Archive for October, 2008
Oct
31
How to Optimize and Secure Your VPS? Part 3
After Securing your VPS for Formail’s let Try how to Secure your VPS in terms of your WHM and cPanel.
You need to change few things in your WHM and cPanel to secure your VPS.
The first thing that you need to do is go to Server Setup >>> Tweak Settings
and check for the following Items Under Domains:
Prevent your users from adding or Parking on Common Internet Domains such as Hotmail, AOL, Google etc.
Then Under Mail check for the following Items:
Try and prevent pop3 connection Floods
Default catch-all/default address behavior for new accounts – blackhole
(As per ELIx this should be set to FAIL, which is what i have done for my VPS)
Then Under System Check for the following:
The default shell access for new and modified accounts ahould be set to Jailshell.
Goto Server Setup >> Tweak Security
Enable php open_basedir Protection
Enable mod_userdir Protection
Disabled Compilers for unprivileged users.
Goto Server Setup >> Manage Wheel Group Users
From the Wheel Group remove all the users except for root and your main account
Goto Server Setup >> Shell Fork Bomb Protection
here enable the Shell Fork Bomb/Memory Protection
If you are going to setup reseller accounts on your VPS, while setting up the Feature Limits for reseller accounts
Resellers >> Reseller Center
Here Under Privileges always disable the option “Allow Creation of Packages with Shell Access” and enable the option “Never allow creation of accounts with shell access” and finally under Root Access “disable All Features.”
Goto Service Configuration >> FTP Configuration
Always Disable Anonymous FTP
Then to disable Shell Access for All other users except for you:
Goto Account Functions >> Manage Shell Access
Then Goto Account Functions >> Manage Shell Access and Change root password for MySQL
Then the final check that you need to perform is to check for “Trojan Horses.” For this Goto Security and run Quick Security Scan and Scan for Trojan Horses often. And let me tell you that following and similar items are not Trojans:
/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod
Bookmark Me
Oct
31
How to Optimize and Secure Your VPS? Part 2
Now to Continue with How to Optimize and Secure a VPS.
Let start with How to check for formmail on a VPS.
What is Formmail?
Formmail is used to send out spam Mail by Hackers and spammers to send out spam mails by injection and relay methods. People who use matts scripts or version of it are more at risk by formail’s.
Now there are various commands for you to find different formmail’s.
To find pesky form mails use the following command:
find / -name “[Ff]orm[mM]ai*”
Now to check for CGIemail which is also at risk:
find / -name “[Cc]giemai*”
Do disable formmail’s use the following command:
chmod a-rwx /path/to/filename
(a-rwx relates to all types, no read, write or execute permissions).
However you need to check who has installed the formmail on your VPS as if someone on your VPs has installed these formails they need to updated thet their scripts have been disabled and they need to find a alternate solution for the same.
Bookmark Me
Howdy. Welcome to VPS Hosting Blog!
Thanks for dropping by! Feel free to join the discussion by leaving comments, and stay updated by subscribing to the RSS feed. See ya around!
