Activity Stream
48,167 MEMBERS
61070 ONLINE
besthostingforums On YouTube Subscribe to our Newsletter besthostingforums On Twitter besthostingforums On Facebook besthostingforums On facebook groups

Results 1 to 7 of 7
  1.     
    #1
    Member
    Website's:
    nationwebhost.com

    Default How To Secure&Optimize A cPanel Server! [Full of information]

    Start

    If you do not know how to install cPanel - Proceed with this tutorial here:
    How To Install cPanel - CentOS 5.

    Firstly, this tutorial is based on CentOS. You can find information on other operating

    system on the internet by using your friend.

    I am writing this tutorial as me myself never found one large post containing all the

    information you need to secure your VPS/Dedicated server. Everyone should know that there

    is no such thing as 'Non hackable'. Sooner or later - exploits will come out. This

    tutorial is based on cPanel/WHM running on CentOS 5.3.

    We are starting from you have bought the vps/dedicated server with CentOS 5.3 installed

    and cPanel installed. If cPanel is not installed, follow my tutorial above.

    1.1) First of login to WHM as root. Navigate to 'Server Configuration

    '. In this we will find a things that we are going to use to help secure our

    server. First we are going to go into 'Change Root Password'.

    As default, the root password is set at 'root', therefore we

    need to change it as it will be prone to getting hacked. Set it to a strong password and

    don't give it out to anyone.

    1.2) Next we are going to set the time zone on the server, on forums and other software,

    it will get the time from the servers time. I personally prefer it set to GMT. This is not

    vital but I prefer the time zone being GMT.

    1.3) We are now going to go into 'Statistics Software Configuration

    '. This is were users can monitor their traffic they get to their website. We are

    going to scroll down to 'Generators Configuration'. I

    recommend

    enabling all three; Analog, Awstats and Webalizer. Users may prefer one or another, most

    people use Awstast.

    Next we are going to move along to 'Schedule Configuration'.

    We

    are going to set 'Log Processing Frequency' to process every

    '24 hours' and 'Bandwidth Processing Frequency

    ' every '2 hours'.

    1.4) We are now going to tweak the servers settings. To tweak them we are going into an

    area called 'Tweak Settings', still within '

    Server Configuration
    '.

    - cPAddons


    Code: 
    The default administrative contact for cPAddons moderation emails. 
    
    (Resellers will be notified if their contact email is set in cPanel):
    - Set this to your email address.

    Code: 
    Automatically keep all cPAddons Source Files up to date.
    -

    Tick This

    Code: 
    The maximum number of moderated requests that a user may have at any 
    
    given time
    - 99

    Code: 
    The maximum number of moderated requests per addon that a user may have 
    
    at any given time
    - 99

    Code: 
    Alert cPAddons administrator of pending moderation requests
    -

    Unchecked

    Code: 
    Prevent installation of addon scripts not provided by cPanel
    - Unchecked

    Code: 
    Prevent installation of cPanel addon scripts that have been altered 
    
    (Turning this off may be useful when testing custom addons.)
    - Checked

    Code: 
    Notify owners when their users have cPAddon installations that need 
    
    updated
    - Checked


    Code: 
    Notify cPAddons Adminstrator of cPAddon installations that need updated.
    - Checked

    Code: 
    Notify users when they have cPAddon installations that need updated.
    - Allow users to choose
    Display


    '
    Code: 
    The login theme to display for cPanel Login. See the Universal Theme Manager for options. If you are posting to /login/ you can include "login_theme" as a uri/form variable to overwrite this setting on a per case basis.
    ' - Textbox = 'cpanel'

    '
    Code: 
    Number (or all) of accounts to display per page in list accounts.
    ' - '30'
    Domains


    Code: 
    Allow users to park subdomains of the server's hostname main domain.
    - Unchecked

    Code: 
    Allow users to Park/Addon Domains on top of domains owned by other users. (probably a bad idea)
    - Unchecked

    Code: 
    Allow Creation of Parked/Addon Domains that resolve to other servers (i.e. domain transfers) [This can be a major security problem. If you must have it enabled, be sure to not allow users to park common internet domains.]
    - Unchecked

