{"id":324,"date":"2021-07-23T12:27:49","date_gmt":"2021-07-23T12:27:49","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/additional-security-software\/"},"modified":"2021-07-23T12:27:49","modified_gmt":"2021-07-23T12:27:49","slug":"additional-security-software","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/additional-security-software\/","title":{"rendered":"Additional Security Software"},"content":{"rendered":"<\/p>\n
\n
<\/div>\n
\n

Overview<\/h2>\n

This document lists third-party software and modifications that you can install to help secure your server.<\/p>\n

\n
Warning:<\/div>\n
\n Some of these programs have not received updates in a long time and contain out-of-date malware libraries. We strongly<\/strong> recommend that you check the release date of any solution that you use.\n <\/div>\n<\/div>\n
\n
Note:<\/div>\n
\n

Among the options that this document lists, cPanel Technical Support can only<\/strong> provide direct support for CloudLinux\u2122, Imunify360, and KernelCare if you directly license them through cPanel, L.L.C. Otherwise, contact the appropriate software developer or your system administrator for help.<\/p>\n<\/p><\/div>\n<\/div>\n

APF Firewall<\/h2>\n

APF Firewall offers an advanced firewall for Linux systems. For more information about APF Firewall, visit the APF Firewall website at r-Fx Networks.<\/p>\n

Atomicorp<\/h2>\n

Atomicop offers a hardened and secure shell for Linux servers. For more information about Atomicorp, visit the Atomicorp website.<\/p>\n

BitNinja<\/h2>\n

BitNinja offers a security suite that provides protection against multiple forms of attack. For more information about BitNinja, visit the BitNinja website.<\/p>\n

chkrootkit<\/h2>\n

The chkrootkit<\/code> shell script examines your system\u2019s binaries for rootkit installations. Rootkits allow a malicious user to gain undetected administrative access to the server.<\/p>\n

To install the chkrootkit<\/code> script, perform the following steps:<\/p>\n

    \n
  1. \n

    Log in to your server as the root<\/code> user via SSH.<\/p>\n<\/li>\n

  2. \n

    Run the cd \/root<\/code> command to change to the root directory.<\/p>\n<\/li>\n

