CloudLinux

Why shared Cpanel server security is major concern?

We all are having good awareness of server security. Its on going process and we have to harden it as much as we can.

For that, we install cloudlinux, Maldet/ClamAV antivirus, CSF, CpHulk. We configure software and hardware firewall on the cPanel server.
We try to update the OS and other thrid party applications. There are lots of security majors which we have to try to implement.

On shared Cpanel server, we have to perform daily/weekly/monthly security audit to avoid malware / sql injections / cross site scripting and a lot more. But till there are lots of chances to compromise admin panel or database access details through PHPshell.

If you want to catch the malware on the fly, use ConfigServer eXploit Scanner (cxs). Its really helpful for shared hosting server.

Following script will help you to secure your database config files on shared server. It will add one more step to secure your servers. It will set perm 600(rw——-) to all user’s database config file. The files will be, wordpress config file / WHMCS config file / joomla config file etc.

Here is the bash script,

cut -f1 -d: /etc/trueuserowners | while read acctName; do awk -F: ‘$1==”‘”${acctName}”‘”{print $6}’ /etc/passwd; done | while read acctHome; do sed -n -r -e “/^[ \t]*DocumentRoot[ \t]+[‘\”]?${acctHome//\//\\/}/s@[ \t]*DocumentRoot[ \t]+[‘\”]?(.*)[‘\”]?\$@\1@p” /usr/local/apache/conf/httpd.conf | sort | uniq; done | while read baseDir; do
for PTH in account/configuration.php admin/conf.php admin/config.php amember/config.inc.php billing/configuration.php billing/whmcs/configuration.php billings/configuration.php blog/configuration.php blog/wp-config.php cc/includes/config.php client/configuration.php clientes/configuration.php clients/configuration.php config.inc.php config.php configuration.php conf_global.php connect.php forum/includes/config.php include/config.php include/db.php includes/config.php includes/functions.php joomla/configuration.php manage/configuration.php members/configuration.php mk_conf.php my/configuration.php myshop/configuration.php order/configuration.php secure/configuration.php services/configuration.php settings.php submitticket.php support/configuration.php vb/includes/config.php whm/configuration.php whmc/configuration.php whmcs/configuration.php wp-config.php; do
chmod -fc go-rwx “${baseDir}/${PTH}”
done
done

Sample result,

 


HR-ADMIN

Recent Posts

AI – Powered Customer Support in Hosting: Chatbots & Virtual Assistants

Customer support has always been the backbone of the web hosting industry. From helping users set up domains to troubleshooting…

2 weeks ago

ChatGPT: Your Ultimate AI Content Generation Tool

Content is the most vital asset for businesses navigating the digital era. But creating high-quality, engaging content consistently can be…

4 weeks ago

Discover Ollama: How It Works, Features & Everything?

Welcome to the exciting world of Ollama, a revolutionary open-source tool that's democratizing access to Large Language Models (LLMs). If…

1 month ago

Connecting to Amazon EC2 via WinSCP (SFTP): A Complete Guide

Managing files on your Amazon EC2 instances can often feel like navigating a complex maze, especially when you prefer a…

2 months ago

How Can I Connect to a Database with MySQL Workbench?

Welcome to the world of database management with MySQL Workbench! If you're new to databases or looking for a powerful,…

2 months ago