Results 1 to 19 of 19
Thread: Steps to harden Cpanel server
-
05-04-2011, 05:06 PM #1WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
Steps to harden Cpanel server
Anyone can assist me with Steps to harden Cpanel server?
-
05-04-2011, 05:43 PM #2Temporarily Suspended
- Join Date
- Feb 2004
- Location
- UK
- Posts
- 1,431
Hi
Simple answer is get a company in to do it.
Complex answer is google it.. there is no one hard and fast way to harden a server.
I use CSF as a primer to remember what needs doing when i install a cpanel server.
Thanks
-
05-04-2011, 05:47 PM #3WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
-
05-04-2011, 05:52 PM #4WHT Addict
- Join Date
- Mar 2006
- Posts
- 140
Short answer to your question is there anything else to do? I will say yes!.
For a small guide you can use this site
http://www.securecentos.com/
Why you don't trust server management companies?
-
05-04-2011, 05:52 PM #5Temporarily Suspended
- Join Date
- Feb 2004
- Location
- UK
- Posts
- 1,431
Did you go through the CSF install where it give you hints on what to change ? this is what i referred to in my original reply.
-
05-04-2011, 06:17 PM #6WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
yes , I did all that. Installed apf as well..
But now damn
root@webcraft [~]# chkconfig
bash: chkconfig: command not found
root@webcraft [~]# yum install chkconfig
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: centos-distro.cavecreek.net
* extras: mirrors.usc.edu
* updates: mirror.hmc.edu
Excluding Packages in global exclude list
Finished
Setting up Install Process
Package chkconfig-1.3.30.2-2.el5.x86_64 already installed and latest version
Nothing to do
how can i get chkconfig working
-
05-04-2011, 06:25 PM #7WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
Under WHM> Security settings> Configure firewall
Check security of server I get this LOL
I get this score for my WHM cpanel Your Score: 106/134*
Can I say I am secure
-
05-05-2011, 01:16 PM #8Web Hosting Master
- Join Date
- Dec 2005
- Posts
- 3,110
You installed APF?
APF does the same job as CSF its a frontend for iptables, you should use one or the other not both.
-
05-05-2011, 01:25 PM #9WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
I have installed both. Probably I will uninstall apf.
Well can u guide me how u can get a hardened cpanel server as a template to use in VM(any VM u have come across) .also how to make a dedicated mysql VM for cpanel nodes.
Can u guide me on mysql hardening for a normal webhost?Last edited by WEBCRAFT-TUCKY; 05-05-2011 at 01:33 PM.
-
05-05-2011, 01:53 PM #10Web Hosting Evangelist
- Join Date
- May 2011
- Location
- Bristol, UK
- Posts
- 487
http://www.webhostgear.com/cid_6.html
Use some of the guides in that
-
05-07-2011, 06:38 AM #11Web Hosting Master
- Join Date
- Nov 2004
- Location
- Australia
- Posts
- 1,737
LOL, just lol, sorry. You are a newbie and you don't trust server manegement companies? How can you trust yourself when you're a newbie? There are some very good server management companies out there, and you could save yourself hundreds of hours (at least) stumbling around in the dark. Your option.
We've used server management companies for years, for specialist tasks, even though I train adults in Unix admin (and have for years). if you're looking to get your server hardened, try www.configserver.com - can't go past them, they're fantastic (authors of CSF).
-
05-07-2011, 07:19 AM #12Newbie
- Join Date
- May 2011
- Posts
- 11
I would recommend CSF - or one of their paid alternatives.
ALSO, please for the love of GOD do not base your server security simply off of a "score". There is ALWAYS an exploit somewhere, you just have to make sure you cover all of your bases and take regular backups of your clients data. It's a ethical responsibility of hosts.
-
05-07-2011, 08:12 AM #13WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
-
05-07-2011, 08:16 AM #14WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
I have hired a server admin I would say I guy from Russia I believe Ukraine not sure. But he used my resources to send DDOS against people. I am scared since them
-
05-07-2011, 08:22 AM #15Temporarily Suspended
- Join Date
- Feb 2004
- Location
- UK
- Posts
- 1,431
Hi
Sorry to hear about your bad experiance, however did you find the guy on this forum ? and did you research them before handing over the server to him ?
I always look people up before giving them access.
Thanks
-
05-07-2011, 08:27 AM #16WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
Yeah he is from this forum.
I didnt waste time following him. But it was a warning for me..
-
05-07-2011, 09:57 AM #17Newbie
- Join Date
- Apr 2011
- Posts
- 18
apf and csf are same
what that fire wall showss cant be a standard
-
05-07-2011, 10:01 AM #18Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
I would take alook at this thread > http://www.webhostingtalk.com/showthread.php?t=468168
UK Based Proactive Server Management.
Zabbix Enterprise 24/7 Monitoring.
-
05-07-2011, 10:39 AM #19Web Hosting Master
- Join Date
- Nov 2004
- Location
- Australia
- Posts
- 1,737
That's exactly why you don't:
- hire people from Russia
- hire people without checking out their website
- hire people without doing a basic google search
Do the above on configserver.com and you'll see they've been trusted for years; we've been using them for 6+ years now. Other good companies are Steven from rack911 and platinumservers; and there are quite a few others. Always, always do the research, don't just hand out your root password to random people!!!
Similar Threads
-
How do I harden up my dedicated server?
By tomdorrian in forum Dedicated ServerReplies: 9Last Post: 05-21-2010, 10:47 AM -
Server Harden Tools?
By regmac01 in forum Hosting Security and TechnologyReplies: 1Last Post: 09-30-2007, 12:38 PM -
How to secure harden the server?
By scorpiox in forum Hosting Security and TechnologyReplies: 5Last Post: 03-28-2007, 09:42 PM -
what place do you use to get your server harden?
By deanmr in forum Hosting Security and TechnologyReplies: 6Last Post: 03-28-2006, 01:05 AM -
Harden server before or after s/w install?
By u2fan in forum Dedicated ServerReplies: 2Last Post: 11-14-2004, 12:59 PM