WHM Security Adviser suggestions

Discussion in 'Security' started by oldtalltree, Dec 24, 2014.

  1. oldtalltree

    oldtalltree New Member

    Hey guys,

    When I run the WHM security adviser, I get the following vulnerabilities:

    1.) Apache vhosts are not segmented or chroot()ed.
    2.) No symlink protection detected.
    3.) Frontpage is installed.
    4.) SSH direct root logins are permitted.

    Is it safe to ignore these warnings? If not, how do I rectify these?

    And one more thing, whenever I SSH to root, I get connection time out. I have configured SSH keys and use putty to login but not able to.

    Thank you!
     
    Last edited: Dec 24, 2014
  2. KH-DanielP

    KH-DanielP KH-COO Staff Member

    Howdy Sir.

    1) Chrooting the vhosts can be a good thing, but they also add in a ton of mount points which do consume resources to manage those mount points. As long as your running mod_ruid2, suphp or fastcgi which causes php processes to be executed under the user this provides adequate protection.

    2) There is a module in EasyApache that can be compiled in to add some additional symlink protection, aside from adding another module to apache there's no real downside to this.

    3) I'd say if your not using FrontPage go ahead and uinstall it. This can easily be done via WHM and cPanel has dropped official support for FrontPage now so I'd advise on its removal.

    4) You can go to either keys or root logins. I prefer a mix including using the firewall to simply restrict the IP addresses who can login to SSH. (Make sure to include our support addresses if you do this).

    Much easier to deny all except X,Y & Z if you have a static IP or VPN to do this with.

    All in all none of those are major points but all good to cover none the less.
     
  3. KH-DanielP

    KH-DanielP KH-COO Staff Member

    Missed your last question.

    As far as the connection timing out, make sure your using port 2200 and not port 22, since we change the default port. Otherwise feel free to open a ticket with our support department and we can check the logs to hunt for any errors.
     

Share This Page