Results 1 to 11 of 11
-
11-06-2012, 05:05 AM #1Mr. Awesome
- Join Date
- Jul 2002
- Posts
- 6,347
cpanel is all that is needed to fully (securely) manage a VPS?
Hello,
The replies in another discussion thread surprised me, with a number of people implying cpanel is all that is needed to properly and fully secure and manage a VPS or dedicated server.
Do you agree or disagree? Why or why not?
Let's say you get a brand new VPS. You login as root, install Cent0S, and then cpanel. Whenever cpanel releases a new version, you click "upgrade".
Is that it? Is that all you need to fully secure and manage your VPS?We are eNom PLATINUM PLUS resellers!
Sign up today for an eNom.com reseller account with lowest possible pricing.
* We provide support and service to over 4275 happy eNom domain name and SSL certificate resellers!
-
11-06-2012, 05:50 AM #2WHT Addict
- Join Date
- Oct 2012
- Posts
- 113
Sounds like wishful thinking to me....
Tim Gallant Creative | Proof of Intelligent Design
-
11-06-2012, 05:59 AM #3Web Hosting Master
- Join Date
- Dec 2006
- Location
- London
- Posts
- 661
Agreed - that's not really a good way to be thinking about these.
For instance, you can have a root password of 'password' and run cPanel on there. That certainly doesn't make it a secure server.█ GigaTux, Value Linux Hosting
█ UK, US and Germany based Xen VPS. Reliability is key! Quick support response and 99.9% SLA.
-
11-06-2012, 06:05 AM #4Retired Moderator
- Join Date
- Feb 2005
- Location
- Australia
- Posts
- 5,849
Yep, that's all there is to it. Money for jam really. Modern technology has taken all the skill out of things. Like passenger jets these days - the planes fly themselves; all the pilot has to do is choose a destination, point and click.
No, don't be silly. You set it to auto-upgrade from the start. What could possibly go wrong?Chris
"Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter
-
11-06-2012, 10:09 AM #5Disabled
- Join Date
- Aug 2012
- Posts
- 3,105
Simply installing cPanel does not make your server secure. There are many other security measurements are there to secure the server. You can hire a server manager for some time to do all the essential security measures for you as per your needs.
-
11-06-2012, 10:37 AM #6Junior Guru
- Join Date
- Jun 2004
- Location
- Omaha, Nebraska
- Posts
- 211
It sure would be a nice world if upgrading cPanel was the only thing to do when it comes to security of a server. Not only would it make life easier on our system admins, but just think of the cost savings by removing that extra overhead!
There's much more to security on a server than upgrading one software component and installing KSplice for automated Kernels. Probably the biggest thing that we see from VPS owners is that once they're setup, and they hire their security team to configure things, install the shopping cart or wordpress version that they want, then they do nothing else - EVER. We've seen some boxes that are 3 and 4 years old running PHP 4, Wordpress 2.x and so on down the line. Constant vigilance is a huge component to sever security.
-
11-06-2012, 12:40 PM #7Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
This doesn't take care of things like php/apache upgrades.
This doesn't take care of kernel upgrades if you are using a xen with pygrub-pvgrub or kvm vps.
Cpanel does not include a firewall.
Cpanel does not by default enable mod security. Cpanels default modsecurity rules are trash.
A stock installation of cpanel is not very secure at all.
I spend hours per day keeping servers up to date.. if it was really that easy I would get vacations more often.Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
11-06-2012, 06:17 PM #8Web Hosting Master
- Join Date
- Nov 2002
- Location
- Oklahoma
- Posts
- 702
A control panel does not equal security by any stretch of the imagination. There are far too many misinformed individuals running websites, VPS, dedicated servers, etc. that believe this to be the case. Usually getting compromised is a good wake up call for them. Attacks and threats are evolving each day, just as your security should. Security is an ongoing process that never ends.
It is far easier to maintain something properly from the start than it is to try and recover from a compromise or failure down the road. Sure, you might think applying patches is a waste of time but I guarantee you will think otherwise when an unpatched vulnerability results in a compromise.██ Dathorn, Inc. - Premium cPanel/WHM Hosting since 2002! Check Out Our Blog!
██ Experience the Dathorn Difference! - andrew@dathorn.com
██ LiteSpeed | Clustered DNS | CloudLinux | CageFS | KernelCare | Imunify360
██ Pure SSD Storage | Off-Server & Off-site Backups | Softaculous | SpamExperts
-
11-06-2012, 06:33 PM #9WHT Addict
- Join Date
- Oct 2012
- Posts
- 113
Hi, Andrew, good to see you!
Here is someone who knows what he's talking about. I was on his servers for several years, and can't remember having any significant security issues take everything down, because he was vigilant.Tim Gallant Creative | Proof of Intelligent Design
-
11-06-2012, 07:41 PM #10Web Hosting Master
- Join Date
- Nov 2002
- Location
- Oklahoma
- Posts
- 702
Hey Tim! Great to see you around as well. I didn't even realize it was you until I saw the name in the sig.
For those unfamiliar with the process of securing a server I would have to echo some comments above and highly recommend consulting a management company or using a fully managed provider. Even then, though, you have to make sure they are being proactive about security and adapting to new threats.
A good recent example is the Exim vulnerability from last week. Yes, cPanel did push out a patched version pretty quickly. A good provider would have known about the issue and had a fix available (if necessary) even quicker. It is a pretty safe bet to say that most individual cPanel VPS and dedicated server operators never even heard of it and luckily cPanel took care of it for them.██ Dathorn, Inc. - Premium cPanel/WHM Hosting since 2002! Check Out Our Blog!
██ Experience the Dathorn Difference! - andrew@dathorn.com
██ LiteSpeed | Clustered DNS | CloudLinux | CageFS | KernelCare | Imunify360
██ Pure SSD Storage | Off-Server & Off-site Backups | Softaculous | SpamExperts
-
11-07-2012, 05:42 AM #11HostXNow - Shared Web Hosting | Semi Dedicated Hosting | Enterprise Reseller Hosting | VPS Hosting
Similar Threads
-
Ezeelogin- Manage & Administer multiple Linux servers easily, efficiently & securely.
By ZenMonk in forum Software & Scripts OffersReplies: 0Last Post: 11-06-2012, 12:58 AM -
EZEELOGIN- ADMINISTRATE & MANAGE MORE SERVERS EASILY, EFFICIENTLY AND SECURELY.
By ZenMonk in forum Software & Scripts OffersReplies: 2Last Post: 11-16-2011, 12:44 AM -
EZEELOGIN- ADMINISTRATE & MANAGE MORE SERVERS EASILY, EFFICIENTLY AND SECURELY.
By ZenMonk in forum Software & Scripts OffersReplies: 0Last Post: 05-12-2011, 07:37 AM -
EZEELOGIN- ADMINISTRATE & MANAGE MORE SERVERS EASILY, EFFICIENTLY AND SECURELY.
By ZenMonk in forum Software & Scripts OffersReplies: 0Last Post: 04-26-2011, 08:27 AM