Best WHM security config?

Discussion in 'Web Hosting' started by KillaKeith, Oct 27, 2013.

0
  1. #1
    I have hardened my servers to the best of my ability. However, I'm always looking to do better. I would like to know what "must haves" people are using that I may have missed. Please share whatever you think is essential for WHM/cPanel security! Thanks in advance :)
     
    KillaKeith, Oct 27, 2013 IP
  2. competent123

    competent123 Notable Member

    Messages:
    1,752
    Likes Received:
    71
    Best Answers:
    6
    Trophy Points:
    255
    #2
    server permissions, remote inclusion, firewall with RIGHT permissions, antivirus.

    know how to investigate what issue was done, and how to fix it.
    have a backup, ALWAYS
    which file/process is taking too much resources ( usually a faulty script, which will literally kill sites of other customers)

    usually it will cut it.
     
    competent123, Oct 27, 2013 IP
  3. WSWD

    WSWD Well-Known Member

    Messages:
    1,420
    Likes Received:
    65
    Best Answers:
    1
    Trophy Points:
    175
    #3
    CSF Firewall is a good start.
     
    WSWD, Oct 27, 2013 IP
  4. KillaKeith

    KillaKeith Well-Known Member

    Messages:
    104
    Likes Received:
    12
    Best Answers:
    2
    Trophy Points:
    135
    #4
    Is clam sufficient for av? or a suggestion if not...
    Also any tips on RFI defense from a server admin aspect? I know most of it is dependent on developers writing safe code, but there has to be some precautions I can be taking globally. This is something i haven't thought about so advice on this is needed!!
    CSF is in place already, thanks for that though!!
     
    Last edited: Oct 28, 2013
    KillaKeith, Oct 28, 2013 IP
  5. WSWD

    WSWD Well-Known Member

    Messages:
    1,420
    Likes Received:
    65
    Best Answers:
    1
    Trophy Points:
    175
    #5
    ClamAV is fine. It's actually quite good. The only issue I have seen with Clam is that on certain VPSs, it uses A LOT of resources. Was never able to determine why, but some of our clients using Clam had ridiculous load issues. On our dedicated servers, we don't see that at all, so it's something to do with the VPS.
     
    WSWD, Oct 28, 2013 IP
  6. Hosting42

    Hosting42 Peon

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #6
    Hello,

    Config Server Security&Firewall, Spam assassin is a great start! Don't forget to forward all server errors to an email you check daily to resolve any issues.

    Thank you!
     
    Hosting42, Oct 29, 2013 IP
  7. bitronictech

    bitronictech Active Member

    Messages:
    74
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    58
    #7
    I would agree with the above. The stack I use on my servers is:

    WHM, ClamAV, SpamAssasin, CSF (Config Server Security&Firewall), PHP-fCGI (mod security)

    Also make sure you go through the checklist that CSF provides, if you follow their recommendations there your server will be a lot more secure.

    Don't forget the usual suspects, block IPs for port scanning and invalid login attempts, change SSH to a non-standard port and use SSH-keys instead of passwords for root. Also make sure you never access WHM over a non-ssl connection, use a valid SSL cert to protect against MITM attacks... and don't use a compromised browser.

    Pretty common sense stuff goes a long way!
     
    bitronictech, Nov 2, 2013 IP