We all are having good awareness of server security. Its on going process and we have to harden it as much as we can.
For that, we install cloudlinux, Maldet/ClamAV antivirus, CSF, CpHulk. We configure software and hardware firewall on the cPanel server.
We try to update the OS and other thrid party applications. There are lots of security majors which we have to try to implement.
On shared Cpanel server, we have to perform daily/weekly/monthly security audit to avoid malware / sql injections / cross site scripting and a lot more. But till there are lots of chances to compromise admin panel or database access details through PHPshell.
If you want to catch the malware on the fly, use ConfigServer eXploit Scanner (cxs). Its really helpful for shared hosting server.
Following script will help you to secure your database config files on shared server. It will add one more step to secure your servers. It will set perm 600(rw——-) to all user’s database config file. The files will be, wordpress config file / WHMCS config file / joomla config file etc.
Here is the bash script,
cut -f1 -d: /etc/trueuserowners | while read acctName; do awk -F: ‘$1==”‘”${acctName}”‘”{print $6}’ /etc/passwd; done | while read acctHome; do sed -n -r -e “/^[ \t]*DocumentRoot[ \t]+[‘\”]?${acctHome//\//\\/}/s@[ \t]*DocumentRoot[ \t]+[‘\”]?(.*)[‘\”]?\$@\1@p” /usr/local/apache/conf/httpd.conf | sort | uniq; done | while read baseDir; do
for PTH in account/configuration.php admin/conf.php admin/config.php amember/config.inc.php billing/configuration.php billing/whmcs/configuration.php billings/configuration.php blog/configuration.php blog/wp-config.php cc/includes/config.php client/configuration.php clientes/configuration.php clients/configuration.php config.inc.php config.php configuration.php conf_global.php connect.php forum/includes/config.php include/config.php include/db.php includes/config.php includes/functions.php joomla/configuration.php manage/configuration.php members/configuration.php mk_conf.php my/configuration.php myshop/configuration.php order/configuration.php secure/configuration.php services/configuration.php settings.php submitticket.php support/configuration.php vb/includes/config.php whm/configuration.php whmc/configuration.php whmcs/configuration.php wp-config.php; do
chmod -fc go-rwx “${baseDir}/${PTH}”
done
done
Sample result,
Digital marketing directly impacts revenue, brand positioning, and customer acquisition cost. Choosing the wrong agency can result in wasted budgets,…
The release of WordPress 6.9 introduces meaningful enhancements focused on performance, block editing flexibility, design precision, and long-term scalability. This…
The wp-content/uploads folder is the core storage location for media files in WordPress. Every image, PDF, video, or document uploaded…
Managing access correctly is one of the most important aspects of running a secure and scalable WordPress website. Managing access…
Customer reviews have become one of the most influential factors in modern buying decisions. Before choosing a product, service, or…