jnicol
New Member
Hi all,
I am new to VPS hosting, and after doing my initial WHM and server configuration I have a few questions for the community, to ensure I'm following best practices and not overlooking anything important.
Apologies for cramming so many questions into one post - I thought it would be better than flooding the forum with multiple threads.
WHM and OS updates
What is the best practice for upgrading the VPS operating system and WHM? I think that by default WHM and cPanel auto-update themselves - is this correct?
Security
What are some best practices for securing my VPS? Here's what I've done already:
- Created a new unix user with a strong password, added it to the wheel group and gave wheel users sudo. This is the user I'll be using to ssh to the VPS.
- Disabled password login for root user
- Changed root password to something strong
- Enabled cPHulk brute force protection in WHM
- Change PHP handler to suPHP
- Enabled SMTP restrictions
- Enabled PHP open_basedir
I'll be using my VPS for hosting my personal sites, and a small number of client sites (I'm a web designer/developer). Are there any other tweaks I should make to harden the server security?
Firewall
I notice that ConfigServer Security & Firewall plugin is installed. Is there anything special I need to configure here? Is the firewall a set-and-forget kind of thing, or do I need to keep an eye on it for e.g. system diagnostics and security?
mod_security
Should I enable mod_security? I have memories of running into problems with shared hosts where mod_security was running, which makes me wary.
That's enough for now I think! Thanks to anyone who can give me some tips on these points.
I am new to VPS hosting, and after doing my initial WHM and server configuration I have a few questions for the community, to ensure I'm following best practices and not overlooking anything important.
Apologies for cramming so many questions into one post - I thought it would be better than flooding the forum with multiple threads.
WHM and OS updates
What is the best practice for upgrading the VPS operating system and WHM? I think that by default WHM and cPanel auto-update themselves - is this correct?
Security
What are some best practices for securing my VPS? Here's what I've done already:
- Created a new unix user with a strong password, added it to the wheel group and gave wheel users sudo. This is the user I'll be using to ssh to the VPS.
- Disabled password login for root user
- Changed root password to something strong
- Enabled cPHulk brute force protection in WHM
- Change PHP handler to suPHP
- Enabled SMTP restrictions
- Enabled PHP open_basedir
I'll be using my VPS for hosting my personal sites, and a small number of client sites (I'm a web designer/developer). Are there any other tweaks I should make to harden the server security?
Firewall
I notice that ConfigServer Security & Firewall plugin is installed. Is there anything special I need to configure here? Is the firewall a set-and-forget kind of thing, or do I need to keep an eye on it for e.g. system diagnostics and security?
mod_security
Should I enable mod_security? I have memories of running into problems with shared hosts where mod_security was running, which makes me wary.
That's enough for now I think! Thanks to anyone who can give me some tips on these points.