    [code]Allow resellers to create accounts with subdomains of the server's hostname main domain.[code] - Unchecked

    Code: 
    Allow Creation of Parked/Addon Domains that are not registered
    - Unchecked

    Code: 
    When adding a new domain, automatically create A entries for the registered nameservers if they would be contained in the zone.
    - Checked

    Code: 
    Prevent users from parking/adding on common internet domains. (i.e. hotmail.com, aol.com)
    - Checked

    Code: 
    Check zone file syntax when saving and syncing zones.
    - Checked

    Code: 
    Application for processing dns requests. The default is to use cPanel Dns cluster system located at /usr/local/cpanel/whostmgr/bin/dnsadmin. (Recommended: leave blank to use the default).
    - Textbox = 'blank'

    Code: 
    Add proxy VirtualHost to httpd.conf to automatically redirect unconfigured cpanel, webmail, webdisk and whm subdomains to the correct port (requires mod_rewrite and mod_proxy)
    - Checked

    Code: 
    Automatically create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for new accounts. When this is initially enabled it will add appropriate proxy subdomain DNS entries to all existing accounts. (Use /scripts/proxydomains to reconfigure the DNS entries manually)
    - Checked

    Code: 
    Allow users to create cpanel, webmail, webdisk and whm subdomains that override automatically generated proxy subdomains
    - Checked

    Code: 
    Prevent users from creating subdomains outside of their public_html directory.
    - Unchecked

    Code: 
    When adding a new domain, if the domain is already registered, ignore the configured nameservers, and set the NS line to the authoritative (registered) ones.
    - Unchecked
    Logging


    'Log dnsadmin requests to /usr/local/cpanel/logs/dnsadmin.log'

    - Unchecked

    'Enable verbose dns zone syncing (for testing purposes only, not for

    production use)
    ' - Unchecked
    Mail


    'Default catch-all/default address behavior for new accounts. "fail" is

    usually the best choice if you are getting mail attacks.
    ' - '

    localuser
    '

    'Silently Discard all FormMail-clone requests with a bcc: header in the

    subject line
    ' - Checked

    'Allow mail account authentication using the password of the domain

    owner's account
    ' - Unchecked

    'Number of minutes between mail server queue runs (default is 60).

    ' - 60

    'Track the origin of messages sent though the mail server by adding the

    X-Source headers (exim 4.34+ required)
    ' - Unchecked

    'The maximum each domain can send out per hour (0 is unlimited)

