We would strongly recommend that you subscribe to the blog via RSS to ensure you remain informed about any updates to cxs. If you also have the csf firewall installed on your server, you should also upgrade immediately to the latest version of that application which was also found to have a security vulnerability. This […]

ConfigServer · cpanel · Firewall · security

Dear ConfigServer eXploit Scanner Customer, Due to exceptional circumstances we have taken the decision to email all customers of our cxs application. We will only take this step in such circumstances and would not normally send emails to our customers. We have recently discovered several security vulnerabilities in the cxs quarantine procedure and would like […]

ConfigServer · cpanel · eXploit · Scanner · security

Using mod_security on your server will stop a lot of attacks against web site. I can suggest you to install it , if you have an option to install it

cpanel · joomla · modsecuirty · secure

Another useful tip I can write here is using your administrator directory password protect your Joomla!. You can do this under an Apache web server using a .htaccess file . This can be done with cpnale easyly. By password protecting the /administror directory you will have to enter a username and password prior to reaching the […]

apache · cpanel · htaccess · joomla · security

Maildir format adds extra security and speed to your mail system. Newer installs use maildir by default. If you’re running an older copy of cPanel, you’ll probably want to upgrade using /scripts/convert2maildir. Make sure to back up your current mail before converting to maildir, this can be done within /scripts/convert2maildir. If you see maildir is […]

cpanel · mail · maildir · ssh · whm

We recommend that you use a separate partition for /tmp that is mounted with nosetuid. Nosetuid will force a process to run with the privileges of it’s executor. You may also wish to mount /tmp with noexec after installing cPanel. Check the mount man page for more information. Also, Running /scripts/securetmp will mount your /tmp […]

/tmp · cpanel · noexec · partition · secure · ssh · temporary · whm

Enable public key authentication for SSH and disable password authentication. Move SSH access to a different port. People are looking for port 22 as a possible way to access your servers. Moving SSH to a different port will add a simple way to deter those without specific knowledge of your server from easily discovering your […]

22 · cpanel · port · secure · ssh · whm

Insecure passwords are the most common security vulnerability for most servers. If an account password is insecure and is compromised, client sites can be defaced, infected, or used to spread viruses. Having secure passwords is paramount to having a secure server. You can edit /etc/login.defs to configure many password options on your system. It is […]

cpanel · cracker · JTR · login · passwords · secure