cPanel Linux server security practices
Everyone knows it is easy to have their servers attacked, or harmed by a malware attack, a DDoS attack or other security threats.
Now the question is, how can we avoid attacks targeted at Linux VPS and Servers?
Let us guide you with some basic practices to keep your server secure and defend against unknown security threats..
Check out some of the important practices:
1) Check cPanel version – As always, you are encouraged to check the cPanel version you are currently using. There are 3 ways to check it:
a) Access SSH and use cPanel command: /usr/local/cpanel/cpanel -V
b) Other than accessing using command, you can access SSH and view the version file to know your cPanel version: cat /usr/local/cpanel/version
c) Access WHM and view the version of cPanel via the WHM Dashboard.
2) Check if “Auto-Update” is enabled – Enable “Automatic” so that you can always get the latest updates. Simply follow the below sequence to enable it.
Log in WHM > Update Preferences > Daily Updates > Automatic
3) Install additional security features/plugins to protect your VPS/Server.
CloudLinux essentially creates a virtual environment for each individual account and protect your server environment from symlink attack.
For the installation steps, please refer HERE:
Also, you can install CageFS (Part of CloudLinux) for additional protection.
CageFS allows the availability of safe only binaries to users while restricting users to see server configuration files.
For installation steps, please refer HERE
***CageFS will automatically detect and configure all necessary files for cPanel.
Imunify360 offers a security suite that protects servers against a wide range of attacks. It integrates with cPanel & WHM, and provides reports to the system administrator on the server’s status.
Installation steps, please refer HERE
c) Run Security Advisor to verify your current environment
This is a new feature provided by cPanel recently. It helps to verify and advise which application you should turn ON or OFF .
Login WHM >> Home >> Security Center >> Security Advisor
**As this is a new feature recently provided by cPanel, feel free to refer HERE for the official advice.
** Otherwise, contact your hosting support if you need any assistance on running Security Advisor.
4) Check your OS
Check the OS version that you are currently running. Remember cPanel CentOS 6 will reach end of support soon, and you should prepare to switch over to CentOS 7.
We encourage you to migrate to a server that runs on CentOS 7 before November 30, 2020.
For further assistance, please contact your Hosting Customer Service Team. Cheers!