    ' - 100

    'Prevent the user "nobody" from sending out mail to remote addresses (PHP

    and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec

    respectively.)
    ' - Unchecked

    'Include a list of Pop before SMTP senders in the X-PopBeforeSMTP header

    when relaying mail. (exim 4.34-30+ required)
    ' - Unchecked

    'BoxTrapper Spam Trap' - Unchecked

    'Horde Webmail' - Checked

    'Mailman' - Checked

    'RoundCube Webmail' - Checked

    'SpamAssassin Spam Filter' - Checked

    'SpamAssassin Spam Box delivery for messages marked as spam (user

    configurable)
    ' - Unchecked

    'SquirrelMail Webmail' - Checked

    'Add the mail. prefix for mailman urls (ie

    http://mail.domain.com/mailman)
    ' - Unchecked
    Notifications


    'Notify the admin, (or the reseller), when an account has reached the

    "critical" Disk Usage state.
    ' - Checked

    'Threshold percentage where a user's disk usage is considered to be in the

    "critical" state. (0 will disable this notification)
    ' - 90

    'Notify the admin, (or the reseller), when an account has reached the

    "full" Disk Usage state.
    ' - Checked

    'Threshold percentage where a user's disk usage is considered to be in the

    "full" state. (0 will disable this notification)
    ' - 85

    'Notify the admin, (or the reseller), when an account has reached the

    "warn" Disk Usage state.
    ' - Checked

    'Threshold percentage where a user's disk usage is considered to be in the

    "warn" state. (0 will disable this notification)
    ' - 80

    'Threshold percentage where a mailbox's disk usage is considered to be in

    the "critical" state. (0 will disable this notification)
    ' - 90

    'Threshold percentage where a mailbox's disk usage is considered to be in

    the "full" state. (0 will disable this notification)
    ' - 85

    'Threshold percentage where a mailbox's disk usage is considered to be in

    the "warn" state. (0 will disable this notification)
    ' - 80

    'Email users when they have exceeded their bandwidth. Disabling this will

    prevent all Bandwidth Limits Email from being sent.
    ' - Checked

    'Email users when they have reached 70% of their bandwidth
    Email users when they have reached 75% of their bandwidth
    Email users when they have reached 80% of their bandwidth
    Email users when they have reached 85% of their bandwidth
    Email users when they have reached 90% of their bandwidth
    Email users when they have reached 95% of their bandwidth
    Email users when they have reached 97% of their bandwidth
    Email users when they have reached 98% of their bandwidth
    Email users when they have reached 99% of their bandwidth
    ' - From 90 Onwards

    'Mail Box Usage Warnings' - Checked

    'Disable Suspending accounts that exceed their bandwidth limit (will clear

    all suspensions if disabled, and disable all bandwidth notifications.)
    ' -

    Unchecked

    'Disk Space Usage Warnings' - Checked
    PHP


    'PHP max execution time for cPanel PHP execution in seconds (default 90)

    ' - 90

    'PHP Max Post Size for cPanel PHP in Megabytes (default 55M with a maximum

    value of 2047M)
    ' - 55M

    'cPanel PHP Register Globals (Off [unchecked] is recommended for security

    reasons)
    ' - Unchecked

    'PHP Max Upload Size for cPanel PHP in Megabytes (default 50M with a

    maximum value of 2047M)
    ' - 2M

    'Loader to use for internal cPanel PHP (Use oldsourceguardian for version

    1.x and 2.x)
    ' - ioncube
    Redirection


    'Always redirect users to the ssl/tls ports when visiting /cpanel,

    /webmail, etc.
    ' - Unchecked

    'When visiting /cpanel or /whm or /webmail WITHOUT SSL, you can choose to

    redirect to:
    ' - hostname

    'When visiting /cpanel or /whm or /webmail with SSL, you can choose to

    redirect to:
    ' - SSL Certificate Name

    'Redirect user to the following URL upon logout of the cPanel interface. A

    blank value specifies the default logout page.
    ' - Textbox = 'blank'
    Security


    'Validate the IP addresses used in all cookie based logins. This will

    limit the ability of attackers who capture cPanel session cookies to use them in an

    exploit of the cPanel or WebHost Manager interfaces. For this setting to have maximum

    effectiveness, proxydomains should also be disabled.
    ' - Checked

    'Allow WHM/Webmail/cPanel services to create core dumps for debugging

    purposes. Core dumps often contain sensitive information but may be necessary for

    debugging certain types of service crashes.
    ' - Checked.

    'Send passwords in plaintext over email when creating a new acccount.

    Enabling this option is a security risk.
    ' - Unchecked

    'Only permit cpanel/whm/webmail to execute functions when the browser

    provides a referrer. This will help prevent XSRF attacks, but may break integration with

    other systems, login applications, and billing software. Cookies are required with this

    option enabled.
    ' - Unchecked

    'Only permit cpanel/whm/webmail to execute functions when the browser

    provided referrer (Domain/IP and Port) exactly matches the destination URL. This will help

    prevent XSRF attacks, but may break integration with other systems, login applications,

    and billing software. Cookies are required with this option enabled.
    ' -

    Unchecked

    'Require SSL for all remote logins to cPanel, WHM and Webmail. This

    setting is recommended.
    ' - Checked

    'Disable Http Authentication for cPanel/WebMail/WHM Logins (forces cookie

    authentication.) This will help prevent certain types of XSRF attacks that rely on cached

    Http Auth credentials.
    ' - Checked

    'Use MD5 encoded passwords in Apache htpasswd files. When this option is

    disabled crypt encoded passwords will be used instead. Crypt encoded passwords are limited

    to a maximum length of 8 characters while MD5 encoded passwords may be any length.


