Results 1 to 19 of 19
  1. #1
    Join Date
    Apr 2010
    Posts
    36

    how secure the vps with kloxo control panel

    hello

    am a biginer with kloxo control panel

    can you please tell me what i must do all to config the webmail and the database and all what i must do in first time install it?


    and tell me please what i must do in ssh to secure it.

  2. #2
    Join Date
    Oct 2010
    Posts
    620
    Well before you secuire your VPS with kloxo control panel , I will suggest you not to use that control panel itself and switch your control panel to either Cpanel or Plesk.
    || 24x7CloudServerManagement | Server Management & Technical Support ||
    || Hosting Infrastructure & Customer Service Mangement 24x7 | Cpanel Server Management ||
    || https://www.24x7cloudservermanagement.com ||

  3. #3
    su_php more scure than modphp

  4. #4
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    Quote Originally Posted by hamdi View Post
    hello

    am a biginer with kloxo control panel

    can you please tell me what i must do all to config the webmail and the database and all what i must do in first time install it?


    and tell me please what i must do in ssh to secure it.
    Sure, Check this out: http://www.myliteraturetechlife.com/?s=kloxo

    Its got everything from tweaking MYSQL to Installing iptables, You should find that some help

    Quote Originally Posted by eNetCloud-CEO View Post
    Well before you secuire your VPS with kloxo control panel , I will suggest you not to use that control panel itself and switch your control panel to either Cpanel or Plesk.
    Why what is wrong with Kloxo?
    Last edited by Server Management; 08-25-2011 at 06:32 AM.
    UK Based Proactive Server Management.
    Zabbix Enterprise 24/7 Monitoring.

  5. #5
    Join Date
    Jul 2006
    Location
    Australia
    Posts
    3,809
    Quote Originally Posted by cd/home View Post
    Why what is wrong with Kloxo?
    I was wondering the same thing.

  6. #6
    Please find some tips how you can secure your server in general which has kloxo inside. You see kloxo is really buggy control panel and as I have noticed the scripting of kloxo is really a huge mess up.
    Anyway these are the general tips for you which it would help you to make more secure server:
    1. Disable all ports except httpd (443 for ssl), imap (if you will be using the mail server in it), smtp (if you will be sending the email).
    2. Make iptable configuration which would look like this:
    *filter
    :INPUT ACCEPT [xxx:xxx]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [xxx:xxx]
    -A INPUT -s xx.xx.xx.xx -j ACCEPT
    -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -s 127.0.0.0/255.0.0.0 -i eth0 -p tcp -m tcp -j ACCEPT

    This is just an example for iptables file which IPs you will grant to connect and to which port.

    3. You can also use dotdefender which is actually very similar like mod_security, but if you do not have any knowledge how to control mod_security you can use the dotdefender with web interface it is also not free, so if you do not want to spend the money on it, start to read articled how to configure mod_security. It is really huge thing and novice knowledge needed.

    4. I would not recommend to touch kloxo code or do any customizations as it is really sensitive thing to have. The connections between scripting are so bad, that if you will touch one end you will see that server is not working from the other end. It has very poor email handling and uses postfix, by default, so be careful in there.

    5. Update to the latest kernel, to make sure that some kind of scanners would not get you the kernel hack. I know that it was with earlier kernels a bug which was done by joomla /tmp directory and hacker could rewrite all index pages, etc.

    6. In general using open source stuff is a bit risky, because every one knows the code and those the major bugs. If you will follow those steps you should be safe.

    That is probably the major things what you need to remember.

    @artetatu suphp and modphp are for the resource management, but not for security...

  7. #7
    Actually, nothing is wrong with it, but you must admit that they have some logic missing in some part of processes handled.
    It is free and I guess this is the best you can get for free. None of other open source panel are so powerful like kloxo.


    Quote Originally Posted by cd/home View Post
    Sure, Check this out: http://www.myliteraturetechlife.com/?s=kloxo

    Its got everything from tweaking MYSQL to Installing iptables, You should find that some help



    Why what is wrong with Kloxo?

  8. #8
    Join Date
    Jan 2010
    Location
    Lithuania
    Posts
    1,115

  9. #9
    Kloxo is a great FREE alternative for a control panel, specially if you've got a small vps. It's still being updated, it's ugly but does the job
    StableHost.com - Home to over 23,000 websites.
    Contact us: 866.945.6952
    Offering: 24/7/365 Support, Web Builder and Softaculous.
    Read over 100+ reviews about us at RateLobby!

  10. #10
    Join Date
    Jun 2003
    Location
    California
    Posts
    2,786
    For a beginner, configuring IP tables manually has a large learning curve. And Kloxo is a fine control panel, saving you ~$180 a year over cPanel.

    I would recommend installing Webmin, a free server management tool that can help you configure ConfigServer CSF Firewall.

