We all are having good awareness of server security. Its on going process and we have to harden it as much as we can.
For that, we install cloudlinux, Maldet/ClamAV antivirus, CSF, CpHulk. We configure software and hardware firewall on the cPanel server.
We try to update the OS and other thrid party applications. There are lots of security majors which we have to try to implement.
On shared Cpanel server, we have to perform daily/weekly/monthly security audit to avoid malware / sql injections / cross site scripting and a lot more. But till there are lots of chances to compromise admin panel or database access details through PHPshell.
If you want to catch the malware on the fly, use ConfigServer eXploit Scanner (cxs). Its really helpful for shared hosting server.
Following script will help you to secure your database config files on shared server. It will add one more step to secure your servers. It will set perm 600(rw——-) to all user’s database config file. The files will be, wordpress config file / WHMCS config file / joomla config file etc.
Here is the bash script,
cut -f1 -d: /etc/trueuserowners | while read acctName; do awk -F: ‘$1==”‘”${acctName}”‘”{print $6}’ /etc/passwd; done | while read acctHome; do sed -n -r -e “/^[ \t]*DocumentRoot[ \t]+[‘\”]?${acctHome//\//\\/}/s@[ \t]*DocumentRoot[ \t]+[‘\”]?(.*)[‘\”]?\$@\1@p” /usr/local/apache/conf/httpd.conf | sort | uniq; done | while read baseDir; do
for PTH in account/configuration.php admin/conf.php admin/config.php amember/config.inc.php billing/configuration.php billing/whmcs/configuration.php billings/configuration.php blog/configuration.php blog/wp-config.php cc/includes/config.php client/configuration.php clientes/configuration.php clients/configuration.php config.inc.php config.php configuration.php conf_global.php connect.php forum/includes/config.php include/config.php include/db.php includes/config.php includes/functions.php joomla/configuration.php manage/configuration.php members/configuration.php mk_conf.php my/configuration.php myshop/configuration.php order/configuration.php secure/configuration.php services/configuration.php settings.php submitticket.php support/configuration.php vb/includes/config.php whm/configuration.php whmc/configuration.php whmcs/configuration.php wp-config.php; do
chmod -fc go-rwx “${baseDir}/${PTH}”
done
done
Sample result,
Ah, the joys of building a website! Picture this: You're sitting there in your pajamas, coffee in hand, ready to…
Are you feeling like your website is running in slow motion? It can be frustrating when your online presence doesn't…
Are you ready to take your online store to the next level? Whether you're running a PrestaShop or OpenCart platform,…
Picture this: your website is like a fabulous party happening in the darkest corner of the internet, but nobody's showing…
Picture this: Your WordPress site is like that one friend who's always fashionably late to everything. You know, the one…
![](data:image/svg+xml;charset=utf-8,<svg height="135px" width="1013px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="100px" width="750px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="96px" width="96px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)