    ' - Checked

    'Require security tokens for all interfaces. This will greatly improve the

    security of cPanel and WHM against XSRF attacks, but may break integration with other

    systems, login applications, billing software and third party themes.
    ' - Checked
    Software


    'Interchange version to use (if you disable interchange, you must turn off

    the service in the service manager)
    ' - Disable

    'FormMail-clone cgi' - Unchecked

    'The path to the Urchin installation (if installed.) (Leave blank for

    auto-detection.)
    ' - Textbox = 'blank'

    SQL

    'Calculate the disk usage of account MySQL and PostgreSQL databases.

    ' - Checked

    'Use old style (4.0) passwords with MySQL? 4.1+ (required if you have

    problems with PHP apps authenticating)
    ' - Unchecked
    Stats and Logs


    'Allow users to update Awstats from cPanel' - Checked

    'Number of hours between processing bandwidth usage (default 2, max 24,

    decimal values are ok)
    ' - 4

    'Number of hours between processing log files (positive values, default

    24, decimal values are ok)
    ' - 24

    'Delete each domain's access logs after stats run' - Checked

    'The load average above the number of cpus at which logs file processing

    should be suspended (default 0)
    ' - 0

    'Do not include password in the raw log download link in cPanel (via

    ftp).
    ' - Unchecked

    'Do not reset /usr/local/apache/domlogs/ftpxferlog after it has been

    separated into each domain name's ftp log
    ' - Unchecked

    'Keep log files at the end of the month (default is off as you can run out

    of disk space quickly)
    ' - Unchecked

    'Keep Stats Log (/usr/local/cpanel/logs/stats_log) between cPanel restarts

    (default is off). Note that log rotation may affect this as well.
    ' - Unchecked

    'Chmod value for raw apache log files (0640 is the default)' -

    0640

    'Threshold in megabytes above which cpanellogd will rotate log files

    configured for log rotation. (Minimum 10MB)
    ' - 300

    'When viewing bandwidth usage in WHM, always display in Megabytes first.

    ' - Unchecked

    'Stats Log Level (default is 1, larger numbers indicate more debug

    information in /usr/local/cpanel/logs/stats_log) [0...10]
    ' - 1

    Stats Programs

    'Awstats Reverse Dns Resolution' - Unchecked

    'Analog Stats' - Checked

    'Awstats Stats' - Checked

    'Webalizer Stats' - Checked

    Status

    'The load average that will cause the server status to appear red (leave

    blank for default, whole numbers only)
    ' - 2

    Support

    'Send the credentials of the logged in user when requesting support from

    cPanel directly.
    ' - Checked
    System


    'List of IP addresses or hostnames, separated by spaces, which are allowed

    to view the /server-info and /server-status pages. See the Apache documentation for proper

    values.
    ' - Textbox = Blank

    'Allow cPanel users to install SSL Hosts if they have a dedicated ip.

    ' - Checked

    'Allow Perl updates from RPM based linux vendors' - Unchecked

    'Do not send anonymous usage data to cPanel' - Unchecked

    'The port on which Apache listens for HTTP connections. Specifying a

    specific IP will prevent Apache from listening on all other IPs. (default: 0.0.0.0:80)

    ' - 0.0.0.0:80

    'The port on which Apache listens for HTTPS connections. Specifying a

    specific IP will prevent Apache from listening on all other IPs. (default: 0.0.0.0:443)

