Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
server-administration:securing-cpanel [2010-02-13 01:02:14]
garrett.plasky 		server-administration:securing-cpanel [2010-02-13 01:05:12]
garrett.plasky
Line 1: Line 1:
 ======Securing cPanel After Install====== ======Securing cPanel After Install======
  
-This guide is intended to give some basic steps on securing cPanel after the initial installation.+This guide is intended to give some basic steps on securing cPanel after the initial installation. Please see our [[cpanel:installation-guide#post-installation-configuration|Initial Setup Guide]] if you have not already completed it.
  
 =====Tweak Settings===== =====Tweak Settings=====
Line 19: Line 19:
 Under Main >> Service Configuration >> Apache Configuration >> Global Configuration, perform the following: Under Main >> Service Configuration >> Apache Configuration >> Global Configuration, perform the following:
  
-  * **SSLCipherSuite**ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP +  * **SSLCipherSuite:** ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP 
-  * **TraceEnable**Off +  * **TraceEnable:** Off 
-  * **ServerSignature**Off +  * **ServerSignature:** Off 
-  * **ServerTokens**Product Only +  * **ServerTokens:** Product Only 
-  * **FileETag**None +  * **FileETag:** None 
-  * **MaxRequestsPerChild**1000 +  * **MaxRequestsPerChild:** 1000 
  
 Also under Apache Configuration, use //Modify Apache Memory Usage// to manage child process memory handling. Also under Apache Configuration, use //Modify Apache Memory Usage// to manage child process memory handling.
Line 42: Line 42:
 Found under Main >> Service Configuration >> FTP Server Configuration: Found under Main >> Service Configuration >> FTP Server Configuration:
  
-  * **Allow Anonymous Logins**No +  * **Allow Anonymous Logins:** No 
-  * **Allow Anonymous Uploads**No +  * **Allow Anonymous Uploads:** No 
-  * **Allow Logins with Root Password**No+  * **Allow Logins with Root Password:** No
  
 =====Miscellaneous Tweaks===== =====Miscellaneous Tweaks=====
Line 52: Line 52:
  
 =====Final Notes===== =====Final Notes=====
-We also recommend installing a firewall and bruteforce detection mechanism such as the free firewall [[www.configserver.com/csf/|CSF]]. Other options include [[http://www.rfxn.com/projects/advanced-policy-firewall/|APF]]+[[http://www.rfxn.com/projects/brute-force-detection/|BFD]], or custom iptables rulesets.+We also recommend installing a firewall and bruteforce detection mechanism such as the free firewall [[http://www.configserver.com/cp/csf.html|CSF]]. Other options include [[http://www.rfxn.com/projects/advanced-policy-firewall/|APF]]+[[http://www.rfxn.com/projects/brute-force-detection/|BFD]], or custom iptables rulesets.
  
 {{tag>how-to administration suphp}} {{tag>how-to administration suphp}}