As promised, with this week’s blog entry we’re continuing with the discussion of what the average person can easily and reliably do to improve the security of their website when managing it through cPanel, which is of course what you’ll be doing if your site is hosted by us. Widespread adoption speaks volumes about the quality and practicality of software, and with that understood it’s not surprising to see that you’d have the same cPanel to work with if you were with pretty much every other good Canadian web hosting provider too.
It continues to be a wild and crazy time in the world as the global pandemic keeps reinventing itself, but fortunately the viruses that infect digitally aren’t nearly as readily transmissible as the physiological one that is turning the whole world upside down right now. So if you’re the Average Joe webmaster ensuring your website is serving whatever interest you have in mind for it then maybe that’s some good news mixed into a whole lot of not-so-good nowadays.
Anyways, let’s get to continuing our list shall we, and here’s to hoping you’re all keeping safe.
Set up Mod Security
Experts are always eager to share warnings about Web Application Security. The aim is usually to reach the web application server to control you. It’s for this reason that a Web Application Firewall (WAF) can enhance cPanel security.
Mod Security gets the nod here as the best choice – it’s reputable and open source. It defends reliably against most external attacks - SQL Injection, Webshell / Backdoor Detection, iFrame attacks, Botnet Attack Detection, or HTTP Denial of Service (DoS) Attacks.
Configuration is simple, and is found in the Security Centre of Easy Apache configuration.
It is simple to configure Mod Security. You will get it under the Security Center of Easy Apache configuration. With it you will also have the option to set additional measures to improve the security of your cPanel server.
Scan with RootKit Hunter
RootKit Hunter gets extremely high marks from cPanel experts. It’s among the best UNIX based tools for scanning possible local exploits including rootkits or backdoors. It offers the option of manual or automatic scans, and really why wouldn’t you choose the automatic scan option? It’s also really straightforward to install too.
Scan System with Maldet
Maldet functions to detect Malware on your server, and it’s already a Linux product so you can trust it’ll fit seamlessly here. It takes primary aim at malicious files that are from PHP backdoors and dark mailers.
Setup Cron Job for Running ClamAV
We gave props to ClamAV last week, and running it with Cron is the best choice. A Cron job is a utility program for repeating tasks at a later time. If you’re the type of person who prefers to ‘set it and forget it’ then installing ClamAV in conjunction with a Cron Job setup for regular scans against viruses or malware then this is a good choice.
Disable Apache Header Information
For whatever reason, Apache Header information tends to be more at risk of malicious attacks than other components in the make up of a site. Hiding information from public access is the quickest and most direct fix here, and here’s how to do it:
• Login to your WHM dashboard
• Go to Service Configuration
• Go to Apache Configuration
• Click on Global Configuration
• Choose ‘Keep Off of Server Signature’ and ‘Select Product Only on Server Tokens’
• Disable Apache Header Information
Hide PHP Version Information
Hiding PHP version information is a quick and easy move you can make, and it’s effective because it prevents would-be attackers from being able to make quick decisions about which entryway is going to be best for them.
Equally easy. Here’s how
• Login into WHM
• Go to PHP Configuration Editor under Service Configuration
• Disable ‘expose_php’ options
• Hide PHP Version Information
Disable FTP and go with SFTP Instead
FTP is the well-established standard, but these days using SFTP is increasingly recommended. The primary reason is because FTP does not use encryption. All data is uploaded as plain text and that aids attackers with identifying access to important information – even including login credentials. SFTP is a better choice as it uses encryption for all types of data.
SFTP is known as SSH File Transfer Protocol because it encrypts the data when using. This is what you’ll do:
• Log in to your WHM or cPanel as admin or root user.
• Go to FTP Server Configuration
• Change the option Required (Command) from Encryption Support
Securing cPanel and WHM access
Adding SSL when logging into cPanel or WHM provides a valuable additional safeguard. By forcing HTTPS to use the URL to access the cPanel or WHM, the connection becomes much more secure.
• Log in to your WHM admin panel
• Go to Home and then Server Configuration and then into Settings
• Next go to the Redirection tab to enable SSL to your server. Reference the images and the red marking point to accurately configure it as you like
