period. While APF/BFD does this (somewhat), it's not as well put together as CSF is in this regardes B> Use hosts.allow and hosts.deny. Lock off EVERYTHING from accessing 2086/2087 in hosts.deny then ALLOW your ip address in hosts.allow . You'll have to look up the manual for doing this yourself, as it can be tricky, and I am not 100% sure that cp still supports this protocol. Those are two of the best ways to prevent individuals from trying to 'break in" to WHM/CP ChrisEatsAlot 10-01-2006, 03:12 PM Lock off EVERYTHING from accessing 2086/2087 in hosts.deny then ALLOW your ip address in hosts.allow . As you can tell I'm kinda new at this, but... Hypothetically, couldn't they learn my IP, spoof it, and hack away...? :confused: I'll try your first option... Thanks... :agree: quicklyweb 10-01-2006, 05:24 PM Well what if you have a dynamic IP. Also there is always packet sniffing which you cannot stop. DaveDark 10-04-2006, 04:44 PM Is there a better way to prevent hackers from entering Cpanel/WHM? The only way that I've seen malicious access gained is through weak passwords. Make sure that your clients passwords are strong. To make sure your password are beefy, I recommend: Editing /etc/login.defs to configure many password options on your system. It is well documented. You can set minimum length, etc. If you are not sure of how secure a password is, you can test it using JTR crack. If a password can be broken in a few hours, it is probably too insecure and should not be used. You can also install tools like pam_passwdqc to check the strength of passwords. michaelfoo 10-06-2006, 04:02 AM Would closing CPanel ports (2082,2083,2086,2087) through APF help with security? :) I won't do that for sure :blush: Anyways, if you are concern about the security of your server, why don't you check out some tutorials at: http://www.webhostgear.com/cid_6.html Alternatively, there are sysadmins like rack911.com, sprintserve.net, seeksadmin.com, serversupportguys.com... etc whom you can pay a small fee for them to secure your server for you :) Good luck! iHubNet 10-06-2006, 02:42 PM lol.. for hosting service..NO.. for personal uses, maybe, but will and never happen to me.. |