Results 1 to 19 of 19
-
08-22-2011, 11:09 AM #1Junior Guru Wannabe
- Join Date
- Apr 2010
- Posts
- 36
how secure the vps with kloxo control panel
hello
am a biginer with kloxo control panel
can you please tell me what i must do all to config the webmail and the database and all what i must do in first time install it?
and tell me please what i must do in ssh to secure it.
-
08-25-2011, 06:20 AM #2Web Hosting Master
- Join Date
- Oct 2010
- Posts
- 620
Well before you secuire your VPS with kloxo control panel , I will suggest you not to use that control panel itself and switch your control panel to either Cpanel or Plesk.
|| 24x7CloudServerManagement | Server Management & Technical Support ||
|| Hosting Infrastructure & Customer Service Mangement 24x7 | Cpanel Server Management ||
|| https://www.24x7cloudservermanagement.com ||
-
08-25-2011, 06:21 AM #3WHT Addict
- Join Date
- May 2011
- Posts
- 115
su_php more scure than modphp
-
08-25-2011, 06:29 AM #4Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
Sure, Check this out: http://www.myliteraturetechlife.com/?s=kloxo
Its got everything from tweaking MYSQL to Installing iptables, You should find that some help
Why what is wrong with Kloxo?Last edited by Server Management; 08-25-2011 at 06:32 AM.
UK Based Proactive Server Management.
Zabbix Enterprise 24/7 Monitoring.
-
08-25-2011, 06:36 AM #5
-
08-25-2011, 06:44 AM #6Disabled
- Join Date
- Sep 2008
- Posts
- 223
Please find some tips how you can secure your server in general which has kloxo inside. You see kloxo is really buggy control panel and as I have noticed the scripting of kloxo is really a huge mess up.
Anyway these are the general tips for you which it would help you to make more secure server:
1. Disable all ports except httpd (443 for ssl), imap (if you will be using the mail server in it), smtp (if you will be sending the email).
2. Make iptable configuration which would look like this:
*filter
:INPUT ACCEPT [xxx:xxx]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [xxx:xxx]
-A INPUT -s xx.xx.xx.xx -j ACCEPT
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 127.0.0.0/255.0.0.0 -i eth0 -p tcp -m tcp -j ACCEPT
This is just an example for iptables file which IPs you will grant to connect and to which port.
3. You can also use dotdefender which is actually very similar like mod_security, but if you do not have any knowledge how to control mod_security you can use the dotdefender with web interface it is also not free, so if you do not want to spend the money on it, start to read articled how to configure mod_security. It is really huge thing and novice knowledge needed.
4. I would not recommend to touch kloxo code or do any customizations as it is really sensitive thing to have. The connections between scripting are so bad, that if you will touch one end you will see that server is not working from the other end. It has very poor email handling and uses postfix, by default, so be careful in there.
5. Update to the latest kernel, to make sure that some kind of scanners would not get you the kernel hack. I know that it was with earlier kernels a bug which was done by joomla /tmp directory and hacker could rewrite all index pages, etc.
6. In general using open source stuff is a bit risky, because every one knows the code and those the major bugs. If you will follow those steps you should be safe.
That is probably the major things what you need to remember.
@artetatu suphp and modphp are for the resource management, but not for security...
-
08-25-2011, 06:46 AM #7Disabled
- Join Date
- Sep 2008
- Posts
- 223
-
08-25-2011, 07:16 AM #8Disabled
- Join Date
- Jan 2010
- Location
- Lithuania
- Posts
- 1,115
There is nice tutorial: http://forum.ipcoders.com/threads/90...nt?p=94#post94
-
08-25-2011, 11:50 AM #9WHT Addict
- Join Date
- Sep 2005
- Posts
- 170
Kloxo is a great FREE alternative for a control panel, specially if you've got a small vps. It's still being updated, it's ugly but does the job
█ StableHost.com - Home to over 23,000 websites.
█ Contact us: 866.945.6952
█ Offering: 24/7/365 Support, Web Builder and Softaculous.
█ Read over 100+ reviews about us at RateLobby!
-
08-25-2011, 01:12 PM #10Web Hosting Master
- Join Date
- Jun 2003
- Location
- California
- Posts
- 2,786
For a beginner, configuring IP tables manually has a large learning curve. And Kloxo is a fine control panel, saving you ~$180 a year over cPanel.
I would recommend installing Webmin, a free server management tool that can help you configure ConfigServer CSF Firewall.
Install Webmin after you have installed Kloxo, but don't allow it to configure Apache, DNS, MySQL or PHP. Then, follow the instructions to install the CSF module within Webmin. You will just use Webmin as the UI to access CSF and some other config files. Explore the CSF site to see how it will provide a "security audit" of your server, and make recommendations for better security.
Kloxo and Webmin make a good combination for managing your VPS.
-
08-25-2011, 07:59 PM #11Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
-
08-25-2011, 09:21 PM #12Junior Guru Wannabe
- Join Date
- Jan 2010
- Location
- In your head
- Posts
- 61
-
08-26-2011, 03:09 AM #13Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
-
08-26-2011, 09:03 AM #14Junior Guru Wannabe
- Join Date
- Apr 2010
- Posts
- 36
-
08-26-2011, 09:07 AM #15Junior Guru Wannabe
- Join Date
- Apr 2010
- Posts
- 36
-
08-26-2011, 09:11 AM #16Junior Guru Wannabe
- Join Date
- Apr 2010
- Posts
- 36
thank you, i installed befor iptables with the same post wich you taked me.
but how you think is it better if i will Securing server from SYN flooding DOS attack with this post?
http://www.myliteraturetechlife.com/...ng-dos-attack/
or it is nor for kloxo control panel?
-
08-26-2011, 09:37 AM #17Web Hosting Master
- Join Date
- Jun 2003
- Location
- California
- Posts
- 2,786
Well, let me repeat myself:
I would recommend installing Webmin, a free server management tool that can help you configure ConfigServer CSF Firewall.
Install Webmin after you have installed Kloxo, but don't allow it to configure Apache, DNS, MySQL or PHP. Then, follow the instructions to install the CSF module within Webmin. You will just use Webmin as the UI to access CSF and some other config files. Explore the CSF site to see how it will provide a "security audit" of your server, and make recommendations for better security.
-
08-26-2011, 12:34 PM #18Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
UK Based Proactive Server Management.
Zabbix Enterprise 24/7 Monitoring.
-
08-26-2011, 07:38 PM #19WHT Addict
- Join Date
- Sep 2005
- Posts
- 170
Instead of using kloxo+webmin, why not then virtualmin? just a thought
█ StableHost.com - Home to over 23,000 websites.
█ Contact us: 866.945.6952
█ Offering: 24/7/365 Support, Web Builder and Softaculous.
█ Read over 100+ reviews about us at RateLobby!
Similar Threads
-
Kloxo control panel
By acho-hosting in forum Hosting Software and Control PanelsReplies: 13Last Post: 03-13-2011, 02:50 PM -
Control panel for kloxo
By RepulseServers in forum Hosting Software and Control PanelsReplies: 4Last Post: 02-20-2011, 01:46 AM -
Apache httpd break kloxo control panel
By alexpilot in forum Hosting Security and TechnologyReplies: 4Last Post: 06-19-2010, 10:10 AM -
Kloxo (Previously Lxadmin) Control Panel
By Merged in forum Hosting Software and Control PanelsReplies: 12Last Post: 11-25-2009, 12:01 PM -
Free Control Panel like kloxo ?
By SunShellNET in forum Hosting Software and Control PanelsReplies: 3Last Post: 11-24-2009, 08:56 PM