Results 1 to 19 of 19
  1. #1
    Join Date
    May 2011
    Location
    Beach
    Posts
    114

    Unhappy Steps to harden Cpanel server

    Anyone can assist me with Steps to harden Cpanel server?

  2. #2
    Join Date
    Feb 2004
    Location
    UK
    Posts
    1,431
    Hi

    Simple answer is get a company in to do it.

    Complex answer is google it.. there is no one hard and fast way to harden a server.

    I use CSF as a primer to remember what needs doing when i install a cpanel server.

    Thanks

  3. #3
    Join Date
    May 2011
    Location
    Beach
    Posts
    114
    Quote Originally Posted by abtme View Post
    Hi

    Simple answer is get a company in to do it.

    Complex answer is google it.. there is no one hard and fast way to harden a server.

    I use CSF as a primer to remember what needs doing when i install a cpanel server.

    Thanks
    Thanks But i wont trust server management companies!

    I have installed csf and rkhunter, secured /tmp . Is there anything else to do?

  4. #4
    Short answer to your question is there anything else to do? I will say yes!.
    For a small guide you can use this site
    http://www.securecentos.com/

    Why you don't trust server management companies?

  5. #5
    Join Date
    Feb 2004
    Location
    UK
    Posts
    1,431
    Did you go through the CSF install where it give you hints on what to change ? this is what i referred to in my original reply.

  6. #6
    Join Date
    May 2011
    Location
    Beach
    Posts
    114
    yes , I did all that. Installed apf as well..

    But now damn

    root@webcraft [~]# chkconfig
    bash: chkconfig: command not found
    root@webcraft [~]# yum install chkconfig
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    * base: centos-distro.cavecreek.net
    * extras: mirrors.usc.edu
    * updates: mirror.hmc.edu
    Excluding Packages in global exclude list
    Finished
    Setting up Install Process
    Package chkconfig-1.3.30.2-2.el5.x86_64 already installed and latest version
    Nothing to do

    how can i get chkconfig working

  7. #7
    Join Date
    May 2011
    Location
    Beach
    Posts
    114
    Under WHM> Security settings> Configure firewall

    Check security of server I get this LOL

    I get this score for my WHM cpanel Your Score: 106/134*

    Can I say I am secure

  8. #8
    Join Date
    Dec 2005
    Posts
    3,110
    You installed APF?

    APF does the same job as CSF its a frontend for iptables, you should use one or the other not both.

  9. #9
    Join Date
    May 2011
    Location
    Beach
    Posts
    114
    Quote Originally Posted by PCS-Chris View Post
    You installed APF?

    APF does the same job as CSF its a frontend for iptables, you should use one or the other not both.
    I have installed both. Probably I will uninstall apf.

    Well can u guide me how u can get a hardened cpanel server as a template to use in VM(any VM u have come across) .also how to make a dedicated mysql VM for cpanel nodes.

    Can u guide me on mysql hardening for a normal webhost?
    Last edited by WEBCRAFT-TUCKY; 05-05-2011 at 01:33 PM.

  10. #10
    Join Date
    May 2011
    Location
    Bristol, UK
    Posts
    487
    http://www.webhostgear.com/cid_6.html

    Use some of the guides in that

  11. #11
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,737
    Quote Originally Posted by WEBCRAFT-TUCKY View Post
    Thanks But i wont trust server management companies!

    I have installed csf and rkhunter, secured /tmp . Is there anything else to do?
    LOL, just lol, sorry. You are a newbie and you don't trust server manegement companies? How can you trust yourself when you're a newbie? There are some very good server management companies out there, and you could save yourself hundreds of hours (at least) stumbling around in the dark. Your option.

    We've used server management companies for years, for specialist tasks, even though I train adults in Unix admin (and have for years). if you're looking to get your server hardened, try www.configserver.com - can't go past them, they're fantastic (authors of CSF).

  12. #12
    I would recommend CSF - or one of their paid alternatives.

    ALSO, please for the love of GOD do not base your server security simply off of a "score". There is ALWAYS an exploit somewhere, you just have to make sure you cover all of your bases and take regular backups of your clients data. It's a ethical responsibility of hosts.

  13. #13
    Join Date
    May 2011
    Location
    Beach
    Posts
    114
    Quote Originally Posted by brianoz View Post
    LOL, just lol, sorry. You are a newbie and you don't trust server manegement companies? How can you trust yourself when you're a newbie? There are some very good server management companies out there, and you could save yourself hundreds of hours (at least) stumbling around in the dark. Your option.

    We've used server management companies for years, for specialist tasks, even though I train adults in Unix admin (and have for years). if you're looking to get your server hardened, try www.configserver.com - can't go past them, they're fantastic (authors of CSF).
    I have imortant data in my server I am scared some company may get them. That is why I am afraid to use people....

    Damnnnnn....

  14. #14
    Join Date
    May 2011
    Location
    Beach
    Posts
    114
    I have hired a server admin I would say I guy from Russia I believe Ukraine not sure. But he used my resources to send DDOS against people. I am scared since them

  15. #15
    Join Date
    Feb 2004
    Location
    UK
    Posts
    1,431
    Hi

    Sorry to hear about your bad experiance, however did you find the guy on this forum ? and did you research them before handing over the server to him ?

    I always look people up before giving them access.

    Thanks

  16. #16
    Join Date
    May 2011
    Location
    Beach
    Posts
    114
    Yeah he is from this forum.

    I didnt waste time following him. But it was a warning for me..

  17. #17
    apf and csf are same
    what that fire wall showss cant be a standard
    Dubai Movers Packers and Movers Services

    uae hosting uae hosting

  18. #18
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    I would take alook at this thread > http://www.webhostingtalk.com/showthread.php?t=468168
    UK Based Proactive Server Management.
    Zabbix Enterprise 24/7 Monitoring.

  19. #19
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,737
    Quote Originally Posted by WEBCRAFT-TUCKY View Post
    I have hired a server admin I would say I guy from Russia I believe Ukraine not sure. But he used my resources to send DDOS against people. I am scared since them
    That's exactly why you don't:
    • hire people from Russia
    • hire people without checking out their website
    • hire people without doing a basic google search


    Do the above on configserver.com and you'll see they've been trusted for years; we've been using them for 6+ years now. Other good companies are Steven from rack911 and platinumservers; and there are quite a few others. Always, always do the research, don't just hand out your root password to random people!!!

Similar Threads

  1. How do I harden up my dedicated server?
    By tomdorrian in forum Dedicated Server
    Replies: 9
    Last Post: 05-21-2010, 10:47 AM
  2. Server Harden Tools?
    By regmac01 in forum Hosting Security and Technology
    Replies: 1
    Last Post: 09-30-2007, 12:38 PM
  3. How to secure harden the server?
    By scorpiox in forum Hosting Security and Technology
    Replies: 5
    Last Post: 03-28-2007, 09:42 PM
  4. what place do you use to get your server harden?
    By deanmr in forum Hosting Security and Technology
    Replies: 6
    Last Post: 03-28-2006, 01:05 AM
  5. Harden server before or after s/w install?
    By u2fan in forum Dedicated Server
    Replies: 2
    Last Post: 11-14-2004, 12:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •