Use secure SSH Keys<\/h4>\n
Change the way of login to your servers shell from passwords to SSH keys. SSH keys are more secure and require a special pass phrase to be used. To generate an SSH key login to\u00a0WHM<\/strong>\u00a0>\u00a0Security Center<\/strong>Section >\u00a0Manage root\u2019s SSH Keys<\/strong>.<\/p>\n Click on\u00a0Generate a New Key<\/strong>, enter the key name and your secure password twice.<\/p>\n <\/p>\n Try to move your ssh to a different port to deter anyone without any specific knowledge of your server from easily discovering your ssh port. Most visitors search on port 22 which is the default ssh port.<\/p>\n Always use custom port since these are privilege ports and only root can use them.<\/p>\n <\/p>\n CPHUlk \u00a0a service that protects your server from brute force attacks. A brute force attack is a hacking method that uses an automated system to guess the password to your web server or services.<\/p>\n When CPHulk blocks an attack it shows in the login page that the \u2018login is invalid<\/strong>\u2018. To avoid getting locked out of your own server, add your ip address to the whitelist.<\/p>\n You can access CPHulk thru\u00a0WHM<\/strong>\u00a0>\u00a0Security Center<\/strong>\u00a0section >\u00a0cPHulk Brute Force Protection<\/strong>.<\/p>\n <\/p>\n <\/p>\n Any service or daemon that allows connections to your server may also allow hackers to gain access. To reduce security risks, disable all services and daemons that you do not use.<\/p>\n Disable any services that are not in use in WHM\u2019s Service Manager interface<\/p>\n (Home<\/strong>\u00a0>>\u00a0Service Configuration<\/strong>\u00a0>>\u00a0Service Manager<\/strong>).<\/p>\n <\/p>\n The most readily-available way to access a web server is the web server application. You must secure your Apache installation.<\/p>\n One of the best tools that you can use to prevent malicious Apache use is ModSecurity\u2122.<\/p>\n In cPanel & WHM version 64.0 and later, you can use the following interfaces to manage ModSecurity:<\/p>\n <\/p>\n <\/p>\n If your PC is connected to the Internet, you are a potential target to an array of cyber threats, such as hackers, keyloggers, and Trojans that attack through unpatched security holes. This means that if you, like most people shop and bank online, are vulnerable to identity theft and other malicious attacks.<\/p>\n A firewall works as a shield, between your PC and cyber space. When you are connected to the Internet, you are constantly sending and receiving information in small units called packets. The firewall filters these packets to see if they meet certain criteria set by a series of rules, and thereafter blocks or allows the data. This way, hackers cannot get inside and steal information such as bank account numbers and passwords from you.<\/p>\n Once such firewall you can install for WHM\/cPanel is\u00a0CSF (ConfigServe Firewall)<\/strong>. CSF configures your server\u2019s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites. ConfigServe Firewall also comes with a service called Login Failure Daemon, or LFD.<\/p>\n Now,\u00a0Login to your WHM and you will now see a CSF configuration page in the\u00a0Plugins<\/strong>\u00a0section.<\/p>\n <\/p>\n We recommend that you use a separate\u00a0\/tmp<\/em>\u00a0partition that you mount with the nosuid option. This option forces a process to run with the privileges of its executor. You may also wish to mount the\u00a0\/tmp<\/em>directory with noexec after you install cPanel & WHM.<\/p>\n To mount your\u00a0\/tmp<\/em>\u00a0partition to a temporary file for extra security you will have to run:<\/p>\n <\/p>\n <\/p>\n Note:<\/strong>\u00a0make sure that disk space is enough for the partitions. 8GB minimumfor\u00a0\/usr<\/em>\u00a0and 16GB for\u00a0\/var<\/em>\u00a0is recommended.<\/p>\n <\/p>\n Most users do not require the use of C and C++ compilers. We strongly recommend that you disable compilers for all users who are not in the compilers group in the\u00a0\/etc\/group<\/em>\u00a0file. Many pre-packaged exploits require functional compilers.<\/p>\n To disable compilers from the WHM interface, use WHM\u2019s Compiler Access interface<\/p>\n (Home >> Security Center >> Compiler Access).<\/strong><\/p>\n <\/p>\n <\/p>\n You can also disable compilers from the command line, run the following command as the root user<\/p>\n <\/p>\n Use Secure Passwords Insecure passwords are one common security vulnerability. If an account password is insecure and compromised client sites can be defaced, hacked and valuable data can be stolen. Always change your password as often as possible. Here are more tips to making a secure password. Passwords should be alphanumeric and grammatical. Passwords should…<\/p>\n","protected":false},"author":1,"featured_media":905,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"categories":[23],"tags":[],"class_list":["post-895","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general"],"jetpack_featured_media_url":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-content\/uploads\/2017\/10\/securecPanel.jpg","_links":{"self":[{"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/posts\/895"}],"collection":[{"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/comments?post=895"}],"version-history":[{"count":3,"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/posts\/895\/revisions"}],"predecessor-version":[{"id":904,"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/posts\/895\/revisions\/904"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/media\/905"}],"wp:attachment":[{"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/media?parent=895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/categories?post=895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newdelhihosting.co.in\/blog\/wp-json\/wp\/v2\/tags?post=895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"https:\/\/www.newdelhihosting.co.in\/blog\/wp-content\/uploads\/2017\/10\/sshkey1.jpg\")
<\/p>\nMove SSH to a Different Port<\/h4>\n
Enable CPHulk Brute Force Protection<\/h4>\n
![\"\"](\"https:\/\/www.newdelhihosting.co.in\/blog\/wp-content\/uploads\/2017\/10\/brut-1024x561.jpg\")
<\/p>\nTurn off unused services and daemons<\/h4>\n
![\"\"](\"https:\/\/www.newdelhihosting.co.in\/blog\/wp-content\/uploads\/2017\/10\/service-1024x529.jpg\")
<\/p>\nSecure your Apache<\/h4>\n
\n
![\"\"](\"https:\/\/www.newdelhihosting.co.in\/blog\/wp-content\/uploads\/2017\/10\/mod-1024x660.jpg\")
<\/p>\nInstall CSF<\/h4>\n
![\"\"](\"https:\/\/www.newdelhihosting.co.in\/blog\/wp-content\/uploads\/2017\/10\/csf-2-1024x522.jpg\")
<\/p>\nHarden your \/tmp partition<\/h4>\n
# \/scripts\/securetmp<\/pre>\n
Disable system compilers<\/h4>\n
![\"\"](\"https:\/\/www.newdelhihosting.co.in\/blog\/wp-content\/uploads\/2017\/10\/compile-1024x349.jpg\")
<\/p>\n# \/scripts\/compilers off<\/pre>\n","protected":false},"excerpt":{"rendered":"