How to properly secure WHM and VPS

Rollfic

Elite Member
Dec 13, 2019
1,570
710
First time VPS user here, using DO with cpanel. I saw some plugins like immunify+ but those are paid. Is the paid version necessary? What are some other ways to secure WHM and the VPS from hackers?

Already disabled shell access and enabled shell fork bomb protection in WHM. Should I block the countries in the WHM?

Then this video (not my video) about installing CSF: move to 31:40


is the download.configserver.com/csf.tgz safe to use or potential malware possibility?

What other things to do for fully securing WHM and VPS?


Thanks
 
Last edited:
First time VPS user here, using DO with cpanel. I saw some plugins like immunify+ but those are paid. Is the paid version necessary? What are some other ways to secure WHM and the VPS from hackers?

Already disabled shell access and enabled shell fork bomb protection in WHM. Should I block the countries in the WHM?

Then this video (not my video) about installing CSF: move to 31:40


is the download.configserver.com/csf.tgz safe to use or potential malware possibility?

What other things to do for fully securing WHM and VPS?


Thanks

CSF sure is a great firewall. If you don't want to pay for AV, cPanel comes with ClamAV which does the job.

You may also want to disable compilers and make sure that a PHP script is only executed by the user who owns the file.

The cPanel rarely gets hacked on its own.. so there's no need to overthink that part. Just make sure your websites don't get hacked.
 
CSF sure is a great firewall. If you don't want to pay for AV, cPanel comes with ClamAV which does the job.

You may also want to disable compilers and make sure that a PHP script is only executed by the user who owns the file.

The cPanel rarely gets hacked on its own.. so there's no need to overthink that part. Just make sure your websites don't get hacked.
Alright, along with that I disabled root login of VPS, changed port number of the VPS too. Anything else need to be done for the VPS? And all these things could have been avoided with cloudways right?

Also, actually surprised no one else bothered to help on this thread until Panther replied. There are many high earners in this forum and majority use VPS for their site so they know all this linux stuff but yeah lol
 
Alright, along with that I disabled root login of VPS, changed port number of the VPS too. Anything else need to be done for the VPS? And all these things could have been avoided with cloudways right?

Also, actually surprised no one else bothered to help on this thread until Panther replied. There are many high earners in this forum and majority use VPS for their site so they know all this linux stuff but yeah lol

Changing the SSH port really doesn't secure it. It just wastes a bit of a hacker's time. Disabling root login is a reasonable idea, yes.

And no, it has nothing to do with your hosting provider. A hosting provider doesn't magically prevent your stuff from being hacked or abused. There is a very wrong understanding that one hosting provider is "more secure" than another or that "some providers can't be hacked" or stuff like this, especially when we are talking about VPS. The Cloudways VPS is not better than DigitalOcean's VPS, like Vultr's VPS is not better than AWS VPS etc. It's your responsibility to set up your environment to be as secure as possible.. a hosting provider just provides resources. If you are stupid, then no hosting company can help you.

High earnings don't mean that a person is a certified systems admin. High earnings mean you can afford to hire a professional to manage your stuff.

Keep in mind that in hosting, you get what you pay for.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock