ABHIONLINUX
Site useful for linux administration and web hosting

2009/10/01

Cpanel Hardening

You should configure the following in your WHM (CPanel):

Main >> Server Configuration >> Tweak Settings

[x] Prevent the user ‘nobody’ from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)

[x] Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)

Main >> Security >> Fix Insecure Permissions (Scripts)

Main >> Security >> Tweak Security

“Compilers are disabled for unpriviledge users”

Main >> Service Configuration >> Enable/Disable SuExec

suexec Status “enabled”

Main >> Account Functions >> Disable or Enable Demo Mode

Select from “Users” the “demo” account and click “Modify” then click “Disable” if it exists :)

No comments:

Post a Comment