mod_security for CWP

Installation and management of the mod_security with CWP are very simple, you can install it with a single click. To install mod_security you only need to click on the "install mod security" button in your cwp.admin --> Security --> Mod Security With the installation of mod_security, you are also getting OWASP set of rules. OWASP […]

Read More

CSF/LFD Firewall configuration

With CWP you can simply configure CSF/LFD firewall by using CSF Firewall module. In CWP.admin go to: Left-Menu --> Security --> CSF Firewall Here you can whitelist, block or unblock IPs. For additional configuration you can click on Firewall Configuration button and there you can check or edit CSF firewall configuration. ** Don't forget to […]

Read More

Check if SSL certificate matches the key file

To check if your certificate file matches with the key, you can use the following commands. openssl rsa -noout -modulus -in FILENAME.key openssl req -noout -modulus -in FILENAME.csr openssl x509 -noout -modulus -in FILENAME.cert If you get different output, then you files do NOT match and you will need to reissue your certificate. To make […]

Read More

Track SPAM infected scripts

All this tools can help you to track spam and infected scripts but experienced admin assistance is always needed. Check this for tracking setup by using headers Using maldet (Malware scanner) Update Maldet maldet -u Scan public_html folder of infected user account maldet -a /home/USERNAME/public_html Using ClamAV (Clam Antivirus) clamscan -r /home/USERNAME/public_html | grep FOUND […]

Read More

CSF/LFD Brute Force Protection

Activate CSF Brute Force Protection for CWP Login and customize according to you needs. Replace in: /etc/csf/csf.conf (somewhere at the end of the file) CUSTOM1_LOG = "/var/log/customlog" replace with CUSTOM1_LOG = "/var/log/cwp_client_login.log" Add in: /usr/local/csf/bin/regex.custom.pm if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\S+\s+\S+\s+(\S+)\s+Failed Login from:\s+(\S+) on: (\S+)/)) { return ("Failed CWP-Login login for User: $1 from IP: […]

Read More

How to Enable CSF UI

How to enable full CSF UI (ConfigServer Security & Firewall Integrated User Interface) Edit File: /etc/csf/csf.conf UI = "1" UI_PORT = "6666" TCP_IN = add port 6666 at the end UI_USER = "test2" UI_PASS = "test2" ** Dont forget to set the strong login, after-all this is your server firewall!!! to access it you can […]

Read More

IP Access control

If you want to lock CWP login only for your IP address now you can do that by creating a file named "/usr/local/cwp/.conf/.access_root" and by adding your IP address in it. Create a File and add your IP's in it (one per line) /usr/local/cwp/.conf/.access_root eg. 123.123.123.123 121.121.121.121 To disable Limited access per IP address simply […]

Read More

CentOS Mostly Used Ports

List of mostly used default ports on the CentOS servers Port Number - Name 20 - FTP 21 - FTP 22 - SSH 25 - SMTP/EMAIL 26 - SMTP 43 - WHOIS (We don't recommend opening this port) 53 - BIND/DNS 80 - HTTP / Apache Web server 110 - POP3/EMAIL 143 - IMAP 443 […]

Read More

How to secure your website from hacking

In CWP we have a few levels of security, here are most important which can be additionally configured: 1. Automated Backups 2. Mod Security with OWASP rules 3. CSF Firewall 4. File System Lock 5. Mod Spamhaus 1. Automated Backups In case of website hack you can always restore your website to a previous backup […]

Read More

How to install CloudLinux on the CWP servers ?

How to install CloudLinux on the CentOS WebPanel [CWP] servers Instructions on how to install Cloud Linux CloudLinux Installer (you need to have a CloudLinux License) wget http://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy sh cldeploy -k YOUR-KEY cd /usr/local/src/ wget http://dl1.centos-webpanel.com/files/c_scripts/cloudlinux.sh sh cloudlinux.sh After CloudLinux installer is done it will automatically reboot the server!! After reboot you need to build […]

Read More

How to install multiple SSL certificates on the shared IP

How to install multiple SSL certificates on the shared IP Now you can have unlimited number of the SSL certificates on one shared IP address (no additional IP's are needed) Install SSL Certificate (Self Singed - exception needs to be added in your browser) 1. Use CWP SSL Generator (in admin are under Security) for […]

Read More