Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can anybody suggest how can I secure my web server with Panel is installed (cPanel), In which all website should not suffer and they can use all web default services.
I found below URL but seems not sufficient, please advice.
Again, no. We can't just teach you how to do your job. You need to ask *SPECIFIC* questions or refer to genreal pre-exsiting documentation readily available online.
...in addition to the NSA PDF acid_kewpie posted you should read the basic installation and administrator documentation the original Linux distribution provides (https://access.redhat.com/knowledge/docs/), preferably before you install the OS. As I note you use or intend to use a web-based management panel it is also strongly advised to practice (locally?) first and ensure you have the basic practical user knowledge needed to run a Linux machine. (I should warn you thought that thinking that this gains you practical admin knowledge in say five days to be able to run a server securely would be a slight miscalculation.) In addition to RHEL-provided documentation and the NSA pamphlet you should minimally be aware of the (security) documentation provided by the interpreter, web server, database plus whatever you intend to run on top of that (forum, web log, photo gallery, shopping cart, statistics package, etc, etc), the OWASP Top 10 (https://www.owasp.org/index.php/Cate...op_Ten_Project), (preferably the SANS Top 20 http://www.sans.org/critical-security-controls/ too), the CISecurity Linux benchmarks (http://www.cisecurity.org/bench_linux.html) for your distribution of choice and tools like OpenVAS for testing purposes.
* Also since it appears you have chosen to use CloudLinux, which is a non-standard paid-for modification of RHEL / CentOS, you may be entitled to their support.
Remember, security is a process, not a product. (In spite of all the millions of dollars that folks like Peter Norton made from the reversal of this idea.) The security doesn't come from the brand of lock that you buy to install on any particular doorway. All the information you need is readily available on-line, but you also have to develop (again using the information of others) a strategy for applying it. The key is to understand: what software is installed, why it's there, how it's actually configured, and how it could be exploited by others. One of the best-all-around resources is the Security sub-forum right here. The esteemed persons (not including myself) who have already responded to you on this thread, are themselves experts. Listen carefully.
To me, control-panel software of all kinds is a serious security risk in and of itself, and nearly every server I've been associated with that was penetrated was exploited through exploitation of that kind of software. (It is "convenient," yes, but it is also: pervasive, complex, and normally poorly-understood.) And yet, you might not be able to change it. What you can do, though, is to understand it. Minimize it down to what you actually use. Look on the Internet for every document you can find that discusses exploits. Keep the software extremely up-to-date. Be attentive. Thieves do not draw attention to their presence, but they always must leave signs.
Last edited by sundialsvcs; 01-17-2013 at 08:55 AM.
To me, control-panel software of all kinds is a serious security risk in and of itself, and nearly every server I've been associated with that was penetrated was exploited through exploitation of that kind of software. (It is "convenient," yes, but it is also: pervasive, complex, and normally poorly-understood.) And yet, you might not be able to change it. What you can do, though, is to understand it. Minimize it down to what you actually use. Look on the Internet for every document you can find that discusses exploits. Keep the software extremely up-to-date. Be attentive. Thieves do not draw attention to their presence, but they always must leave signs.
I'd certainly agree there was a correlation to panel usage and attacks, but I don't think it's that causative. I think it's more the consequence of the average skill level of the average person who feels a panel is good for them. someone finding a cPanel install is probably likely to take that as a hint to dig further about other underlying services for likely mis-management too.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.