NamePros.Com - View Single Post - A Beginner's Guide to Securing Your Server Part 1 of 3 (Security Inside WHM/CPanel)

These are items inside of WHM/Cpanel that should be changed to secure your server.

Goto Server Setup =>> Tweak Settings

Check the following items...

Under Domains

Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)

Under Mail

Attempt to prevent pop3 connection floods

Default catch-all/default address behavior for new accounts - blackhole

Under System

Use jailshell as the default shell for all new accounts and modified accounts

Goto Server Setup =>> Tweak Security

Enable php open_basedir Protection

Enable mod_userdir Protection

Disabled Compilers for unprivileged users.

Goto Server Setup =>> Manage Wheel Group Users

Remove all users except for root and your main account from the wheel group.

Goto Server Setup =>> Shell Fork Bomb Protection

Enable Shell Fork Bomb/Memory Protection

When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.

Goto Service Configuration =>> FTP Configuration

Disable Anonymous FTP

Goto Account Functions =>> Manage Shell Access

Disable Shell Access for all users (except yourself)

Goto Mysql =>> MySQL Root Password

Change root password for MySQL

Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans:

/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod

10-01-2004, 05:37 PM	· #1
000000000 NamePros Member Trader Rating: (0) Join Date: Sep 2004 Posts: 32 NP$: 28.30 (Donate)	A Beginner's Guide to Securing Your Server Part 1 of 3 (Security Inside WHM/CPanel) These are items inside of WHM/Cpanel that should be changed to secure your server. Goto Server Setup =>> Tweak Settings Check the following items... Under Domains Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com) Under Mail Attempt to prevent pop3 connection floods Default catch-all/default address behavior for new accounts - blackhole Under System Use jailshell as the default shell for all new accounts and modified accounts Goto Server Setup =>> Tweak Security Enable php open_basedir Protection Enable mod_userdir Protection Disabled Compilers for unprivileged users. Goto Server Setup =>> Manage Wheel Group Users Remove all users except for root and your main account from the wheel group. Goto Server Setup =>> Shell Fork Bomb Protection Enable Shell Fork Bomb/Memory Protection When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features. Goto Service Configuration =>> FTP Configuration Disable Anonymous FTP Goto Account Functions =>> Manage Shell Access Disable Shell Access for all users (except yourself) Goto Mysql =>> MySQL Root Password Change root password for MySQL Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans: /sbin/depmod /sbin/insmod /sbin/insmod.static /sbin/modinfo /sbin/modprobe /sbin/rmmod Please register or log-in into NamePros to hide ads