Few Tweaks to Secure server through cPanel/WHM

[WHUKSam]

These are items inside of WHM/Cpanel that should be changed to secure your server.

# Server Setup =>> Tweak Settings

Check the following items:

Under Domains

Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)

Under Mail

Attempt to prevent pop3 connection floods

Default catch-all/default address behavior for new accounts - fail

# Goto Server Setup =>> Manage Wheel Group Users

Remove all users except for root and your main account from the wheel group.

When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.

# Go to Service Configuration =>> FTP Configuration

Disable Anonymous FTP

# Goto Account Functions =>> Manage Shell Access

Disable Shell Access for all users

# Goto Mysql =>> MySQL Root Password

Change root password for MySQL

Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans:

/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod


Regards,
Sam