Welcome to cPanelConfig the fastest growing cPanel configuration and troubleshooting guide on the internet. Please take the time and register. We would love to have your contribution to this completely free cPanel resource. We are updating this daily so be sure to visit us on a regular basis.
It is something that is quite old in the Linux community but be advised that linux kernels 2.6.17 to 2.6.24.1 are vulnerable to a local root exploit. I still see a lot of servers that are vulnerable.
At this time it is recommended that you upgrade your kernel to the latest version available for your [...]
If you are running a cPanel server for shared hosting the chances are that you already had a problem or two with compromised scripts that are running from a user home directory and that are hacking others servers or sending spam.
I will try to tell you a few tricks over a series of tutorials [...]
cPanel has issued an important security alert. Please read it fully:
An arbitrary file inclusion vulnerability has been discovered in the Horde webmail application. At present, we can confirm that this security vulnerability in question affects Horde 3.1.6 and earlier. Based on incomplete information at this time, we also believe this affects Horde [...]
Most of you are aware of the recent exploit that has hit the Linux work, but for those of your that aren’t I’ll be posting a quote from an announcement from cPanel.com. Please note that I don’t totally agree with them on this for now.
A server compromise trend has been recently reported targeting multiple hosting [...]
If you are seeing many “? ..reading..” when your are clicking on Apache status in WHM and your Apache server is slow, there is a chance that your http server is under a dos attach.
You can check this out by:
Log on your server as root
Type the fallowing command
netstat -plan|grep :80|awk {’print $5′}|cut -d: [...]
What is Rootkit Hunter ?
Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and [...]
wget is one of the largest threats for your server security. A single abuser that gains access to wget can download and run any script that he wants, totally compromising your server.
It is highly recommended that you allow only root to use wget and you restrict all other users from it.
Login to your server as [...]
What is DOS-Deflate?
(D)DoS Deflate is a shell script developed by Zaf, originally for use on MediaLayer servers to assist in combating denial of service attacks. However, it was seen to be very effective for our purpose, and therefore was released as a contribution to the web hosting community. (D)DoS Deflate is now used by not [...]
What is chkrootkit?
chkrootkit is a tool to locally check for signs of a rootkit. It
contains:
* chkrootkit: a shell script that checks system binaries for
rootkit modification.
* ifpromisc.c: checks if the network interface is in promiscuous
mode.
* chklastlog.c: checks for lastlog deletions.
* chkwtmp.c: checks for wtmp deletions.
* check_wtmpx.c: checks for wtmpx deletions. (Solaris only)
* chkproc.c: checks [...]
Note: This article is based on a Layeredtech knowledgebase article https://support.layeredtech.com/home/index.php?x=&mod_id=2&id=101
We do not guaranty that the following steps will make your server hack proof, but it will greatly reduce your chances of compromise.
Basic Steps to Securing CPanel (Linux based OS):
These are items inside of WHM/Cpanel that should be changed to secure your server.
Goto Server Setup [...]
