Step by step securing WHM/Cpanel

· 1 min read

In this tutorial I will explain step by step for securing the WHM/CPanel server.
1. Login to the server using Putty or Bitvise Tunnelier
2. Install the CSF / ConfigServerFirewall Plugin for WHM/Cpanel :

# wget
# tar -xzf csf.tgz
# cd csf
# sh

3. Editing the CSF Configuration, from the menu Plugins – ConfigServer Security & Firewall – Firewall Configuration :

TCP_IN = add the port that you will use for the ssh connection
TCP_OUT = add the port that you will use for the ssh conenction
UDP_IN = add the port that you will use for the ssh conenction
UDP_OUT = add the port that you will use for the ssh conenction
Then click Change at the bottom page, and click Restart CSF and LFD

4. Checking the server security from the menu Plugins – ConfigServer Security & Firewall – Check Server Security
5. Securing /tmp :

# mv /var/tmp /var/tmp.old
# ln -s /tmp /var/tmp
# nano /etc/fstab
Under the existing line, add the following :
none /tmp tmpfs nodev,nosuid,noexec 0 0
# reboot

6. Editing KLOGD :

# nano -c /etc/init.d/syslog

At line 41 or 42, edit or uncomment the following :

passed klogd skipped #daemon klogd $KLOGD_OPTIONS

so it would be :

#passed klogd skipped
daemon klogd $KLOGD_OPTIONS

Restart the syslog :

# /etc/init.s/syslog restart

7. Moving default ssh port :

# nano /etc/ssh/sshd_config
Add the port you have opened in the CSF, for example :
#Port 22
Port 19812

Save the editing by pressing Ctrl O
Exit from nano by pressing Ctrl X

8. Logout from the ssh
9. Go to WHM/Cpanel menu Restart Services – SSH Server(OpenSSH)
10. Disable xfs service :

# service xfs stop
# chkconfig xfs off

11. Disable gpm service :

# service gpm stop
#chkconfig gpm off

12. Disable avahi-daemon :

# service avahi-daemon stop
# chkconfig avahi-daemon off

13. Disable saslauthd :

# service saslauthd stop
# chkconfig saslauthd off

14. Re-run CSF Check Server Security. You should have less point in red mark now.
Enjoy your more secured WHM/Cpanel server