Check server security by using WHM.
Most of the people not having enough time to check the server security by using Shell.In that case first login into WHM and follow the following steps one by one to check the server security.
Check WHM >> Server Configuration >> Tweak Settings and disable the following options
Then goto WHM >> Security >> Manage Wheel Group UsersPrevent users from parking/adding on common internet domains. (i.e. hotmail.com, aol.com)
Allow cPanel users to reset their password via email
Default catch-all/default address behavior for new accounts - fail
Remove all the users present in the "Manage Wheel Group Users" section except the root and your account from the wheel group.
Select WHM >> Service Configuration >> FTP Configuration
Select WHM >> Account Functions >> Manage Shell AccessAnd Disable Anonymous FTP
Select WHM >> SQL Services >> MySQL Root PasswordDisable the Shell Access for all the users if there is no necessary need to enable it.
Then change the root password for MySQL
Once in a week run Quick Security Scan and Scan for Trojan Horses from your WHM >> Security
The last and most important security for your server is server while you are creating any new reseller account.
Select WHM >> Resellers >> Reseller Center
Disable the "Allow Creation of Packages with Shell Access" and always enable "Prevent Accounts from being created with shell access" it will not allow third party to access your server without your permission.
Reply With Quote
Bookmarks