  3. \n

    Run the following command to download chkrootkit<\/code>:\n<\/p>\n

    \n
    wget<\/span> ftp<\/span>:\/\/<\/span>ftp<\/span>.pangeia<\/span>.com<\/span>.br<\/span>\/<\/span>pub<\/span>\/<\/span>seg<\/span>\/<\/span>pac<\/span>\/<\/span>chkrootkit<\/span>.tar<\/span>.gz<\/span><\/code><\/pre>\n<\/div>\n<\/li>\n
  4. \n
    Run the tar -xvzf chkrootkit.tar.gz<\/code> command to decompress the downloaded file.<\/p>\n<\/li>\n
  5. \n
    Run the cd chkrootkit-0.53<\/code> command to change directories.<\/p>\n<\/li>\n
  6. \n
    To begin the chkrootkit<\/code> installation, run the make sense<\/code> command. The system will install the chkrootkit<\/code> script on your server.<\/p>\n<\/li>\n<\/ol>\n
    To run the chkrootkit<\/code> script, run the following command:<\/p>\n
    \n
    \/<\/span>root<\/span>\/<\/span>chkrootkit<\/span>-<\/span>0.53<\/span>\/<\/span>chkrootkit<\/span><\/code><\/pre>\n<\/div>\n
    \n
    Note:<\/div>\n
    \n
    We strongly<\/strong> recommend that you run the chkrootkit<\/code> script often and add a cron job that runs the above command.<\/p>\n<\/p><\/div>\n<\/div>\n
    For more information about the chkrootkit<\/code> script, visit the chkrootkit<\/code> website.<\/p>\n
    CloudLinux<\/h2>\n
    CloudLinux offers a secure version of Linux that provides advanced functionality for shared hosting environments. CloudLinux integrates with cPanel & WHM, and it provides detailed resource management tools and other improvements to system management and stability.<\/p>\n
    You can purchase CloudLinux from the cPanel store. For more information about CloudLinux, visit the CloudLinux website.<\/p>\n
    ConfigServer software<\/h2>\n
    Many of our Technical Support Analysts recommend that you use CSF (ConfigServer Firewall), a free product that ConfigServer provides. CSF contains a stateful packet inspection (SPI) firewall, a login and intrusion detection mechanism, and a general security application for Linux servers.<\/p>\n
    To install CSF, perform the following steps:<\/p>\n
      \n
    1. \n
      Log in to your server as the root<\/code> user via SSH.<\/p>\n<\/li>\n
    2. \n
      Run the cd \/root<\/code> command to change to the root directory.<\/p>\n<\/li>\n
    3. \n
      Run the following command to download CSF:\n<\/p>\n
      \n
      wget<\/span> https<\/span>:\/\/<\/span>download<\/span>.configserver<\/span>.com<\/span>\/<\/span>csf<\/span>.tgz<\/span><\/code><\/pre>\n<\/div>\n<\/li>\n
    4. \n
      Run the tar -xzf csf.tgz<\/code> command to decompress the downloaded file.<\/p>\n<\/li>\n
    5. \n
      Run the cd csf<\/code> command to change directories.<\/p>\n<\/li>\n
    6. \n
      To begin the CSF installation, run the .\/install.cpanel.sh<\/code> command.<\/p>\n<\/li>\n<\/ol>\n
      To configure CSF, use WHM\u2019s ConfigServer Security & Firewall<\/em> interface (WHM<\/em> >> Home<\/em> >> Plugins<\/em> >> ConfigServer Security & Firewall<\/em>). The installation script should enable the correct ports in CSF, but we recommend that you confirm this on your server.<\/p>\n
      After you configure CSF, you must<\/strong> disable testing mode. To take CSF out of testing mode, perform the following steps:<\/p>\n
        \n
      1. \n
        Click Firewall<\/em>.<\/p>\n<\/li>\n
      2. \n
        Change the value of Testing<\/em> from 1<\/code> to 0<\/code>.<\/p>\n<\/li>\n
      3. \n
        Click Change<\/em>.<\/p>\n<\/li>\n<\/ol>\n
        For more information about how to use CSF, visit the CSF website.<\/p>\n
        \n
        Note:<\/div>\n
        \n
        ConfigServer also provides ConfigServer Mail Queues (CMQ), a free add-on product for cPanel & WHM. The product provides a full-featured interface to cPanel\u2019s Exim mail queues from within WHM. For more information about how to install and use CMQ, visit the CMQ website.<\/p>\n<\/p><\/div>\n<\/div>\n
        ConfigServer eXploit Scanner<\/h2>\n
        ConfigServer eXploit Scanner (CXS) scans all uploads to a server for malware, and it quarantines any suspicious files. It integrates with cPanel & WHM. For more information about CXS, visit the CXS website at ConfigServer Services.<\/p>\n
        ImunifyAV<\/h2>\n
        ImunifyAV is free antivirus software that protects your server from malicious code. For more information about ImunifyAV, visit the ImunifyAV website.<\/p>\n
        ImunifyAV+ builds on ImunifyAV\u2019s antivirus protection. ImunifyAV+ not only detects threats but automatically cleans up infected files. It also includes email notifications.<\/p>\n
        You can purchase ImunifyAV+ from the cPanel store. For more information about ImunifyAV+, read the cPanel blog.<\/p>\n
        Imunify360<\/h2>\n
        Imunify360 offers a security suite that protects servers against a wide range of attacks. It integrates with cPanel & WHM, and it provides reports to the system administrator on the server\u2019s status.<\/p>\n
        You can purchase Imunify360 from the cPanel store. For more information about Imunify360, visit the Imunify360 website.<\/p>\n
        KernelCare<\/h2>\n
        KernelCare automatically updates your system\u2019s Linux kernel without the need for a reboot. It also provides patches that secure vulnerabilities, such as the symlink race condition.<\/p>\n
        You can purchase KernelCare from the cPanel store. For more information about KernelCare, visit the KernelCare website.<\/p>\n
        \n
        Important:<\/div>\n
        \n
