Blog Header Banner

Archive for the ‘csf firewall’ tag

Securing cPanel   no comments

Posted at Jun 20, 2017 @ 10:20am Web hosting

Securing cPanel

cPanel is one of the most popular web hosting control panels available today. With it’s user-friendly graphical interface and robust server automation tools, cPanel is designed to make web hosting as simple as possible. However, like many other popular applications, it can be vulnerable to potential security problems. To prevent your website from falling victim to hackers and malware, it is critical that you manage and routinely check your server’s cPanel security settings.

 

SSH

SSH or Secure Shell, is a common way users access their server or website remotely. Unfortunately, it also provides an entry point for hackers. Data sent through SSH is authenticated and encrypted to prevent outside manipulation, so malicious users can’t touch it unless they break through your security measures. The default port of 22 is the most common setting for SSH access. Changing it to another available port and implementing a security key for logins minimizes the risk of being hacked. Switch the settings from SSH1 to SSH2 for additional protection.

 

Firewall

A firewall lets users access cPanel while keeping unauthorized individuals out. ConfigServer Security and Firewall or CSF, is one of the most popular firewalls for cPanel. It scans the system on a regular basis and checks authentication logs to keep your site safe from hackers at all times. CSF also provides feedback on how to make your server more secure overall.

 

Brute Force Protection

Although a firewall can prevent hackers from gaining access to a website or server, it won’t stop them from trying to log in. Brute force protection is a feature of cPanel used to block IP addresses after multiple failed login attempts. Found under the ‘Security Center’ section, this option is easy to enable and customize. Use the IP Deny Manager to manually input IP addresses known to be malicious so that they’re never allowed to log on. You can customize the brute force option, known as cPHulk, by setting how many minutes the tool monitors for repeated logins, the maximum number of failed logins allowed and how long each IP ban stays in place.

 

Passwords

From your admin cPanel login to individual email accounts, every access point needs a strong, secure password. Longer passwords allow for more complex combinations of numbers, symbols and upper- and lower-case letters. Use a different password for accessing cPanel, FTP, email management and other secure areas, making sure none of them contain obvious information such as phone numbers or birthdays. If you have trouble coming up with enough different combinations, try an online password generator.

 

Automatic Updates

One of the easiest ways to keep cPanel secure is to enable automatic updates. Old versions of software, including cPanel, may contain security vulnerabilities hackers can use to access your server. Automatic updates ensure you’re always running the latest version of cPanel with any associated security patches and bug fixes. Go back and check once and a while to confirm updates are running as they should. If not, update manually and contact your web host to find out why the setting isn’t working.

 

Additional Settings to ‘Tweak’

While you’re taking care of the larger security issues in cPanel, make sure you don’t neglect less common settings. Open ‘Tweak Settings’ under Server Configuration to access an entire list of other possible security measures. With this checklist, you can:

• Help prevent the sending of unauthorized emails, including spam
• Shut down potential email attacks
• Block malicious referrals or redirects from hijacking your site
• Stop the generation of proxy domains
• Require IP validation for cookies
• Set up an additional security token for cPanel access

Enabling these additional cPanel security settings helps address any remaining vulnerabilities and keep hackers at bay. But, for those of you who feel there’s just not enough time in your day to employ these security measures, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions that include Server Hardening. We’ll take care of securing and protecting your server and cPanel so you can focus on running your business.

For more information, visit https://turnkeyinternet.net/managed/

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on June 20th, 2017

Tagged with , , , , ,

How to Setup a Firewall on your Cloud Server – CSF / CPanel, and more!   no comments

Posted at Feb 21, 2015 @ 12:02pm cloud security

firewallI have a question for you. Does your server have a firewall running on your server? For those who do know what a firewall is, let’s go to our good friend Wikipedia:

‘In computing, a firewall is a network security system that controls the
incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is assumed not to be secure and trusted.’

As avid readers of the blog know, I like to ground these ideas with every day analogies. You can think of a firewall like a door to your home. When the door is opened, people can walk directly into your house. Should you want to keep people out, you close and lock the door. This is the way a firewall works on a server. You place the firewall onto your server to keep intruders from the internet from accessing your data.

Firewalls can be either hardware or software based. If you go with a hardware based firewall, the firewall is connected to your switch that allows for traffic to be filtered upon a rule set you determine. You would use a hardware based firewall if you had a dedicated server. A software based firewall is installed within your server. It still blocks traffic based off rule sets you create, but it just does it from within the server and not out in front like a hardware based firewall.

For the rest of this article, I will provide you the steps to install CSF, which is short for ConfigServer Security and Firewall. This firewall is supported across many different Operating Sytems, RedHat Enterprise, Centos, CloudLinx, Fedore, Virtuozzo, VMWare, to name a few. You can read more about the supporeted systems here: http://configserver.com/cp/csf.html

This firewall can be installed with the following steps on your Linux based server:

mkdir /usr/local/src <– Creates the directory to install CSF

cd /usr/local/src <– Changes your location on the server to the newly created directory

wget http://www.configserver.com/free/csf.tgz <– downloads the CSF software to your server

tar xfz csf.tgz <– Extracts the software
cd csf <– Changes your location on the server to the CSF directory

./install.sh <– Installs the CSF firewall

CSF, when installed, and configured properly, places a preset list of rules onto your server. These rules can be configured directly within the csf.conf file or the csf configuration file. If you have a cPanel based server,  you want to ensure that you have the following ports opened for inbound and outbound:

# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,143,443,465,587,993,995,2078,2082,2083,2086,2087,2095,2096”

# Allow outgoing TCP ports
TCP_OUT =”20,21,22,25,37,43,53,80,110,113,443,465,587,873,995,1167,2086,2087,2089 ”

Those ports cover most of the ports you will need for your cPanel or non-cPanel server to function. You can read more about ports and their functions here: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Once you do that, you may want to limit the amount of connections each user can make to your server. This can be set by changing CT_Limit in your csf.conf to the number of connections you want each user to be able to make. For example, CT_Limit = “150” will only allow each user to make 150 connections to your server.

You may also want to remove port 22 from TCP_IN along with setting your SSHD_config file to do only public_key authentication. Why would you do this? This will lock down your server from the outside and only allow people who have SSH keys installed into your server to gain access using SSH.

CSF can be configured in a multitude of ways to add another layer of security to your server. I highly recommend going to http://configserver.com/cp/csf.html and using the forums to learn more about the many features of CSF and how tweaking the settings can help ensure you’re providing a stable, safe and secure server environment

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by Jeremy on February 21st, 2015

Tagged with , , , , , ,