    ' - 0.0.0.0:443

    'Number of seconds dnsadmin will wait before restarting BIND. Additional

    restart requests during this time period will be silently discarded. On systems that

    process very frequent DNS updates a setting of 300 or 600 seconds is recommended. On

    systems with few DNS changes, the default setting of 0 is recommended. Note that DNS

    changes will not take effect until the restart is complete.
    ' - 0

    'Conserve Memory at the expense of using more cpu/diskio.' -

    Unchecked

    'Allow usernames to be determined from the account domain name when no

    username is provided.
    ' - Unchecked

    'Compress interface pages using gzip compression reducing bandwidth usage

    for cPanel and WHM.
    ' - Checked

    'Disable use of compiled dnsadmin. Setting this option allows use of

    system Perl modules within custom dnsadmin hooks. Setting this option will increase

    execution time of dnsadmin functions.
    ' - Unchecked

    'Allow Sharing Nameserver Ips' - Unchecked

    'Disable Disk Quota display caching (WHM will cache disk usage which may

    result in the display of disk quotas being up to 15 minutes behind the actual disk usage.

    Disabling this may result in a large performace degradation.)
    ' - Unchecked

    'Disable login with root or reseller password into the users' cPanel

    interface. Also disable switch account dropdown in themes with switch account feature.

    ' - Unchecked

    'Try to resolve each client's IP to a domain name when a user connects to

    cPanel services (warning: This can degrade performance).
    ' - Unchecked

    'Enable CPAN:QLite for low memory perl module installs (experimental)

    ' - Unchecked

    'Only allow reseller to log in to users' cPanel interface with reseller

    password.
    ' - Unchecked

    'Display Errors in cPanel instead of logging them to

    /usr/local/cpanel/logs/error_log
    ' - Unchecked

    'The maximum file size allowed for upload. This setting applies to all

    uploads and form submissions in all web interfaces throughout cPanel and WHM. (Type

    ?unlimited? for unlimited; this is the default setting.)
    ' - Textbox -

    unlimited

    'The minimum filesystem quota space required after file upload. This will

    prevent users from hitting their quota limit; it applies to all uploads and form

    submissions in all web interfaces throughout cPanel and WHM. (Default: 5MB)
    ' -

    5

    'The maximum number of directories deep to look for .htaccess files when

    doing .htaccess checks. Can be from 0 to 100. 2 is the default setting. Values higher than

    this are discouraged.
    ' - 2

    'Do not warn about features that will be deprecated in later releases

    (Warning: If you check this box, you will not be able to learn about features that will be

    disappearing in future releases. This could lead to a non-functional server when the

    feature is finally removed.)
    ' - Unchecked

    'Use jailshell as the default shell for all new accounts and modified

    accounts
    ' - Unchecked

    'The maximum memory a cPanel process can use before it is killed off (in

    megabytes). Values less than 256 megabytes can not be specified. A value of "0" will

    disable the memory limits.
    ' - Textbox = 256

    'Use native SSL support if possible, negating need for Stunnel

    ' - Checked

    'Do not send language file changes to cPanel' - Unchecked

    'Specify the timeout in seconds for connections between this server and

    other remote WHM servers. Values less than 35 cannot be specified.
    ' - Textbox

    = 35

    'Maximum time in seconds that the system is permitted to spend fetching

    diskusage and quota information before it considers the data unavailable.
    ' -

    Textbox = 60

    'Allow cPanel users to reset their password via email' -

    Unchecked

    'Enable cPanel Software RollBack. This feature turns on a build archiving

    and restoration facility, allowing the server administrator to "roll back" their cPanel

    installation to previous build. All files are stored on the server.
    ' -

    Unchecked

    'Do not start deprecated Melange 1.10 chat server.' - Checked

    'Send a notification when a user's backup has errors' -

    Checked

    'Allow cpanel and admin binaries to be run from other applications besides

    the cpanel server (cpsrvd). [parentcheck]
    ' - Unchecked

    'Disable whois lookups for the nameserver IP manager.' -

    Checked

    'The number of times a ChkServd TCP check must fail before notification is

    sent and the service is restarted. On heavily loaded systems these types of service checks

    fail occasionaly producing erroneous indications that services are down. A setting of 0

    will disable all notifications and restarts due to TCP checks. Setting this value to 3 or

    higher is recommended for most systems.
    ' - 3

    'Use Safe Quota Setting (quotas will be disabled, adjusted, and then re-

    enabled). This option should be enabled if you are having problems with lost disk quotas

    or other quota system corruption. Under software raid and other circumstances enabling

    this option will degrade server performance.
    ' - Unchecked
    Save


    We have now completed part one.