        You can only<\/strong> install KernelCare on systems that run CentOS 6, 7, and 8.<\/p>\n<\/p><\/div>\n<\/div>\n
        Linux Malware Detect<\/h2>\n
        Linux Malware Detect (LMD) offers a shareware malware protection scanner. For more information about LMD, visit the LMD website at r-Fx Networks.<\/p>\n
        Modify the Logwatch configuration file<\/h2>\n
        The Logwatch customizable log analysis system parses your system\u2019s log files for a given period of time. In addition, it creates a report that analyzes specified data. If your server does not include Logwatch, run the yum -y install logwatch<\/code> command to install it and any dependences that Logwatch requires. The Logwatch configuration file exists in the \/usr\/share\/logwatch\/default.conf\/logwatch.conf<\/code> location.<\/p>\n
        We recommend that you use a text editor to change the following parameters:<\/p>\n
          \n
        • \n
          MailTo = user@example.com<\/code> \u2014 Change the user@example.com<\/code> address to the email address that you wish to receive Logwatch notifications.<\/p>\n<\/li>\n
        • \n
          Detail = 5<\/code> or Detail = 10<\/code> \u2014 Change this parameter to set the detail in the log files.<\/p>\n
            \n
          • 5<\/code> represents a medium level of detail.<\/li>\n
          • 10<\/code> represents a high level of detail.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
            Patchman<\/h2>\n
            Patchman detects vulnerabilities in software and sends notices to customers to teach them how to resolve the issue. If the customer does not resolve the vulnerability, Patchman can fix it automatically. Patchman integrates with cPanel & WHM, and it provides reports to the system administrator on the server\u2019s status.<\/p>\n
            For more information about Patchman, visit the Patchman website.<\/p>\n
            RootKit Hunter<\/h2>\n
            The rkhunter<\/code> script scans for rootkits and other exploits.<\/p>\n
            \n
            Important:<\/div>\n
            \n
              \n
            • cPanel, L.L.C. does not provide RootKit Hunter (rkhunter).<\/li>\n
            • The Rootkit Hunter project team has not updated rkhunter in over one year.<\/li>\n
            • You may experience false positives if you use rkhunter. If you need assistance with rkhunter, contact your system administrator.<\/li>\n<\/ul><\/div>\n<\/div>\n
              To install the rkhunter<\/code> script, perform the following steps:<\/p>\n
              \n
              Note:<\/div>\n
              \n
              In this section, version<\/code> represents the Rootkit Hunter script\u2019s version. You can download the latest version from Rootkit Hunter project\u2019s website.<\/p>\n<\/p><\/div>\n<\/div>\n
                \n
              1. \n
                Log in to your server as the root<\/code> user via SSH.<\/p>\n<\/li>\n
              2. \n
                Run the cd \/root<\/code> command to change to the root directory.<\/p>\n<\/li>\n
              3. \n
                Run the following command to download the rkhunter script:\n<\/p>\n
                \n
                wget<\/span> https<\/span>:\/\/<\/span>sourceforge<\/span>.net<\/span>\/<\/span>projects<\/span>\/<\/span>rkhunter<\/span>\/<\/span>files<\/span>\/<\/span>rkhunter<\/span>\/<\/span>version<\/span>\/<\/span>rkhunter<\/span>-<\/span>version<\/span>.tar<\/span>.gz<\/span>.asc<\/span>\/<\/span>download<\/span><\/code><\/pre>\n<\/div>\n<\/li>\n
              4. \n
                Run the tar -xvzf rkhunter-version.tar.gz<\/code> command to decompress the downloaded file.<\/p>\n<\/li>\n
              5. \n
                Run the cd rkhunter-1version<\/code> command to change directories.<\/p>\n<\/li>\n
              6. \n
                To begin the rkhunter<\/code> script installation, run the .\/installer.sh --layout default --install<\/code> command. The system will install the rkhunter script on your server.<\/p>\n<\/li>\n<\/ol>\n
                To run the rkhunter<\/code> script, run the following command:<\/p>\n
                \n
                \/<\/span>root<\/span>\/<\/span>rkhunter<\/span>-<\/span>version<\/span>\/<\/span>files<\/span>\/<\/span>rkhunter<\/span> -<\/span>c<\/span><\/code><\/pre>\n<\/div>\n
                For information about how to configure the rkhunter<\/code> script, read the rkhunter FAQ.<\/p>\n
                \n
                Note:<\/div>\n
                \n
                We strongly<\/strong> recommend that you run the rkhunter<\/code> script often and add a cron job that runs the above command.<\/p>\n<\/p><\/div>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"
                Overview This document lists third-party software and modifications that you can install to help secure your server. Warning: Some of these programs have not received updates in a long time and contain out-of-date malware libraries. We strongly recommend that you check the release date of any solution that you use. Note: Among the options that …<\/p>\n","protected":false},"author":1,"featured_media":325,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/324"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=324"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/324\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/325"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=324"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=324"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=324"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}