To update version of openssl
*****************
1.First enter into cpanel server through backend
2.Then run command,
wget https://access.redhat.com/labs/drown/DROWN-test.sh;chmod +x DROWN-test.sh;sh DROWN-test.sh
output---->not vulnerable
3.Otherwise(ie,if vulnerable--->warning)run,
yum update openssl
Install CSF firewall in your server.======rm -fv csf.tgz
********************************************************
cd /usr/src
wget http://www.configserver.com/free/csf.tgz==wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
vi /etc/csf/csf.conf
Change
TESTING = "1"
To,
TESTING = "0"
csf -r Restart csf
2)Enabled apache Mod-security in your server====whm.
3)Disabled unwanted php functions to avoid any php vulnerabilities.====php ini vi /usr/local/lib/php.ini ==(disable_functions)
disable_functions = passthru, shell_exec, escapeshellarg, escapeshellcmd, proc_close, proc_open, ini_alter, popen, show_source, proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid,dl, virtual,exec,system
4) Recompile Apache in your server and enable necessary modules==easy appache
5)Enabled Shell Fork Bomb Protection in your server.==whm
6) Enabled php open_basedir Protection. in your server.=whm
7)Tweaked SMTP security settings
1. Prevent “nobody” from sending mail [?] On
2. Max hourly emails per domain [?] 300
3. Initial default/catch-all forwarder destination [?] set fail
4. Maximum percentage of failed or deferred messages a domain may send per hour [?] 10 %
5.tr Enable BoxTrapper spam ap(tw)
6. Enable SpamAssassin Spam Box delivery for messages marked as spam (user configurable)>>TW
7. SMTP Restrictions . Enable SMTP_BLOCK = "1" in csf
8. Dictionary attack protection enable >>exim(in whm)
9. Rejremote mail sent to the server's hostname [?] Onexim(in whm,in exim)
10. Configure RBL>>
11. Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)? On
12. Scan outgoing messages for malware [?] On=====manage plugins ===>>>> clam av==exim configure(exim)
13. Scan messages for malware from authenticated senders (exiscan). [?] Onexim
14.Tighten /etc/cpanel_exim_system_filter as other server and attribute the file.>>>
8)Apache mod_userdir Tweak enable
Please find the following login credentials.
========================================================================
1. Upgraded cPanel version to latest.=====to see latest vertion of cpanel
>>>>>>>>>To see if you are running the last cPanel version on you Server or VPS, just login as root and run the next command:
>>>>>>>>> # /usr/local/cpanel/cpanel -V
>>>>>>>>>>>If you need to update cPanel user:
>>>>>>>>> # /scripts/upcp
>>>>>>>>>or if you want to force it:
>>>>>>>> # /scripts/upcp --force
2. Enabled php module with running easyapache.
3. Installed csf and configured.
4. Installed Mod Security (vendors)and configured the same. >> https://help.comodo.com/topic-212-1-670-8350-.html
5. Secured /tmp-/scripts/securetmp
6. Enabled cpHulk Protection.
7. Disabled allow_url_fopen.in php
8. Added the following to the disable function.(in php)
/disable_
==================================
passthru, shell_exec, escapeshellarg, escapeshellcmd, proc_close, proc_open, ini_alter, popen, show_source, proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid,dl, virtual,exec,system
==================================
9. Enabled Apache mod_userdir Tweak
show_source, system, shell_exec, passthru, exec, symlink, virtual, popen, proc_open, proc_close, proc_nice,proc_terminate, proc_get_status, pfsockopen, allow_url_fopen, posix_getpwuid, eval, posix_setsid, posix_mkfifo, posix_setpgid, posix_setuid, posix_uname, posix_kill,apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, leak, dl, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code
==========================
Maldet install(maldet)
**************
-cd /opt
-wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
-tar -xvf maldetect-current.tar.gz
-cd maldetect-1.4.2
-./install.sh
==========================
Install clamav
**************
yum install epel-release -y
yum install clamav clamd
Post A Comment:
0 comments: