The previous article finished up basic hardening of the operating system. Now that you have a somewhat secure
operating system it is time to secure cPanel as best you can. Adding software like cPanel to a server creates additional ways for an attacker to gain access, but many web hosts add it to help users maintain their own sites. What you are doing is to reduce
the options hackers have in attacking a cPanel host.
You
should disable shell access for all users that don't absolutely need it. This helps limit the damage
done when a hacker manages to exploit a user account. If a user does need shell
access make sure they are using jail shell. The jail shell is a special shell with relatively restricted access to the server. It is not perfect, but if an account using the jail shell is compromised it can help restrict the damage to just that user account instead of the entire server.
To set
the default shell to be the jail shell open the cPanel WHM interface and click on the "tweak settings" link under "Server Configuration" in the left hand column. Look for the "Default shell jailed" option and set it to be "on" by default.
While you are on
the "Tweak Settings" page find the checkbox for "Disable login with
root or reseller password" and check it. Being able to sign into cPanel as root or a reseller is a handy feature. It allows you to work in cPanel as one of your users without knowing their password. Losing this capability is necessary though since it also prevents someone from logging
in via cPanel as root. An attacker attempting to sign into cPanel as root could use a brute force attack to eventually guess the correct root password. Even if they don't manage to guess the correct password, too many failed attempts by an attacker can lock the root user out of cPanel and WHM, effectively locking you out of your own server.
Now that you are done with the changes on the "Tweak Settings" page save them by scrolling to the bottom of the page and clicking the "Save" button. The next article in this series will go over how to secure FTP access.
21 comments:
Thanks for sharing about the cpanel hardening. It'as quite informative for us. Get the Cpanel server management support from the 24x7serversupport.com who is the master company in technical field.
I want to thank the author for such an amazing blog that helped me to understand how Basic cPanel Server Hardening can be done. Cloud PBX Houston offers a wide range of security services.
This is really a good source of information, I will often follow it to know more information and expand my knowledge, I think everyone should know it, thanks. Get more info about cpanel server management
The good intreguing articles keep me coming back here time and time again. thank you so much. web design
Considerably, the particular post is truly the greatest with this deserving subject. To be sure together with your results and also can easily thirstily look forward to Your own potential improvements. Simply just declaring thank you will, no doubt not simply just be sufficient, for your wonderful quality within your writing. I will immediately grab your rss to remain up to date with any kind of updates. Real perform as well as much success inside your company dealings! web design company
Good job on this article! I really like how you presented your facts and how you made it interesting and easy to understand. Thank you. design studios
Thanks so much for sharing all of the awesome info! I am looking forward to checking out more posts! ui/ux
I think one of your ads triggered my internet browser to resize, you might want to put that on your blacklist. development studios
This sort of wanting to come to a difference in her or his lifestyle, initial generally Los angeles Excess weight weightloss scheme is a large running in as it reached that strive. weight loss ui/ux
I don’t even know how I ended up here, but I thought this post was great. I do not know who you are but certainly you are going to a famous blogger if you are not already Cheers! device mockup
I conceive you have noted some very interesting details , regards for the post. ipad psd
I see that you are using WordPress on your blog, wordpress is the best. macbook photoshop
Hello, i just planned to drop that you a line to say that we thoroughly enjoyed this particular post from yours, I have subscribed for your RSS feed and have absolutely skimmed several of your articles or blog posts before but this blog really endured out in my situation. macbook psd
You have observed very interesting points ! ps decent internet site . mobile mockup
Loving the info on this web site , you have done great job on the blog posts. webflow development agency
When I originally commented I clicked the -Notify me when new feedback are added- checkbox and now every time a remark is added I get four emails with the same comment. Is there any approach you’ll be able to remove me from that service? Thanks! webflow agency
Generally I do not read article on blogs, however I wish to say that this write-up very forced me to check out and do so! Your writing taste has been amazed me. Thanks, very great post. webflow development agency
I love your blog.. very nice colors & theme. Did you create this website yourself or did you hire someone to do it for you? Plz answer back as I’m looking to create my own blog and would like to know where u got this from. thanks website development agencies
very nice put up, i definitely love this web site, carry on it web development agency
Hey i’m for the first time here. I came across this board and I find It seriously helpful & it helped me out much. I hope to give something back and aid others as you aided me. apple watch sketch
This is some great information. I expect additional facts like this was distributed across the web today. ui/ux design
Post a Comment