    --------------------------------------------

    2.1) Second, Navigate to 'Security Center'.

    First we are going to go into 'Apache mod_userdir Tweak'.

    In here we will disable 'Enable mod_userdir Protection' as it prevents users from accessing their website when the domain has not propogated.

    2.2) Next we will go into 'Compiler Access'.

    We want to make sure it is disabled.

    2.3) Navigate to 'cPHulk Brute Force Protection'

    Set it to enabled and you can fill in what you wish for bruteforce.

    2.4) Navigate to 'PHP open_basedir Tweak'

    We want to enable this and make sure all the sites hosted the server are not excluded from this.

    2.5) Navigate to 'Shell Fork Bomb Protection'

    This will not matter if your users do not have access to SSH. However I recommend not to have SSH access.

    2.6) Navigate to 'SMTP Tweak'

    Have this enabled - It basically just stops users from exceeding the email sending limit.

    2.7) Navigate to 'Traceroute Enable/Disable'

    The traceroute utility is a network tool that can be used to determine the route taken by information (packets) sent across the Internet. This often is the first step in pinpointing weaknesses for mounting an attack.

    We have now completed part two.


    --------------------------------------------

    2.1) Third, Navigate to 'Service Configuration'.

    First we are going to go into 'Apache Configuration >> PHP and SuExec Configuration'.

    In here we will set 'Default PHP Version (.php files)'s' value to '5'.

    'PHP 5' handler 'suphp'

    'PHP 4' handler 'none'

    'Apache suEXEC' value to 'on'

    2.3) Next we will go into 'FTP Server Selection'.

    We want to make sure it is on 'Pure-FTPD'

    2.4) Navigate to 'Mailserver Selection'

    Set it to 'Dovecot'.

    2.5) Navigate to 'Nameserver Selection'

    We want to set this to 'BIND'

    2.6) Navigate to 'PHP Configuration Editor'

    Download php.ini file

    2.7) Navigate to 'Service Manager'

    Tick 'tailwatchd' and all others in the table.

    cpdavd: Monitor only
    entropychat: Unchecked
    exim: Enabled & Monitored
    exim on another port: Unchecked
    ftpd: Enabled
    httpd: Enabled & Monitored
    imap: Enabled & Monitored
    ipaliases: Enabled
    melange: Unchecked
    mysql: Enabled & monitored
    named: Enabled & Monitored
    spamd: Enabled & Monitored
    sshd: Enabled & Monitored
    syslogd: Enabled & Monitored

    We have now completed part three.


    --------------------------------------------

    Changing SSH Default Port

    I recommend changing this, this is a security flaw. Login to your server with putty as root.

    Using the file editor that you are familiar with, edit the following file:
    '/etc/ssh/sshd_config'

    I will use nano.
    nano /etc/ssh/sshd_config

    Search for the number 22, change it to the port of your choice. Make sure it is not firewalled or used by another program.

    Now restart SSH
    '/etc/init.d/sshd restart'

    Write down the port number so you don't forget it or you will not be able to access SSH again.

    We have now completed changing the default SSH port.


    --------------------------------------------

    How to install RootKit hunter

    Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

    - MD5 hash compare
    - Look for default files used by rootkits
    - Wrong file permissions for binaries
    - Look for suspected strings in LKM and KLD modules
    - Look for hidden files
    - Optional scan within plaintext and binary files

    Rootkit Hunter is released as GPL licensed project and free for everyone to use.

    * No, not really 99.9%.. It's just another security layer.

    Yet again you need to be logged into SSH. Use the above part to see how to login into SSH.

