Homepage

Step by step securing WHM/Cpanel

In this tutorial I will explain step by step for securing the WHM/CPanel server.
1. Login to the server using Putty or Bitvise Tunnelier
2. Install the CSF / ConfigServerFirewall Plugin for WHM/Cpanel :

# wget http://www.configserver.com/free/csf.tgz
# tar -xzf csf.tgz
# cd csf
# sh install.sh

3. Editing the CSF Configuration, from the menu Plugins – ConfigServer Security & Firewall – Firewall Configuration :

TESTING = 0
AUTO_UPDATES = 1
TCP_IN = add the port that you will use for the ssh connection
TCP_OUT = add the port that you will use for the ssh conenction
UDP_IN = add the port that you will use for the ssh conenction
UDP_OUT = add the port that you will use for the ssh conenction
LF_SCRIPT_ALERT = 1
PT_ALL_USER = 1
Then click Change at the bottom page, and click Restart CSF and LFD

4. Checking the server security from the menu Plugins – ConfigServer Security & Firewall – Check Server Security
5. Securing /tmp :

# mv /var/tmp /var/tmp.old
# ln -s /tmp /var/tmp
# nano /etc/fstab
Under the existing line, add the following :
none /tmp tmpfs nodev,nosuid,noexec 0 0
# reboot

6. Editing KLOGD :

# nano -c /etc/init.d/syslog

At line 41 or 42, edit or uncomment the following :

passed klogd skipped #daemon klogd $KLOGD_OPTIONS

so it would be :

#passed klogd skipped
daemon klogd $KLOGD_OPTIONS

Restart the syslog :

# /etc/init.s/syslog restart

7. Moving default ssh port :

# nano /etc/ssh/sshd_config
Add the port you have opened in the CSF, for example :
#Port 22
Port 19812

Save the editing by pressing Ctrl O
Exit from nano by pressing Ctrl X

8. Logout from the ssh
9. Go to WHM/Cpanel menu Restart Services – SSH Server(OpenSSH)
10. Disable xfs service :

# service xfs stop
# chkconfig xfs off

11. Disable gpm service :

# service gpm stop
#chkconfig gpm off

12. Disable avahi-daemon :

# service avahi-daemon stop
# chkconfig avahi-daemon off

13. Disable saslauthd :

# service saslauthd stop
# chkconfig saslauthd off

14. Re-run CSF Check Server Security. You should have less point in red mark now.
Enjoy your more secured WHM/Cpanel server

Exit mobile version