Portsentry is a tool to detect port scans and log it. Once a host is targeted by an attacker, a port scan is almost always performed. PortSentry detects such scans by monitoring the unused ports on the host. Upon a connection attempt to one of the unused ports, PortSentry is alerted and has the ability to issue a number of commands in response to the scan. Installation # cd /usr/src/ # wget http://sourceforge.net/projects/sentrytools/files/latest/download
If you inspect your server’s error logs, you may see that many visitors (for the most part robots) constantly request access to things they should not be allowed to see. If you see that such access are suspicious and they are trying to spam your forum or hijack your mail program, you may need to deny access from those IP’s. Collecting such offending IP addresses by manually inspecting your logs across your site can become a full-time job. In such cases, you may block access to the site on Country …
Spam emails are commonly referred to as unsolicited or junk emails sent in bulk without user consent. In a cPanel server running Exim, spamming usually occurs due to compromised accounts, vulnerable scripts, or improperly configured applications. Common Causes of Server Spamming Spamming generally happens in the following ways: General Fix for Spamming Issues Case 1: Spam Sent via PHP Script Step 1: Check Mail Queue Count A high number indicates possible spam activity. Step 2: View Recent Emails in Queue Step 3: Inspect Email Header Check the auth_id field to …
A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems, in addition to Mac OS X. Known as the “Bash Bug” or “ShellShock,” the GNU Bash Remote Code Execution Vulnerability could allow an attacker to gain control over a targeted computer if exploited successfully. And because Bash is everywhere on Linux and Unix-like machines and interacts with all parts of the operating system, everyone anticipates that it will have lot of repercussions. How does Shellshock work? Shellshock exploits a flaw in how …
Denial-of-service attack (DoS attack) or Distributed Denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. This attack generally target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks are implemented by either forcing the targeted computer to reset, or consuming its resources so that it can no longer provide its services or obstructs the communication media between the users and the victim so that they can no longer …
DNS is a critical component of any network infrastructure. It is responsible for translating domain names into IP addresses, making it a prime target for attackers. A compromised DNS server can lead to traffic redirection, data interception, service downtime, and severe reputation damage. The main objective of securing DNS includes ensuring the secure exchange of data between DNS servers, protecting DNS queries, securing zone transfers, and controlling DNS updates. Strengthening DNS security is a foundational step in overall website and server protection, as discussed in SupportPro’s guide on improving website …
SSH is a tool for secure remote login over insecure networks. It provides an encrypted terminal session with strong authentication of both the server and client, using public-key cryptography. 1. Use Strong Passwords/Usernames choose passwords that contains: Minimum of 8 characters Mix of upper and lower case letters Mix of letters and numbers Non alphanumeric characters (e.g. special characters such as ! ” $ % ^ etc)
If you want to disable redirection to SSL connection while accessing WHM, cPanel, Webmail, please follows these steps. Login to WHM >> Tweak Setting >> Uncheck the following options under Redirection. Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc. Also you have to uncheck the following option under Security in Tweak Settings. Require SSL for all remote logins to cPanel, WHM and Webmail. This setting is recommended. Also you can disable those options from the shell. SSH to the server as root. Open /var/cpanel/cpanel.config and set …
PCI DSS (Payment Card Industry Data Security Standards) are the official security standards created by the PCI Security Standard Council to reduce payment card frauds. It provides elaborate and comprehensive standards to enhance payment card data security. The core purpose of PCI DSS this is to create as secure of an environment as possible for users to process their credit cards. To adhere by PCI DSS, service providers and merchants who sell products over the web are required to have a periodic PCI Security Scans that are usually defined by …
Disabling direct root login over SSH is an important security practice for any cPanel server. Allowing remote root access increases the risk of brute-force attacks and unauthorized logins. By disabling root login, administrators must first log in using a normal user account and then switch to root privileges securely. This approach also allows administrators to access WHM/cPanel without the root password, improving security while maintaining full administrative control over the server. This guide explains how to disable root SSH login on a cPanel server safely without locking yourself out. Why …