    Once you are logged into type in:
    'cd /usr/src/utils'
    This will navigate you to direct /usr/src/utils

    We are now going to download RootKit Hunter to the utils directory.
    wget 'http://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.3.6/rkhunter-1.3.6.tar.gz'

    Once downloaded we are going to extract the tar file and then delete the download.
    'tar xfz rkhunter-1.3.6.tar.gz'
    'del rkhunter-1.3.6.tar.gz'

    We are now going to proceed to the RootKit Hunter directory
    'cd rkhunter-1.3.6'

    Now for the installation
    'sh installer.sh--install'

    Successful installation

    Now to scan the server for possible infections.
    'rkhunter -c'

    We have now completed installing RootKit Hunter.


    --------------------------------------------

    How to install (D)DoS-Deflate

    MediaLayer was in need of a script to automatically mitigate (D)DoS attacks. The necessity started when MediaLayer was the target of a rather large, consistent attack originating from multiple IP addresses. Each IP would have a large amount of connections to the server, as shown as by:

    Code: 
    netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
    It became a general practice for us to be blocking IPs with a large amount of connections, but we wanted to get this automated. Zaf created a script mitigate this kind of attack. We kept improving it to meet our own needs and eventually posted it on Defender Hosting's Forum. (D)DoS-Deflate is now recognized as one of the best ways to block a (D)DoS attack at the software level.

    We are now going to download (D)DoS-Deflate
    'wget http://www.inetbase.com/scripts/ddos/install.sh'

    Change it's permissions
    'chmod 0700 install.sh'

    Installation
    './install.sh'

    Requires APF - APF Installation Guide
    We have now completed installing (D)DoS-Deflate.



    --------------------------------------------

    I am not a server securing expert so If you think something is wrong or could be better, please post here .
    NationWebHost Reviewed by NationWebHost on . How To Secure&Optimize A cPanel Server! [Full of information] Start If you do not know how to install cPanel - Proceed with this tutorial here: How To Install cPanel - CentOS 5. Firstly, this tutorial is based on CentOS. You can find information on other operating system on the internet by using your friend. I am writing this tutorial as me myself never found one large post containing all the Rating: 5
    NationWebHost
    Follow us: Twitter Facebook

    Affordable Shared & Reseller Web Hosting Plans

  2.   Sponsored Links

  3.     
    #2
    Banned
    Website's:
    google.com knownsrv.com
    THANK YOU very useful

  4.     
    #3
    Member
    Website's:
    nationwebhost.com
    Thanks !
    NationWebHost
    Follow us: Twitter Facebook

    Affordable Shared & Reseller Web Hosting Plans

  5.     
    #4
    Banned
    Website's:
    orangevps.com
    Nice job.

    You Should of included some extra's like nginx that would help a lot of people.

  6.     
    #5
    Member
    Website's:
    nationwebhost.com
    Still not finished, I've still to add a few more things.
    NationWebHost
    Follow us: Twitter Facebook

    Affordable Shared & Reseller Web Hosting Plans

  7.     
    #6
    Member
    Is this really much of a "secure" cPanel thread. You havnt even said anything about disabled functions and that is one of the first things that comes into my head on shared hosting security.

  8.     
    #7
    Member
    Website's:
    nationwebhost.com
    I've not finished writing this tutorial.
    NationWebHost
    Follow us: Twitter Facebook

    Affordable Shared & Reseller Web Hosting Plans

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. How To: Secure and Optimize your VPS
    By Raptile in forum Technical and Security Tutorials
    Replies: 33
    Last Post: 22nd Aug 2012, 03:41 PM
  2. [Hiring] need someone to optimize my new server for vBulletin forum
    By ihabhamed in forum Services
    Replies: 0
    Last Post: 20th Apr 2012, 03:45 AM
  3. [Selling] Website Security Scan With Full Report and Information how to fix it.
    By MoWarez in forum Completed Transactions
    Replies: 2
    Last Post: 4th Nov 2011, 11:38 PM
  4. Optimize or Get a new server.. ? Help
    By EvilGenius in forum Technical Help Desk Support
    Replies: 3
    Last Post: 30th Jul 2010, 07:11 AM
  5. HOW TO: Secure and Optimize your VPS
    By Storming in forum Technical and Security Tutorials
    Replies: 9
    Last Post: 25th Nov 2009, 04:11 PM

Tags for this Thread

BE SOCIAL