    Install Webmin after you have installed Kloxo, but don't allow it to configure Apache, DNS, MySQL or PHP. Then, follow the instructions to install the CSF module within Webmin. You will just use Webmin as the UI to access CSF and some other config files. Explore the CSF site to see how it will provide a "security audit" of your server, and make recommendations for better security.

    Kloxo and Webmin make a good combination for managing your VPS.

  11. #11
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    Quote Originally Posted by fshagan View Post
    Kloxo and Webmin make a good combination for managing your VPS.
    Whys that?
    UK Based Proactive Server Management.
    Zabbix Enterprise 24/7 Monitoring.

  12. #12
    Join Date
    Jan 2010
    Location
    In your head
    Posts
    61
    Quote Originally Posted by cd/home View Post
    Whys that?
    he have just explained it.

  13. #13
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    Quote Originally Posted by sk8er431 View Post
    he have just explained it.
    Unless am not reading something but where exactly did they explain as to why Kloxo and Webmin are good together?
    UK Based Proactive Server Management.
    Zabbix Enterprise 24/7 Monitoring.

  14. #14
    Join Date
    Apr 2010
    Posts
    36
    Quote Originally Posted by eNetCloud-CEO View Post
    Well before you secuire your VPS with kloxo control panel , I will suggest you not to use that control panel itself and switch your control panel to either Cpanel or Plesk.
    but i think for free control panel kloxo the best one or there are better?

  15. #15
    Join Date
    Apr 2010
    Posts
    36
    Quote Originally Posted by artetatu View Post
    su_php more scure than modphp
    yes but can you expalin more? can i install su_php and the control panel is kloxo?

  16. #16
    Join Date
    Apr 2010
    Posts
    36
    Quote Originally Posted by cd/home View Post
    Sure, Check this out: http://www.myliteraturetechlife.com/?s=kloxo

    Its got everything from tweaking MYSQL to Installing iptables, You should find that some help



    Why what is wrong with Kloxo?

    thank you, i installed befor iptables with the same post wich you taked me.

    but how you think is it better if i will Securing server from SYN flooding DOS attack with this post?
    http://www.myliteraturetechlife.com/...ng-dos-attack/
    or it is nor for kloxo control panel?

  17. #17
    Join Date
    Jun 2003
    Location
    California
    Posts
    2,786
    Quote Originally Posted by cd/home View Post
    Unless am not reading something but where exactly did they explain as to why Kloxo and Webmin are good together?
    Well, let me repeat myself:

    I would recommend installing Webmin, a free server management tool that can help you configure ConfigServer CSF Firewall.

    Install Webmin after you have installed Kloxo, but don't allow it to configure Apache, DNS, MySQL or PHP. Then, follow the instructions to install the CSF module within Webmin. You will just use Webmin as the UI to access CSF and some other config files. Explore the CSF site to see how it will provide a "security audit" of your server, and make recommendations for better security.
    To clarify, Kloxo does not have a UI for CSF. Webmin works well to provide the UI. The OP stated his inexperience, and wanted some easier solutions.

  18. #18
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    Quote Originally Posted by fshagan View Post
    To clarify, Kloxo does not have a UI for CSF. Webmin works well to provide the UI. The OP stated his inexperience, and wanted some easier solutions.
    Oh ok, But it hardly justifys the statement of "Webmin" & Kloxo go good together just because "Webmin" as a GUI for CSF...

    If your not tech savvy you shouldnt be using an unmanaged control panel anyway so having a GUI for CSF within Kloxo isnt needed...
    UK Based Proactive Server Management.
    Zabbix Enterprise 24/7 Monitoring.

  19. #19
    Instead of using kloxo+webmin, why not then virtualmin? just a thought
    StableHost.com - Home to over 23,000 websites.
    Contact us: 866.945.6952
    Offering: 24/7/365 Support, Web Builder and Softaculous.
    Read over 100+ reviews about us at RateLobby!

Similar Threads

  1. Kloxo control panel
    By acho-hosting in forum Hosting Software and Control Panels
    Replies: 13
    Last Post: 03-13-2011, 02:50 PM
  2. Control panel for kloxo
    By RepulseServers in forum Hosting Software and Control Panels
    Replies: 4
    Last Post: 02-20-2011, 01:46 AM
  3. Apache httpd break kloxo control panel
    By alexpilot in forum Hosting Security and Technology
    Replies: 4
    Last Post: 06-19-2010, 10:10 AM
  4. Kloxo (Previously Lxadmin) Control Panel
    By Merged in forum Hosting Software and Control Panels
    Replies: 12
    Last Post: 11-25-2009, 12:01 PM
  5. Free Control Panel like kloxo ?
    By SunShellNET in forum Hosting Software and Control Panels
    Replies: 3
    Last Post: 11-24-2009, 08:56 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •