Forum


tmzVPS Official Community Forum

Guide to hardening WHM/Cpanel

Discussion in 'Suggestions' started by cowboy Mike, Feb 8, 2013.

  1. cowboy Mike

    cowboy Mike New Member

    Joined:
    Oct 2, 2012
    Messages:
    6
    Likes Received:
    0
    Howdy,
    I would like to see a guide that takes a person through the steps to further harden WHM after tmz has turned it over to us. I am new to this and have spent quite a bit of time trying to navigate these waters in WHM.

    However, because I am inexperienced its difficult to know which boxes to check and which ones not to check. I am the only one on the server so for me it should be relatively straight forward and easy but I am overwhelmed by all the choices. And there are a ton of them!

    For example, do I move the ssh port? Do I disable ssh? Do I disable password authentication? What should the cphulk brute force setting be? Should I run Quick Security Scan? Should I uninstall Frontpage extensions if they would be used? Is it ok to upgrade CSF?Didnt know ne was available just happened to see it. I wasnt notified.

    Anyways you probably get my drift. :)

    It would be nice to have some guidelines and recommendations from tmz vps. ;)
     
  2. Kyle Cannon

    Kyle Cannon Member

    Joined:
    Aug 20, 2012
    Messages:
    30
    Likes Received:
    10
    Hello cowboy Mike,

    That's a great request, I'll add this to my to-do list and talk it over with our team. I'll update you here after I've received more information.
     
  3. cowboy Mike

    cowboy Mike New Member

    Joined:
    Oct 2, 2012
    Messages:
    6
    Likes Received:
    0
    Howdy,
    I am reposting this to correct some misspells with the hope tmzvps will address this subject.

    I would like to see a guide that takes a person through the steps to further harden WHM after tmzvps has turned it over to us. I am new to this and have spent quite a bit of time trying to navigate these waters in WHM.

    However, because I am inexperienced its difficult to know which boxes to check and which ones not to check.

    I am the only one on the server so for me it should be relatively straight forward and easy but I am overwhelmed by all the choices. And there are a ton of them!

    For example:
    Do I move the ssh port?
    Do I disable ssh?
    Do I disable password authentication?
    What should the cphulk brute force settings be?
    Should I run Quick Security Scan?
    Should I uninstall Frontpage extensions if they wouldn't be used?
    Is it ok to upgrade CSF? Didnt know it was available just happened to see it. I wasnt notified.

    Anyways you probably get my drift. :)

    It would be nice to have some guidelines and recommendations from tmz vps. ;)
    Happy trails, Mike
     
  4. Daniel

    Daniel Administrator Staff Member

    Joined:
    Jan 20, 2012
    Messages:
    155
    Likes Received:
    26
    Hello Mike,

    I have put this on our TO-DO list. We will hopefully have one within the next 2 weeks.

    Thanks,
    Dan
     
  5. cowboy Mike

    cowboy Mike New Member

    Joined:
    Oct 2, 2012
    Messages:
    6
    Likes Received:
    0
    Sure would be nice to get this.
     

Share This Page