Not a member yet? Register now and get started.

lock and key

Sign in to your account.

Account Login

Forgot your password?

Server Security Hardening

Server Security Hardening is the process of enhancing server security through a variety of means which results in a much more secure server operating environment. This is due to the advanced security measures that are put in place during the server hardening process. This is the what we can do for you:

  • Disable server banners (can be used by an attacker to research exploits against the services running on the server).
  • Install an Intrusion Detection System (sends an email daily reporting on any binaries that may have been modified by an attacker).
  • Enable automatic updates (when supported, this enables your server to always run the most current version of critical server software, which can prevent an attacker from gaining access to your server via an older exploit).
  • Enable security features present in server applications designed to mitigate the possibility of a remote compromise via an insecure script or service (an example of this would be the safe_mode feature in PHP).
  • Configure and install mod_security, a common Apache module that helps to prevent server compromises by adding an additional layer of security to web applications.
  • Create a robust and secure firewall that lets all of the traffic that you want in to the server, but nothing else. Often, a server can be compromised by a service that was never intended to be exposed to the Internet!
  • Finally, documentation will be provided to you that details the exact steps used to secure your server, and tips on how to keep your server secured.

TopcPanel & WHM Server Security Hardening

  1. CHKRootKit: Detect hacker software and notifies via email.
  2. Sysctl.conf Hardening: To prevent spoofing and DOS attacks.
  3. RootKit Hunter: Rootkit scanner is scans for backdoors and exploits.
  4. CSF Firewall: CSF policy based iptables firewall.
  5. ConfigServer ModSecurity Control (CMC): Configure cPanel mod_security implementation.
  6. Brute Force Detection: Detecting and protecting your web servers against brute force attacks by blocking suspect IP addresses.
  7. Clam Anti-Virus: The scanner searches your server for malicious programs.
  8. Linux Malware Detect: The LMD is a malware scanner.
  9. Disable Anonymous FTP Access: To prevent anonymous users from uploading files to your server.
  10. Secure cPanel and WHM
  11. cPanel Update: Updating to the latest version of cPanel.
  12. System Update: Keep all services and scripts up to date and make sure that you running the latest secured version.
  13. Remove Old Logs
  14. Enable Mod_security: Mod_security is an Apache module that helps to protect your website from various attacks.
  15. Enable TCP SYN Cookie Protection: Technique used to resist SYN flood attacks.
  16. Shell Fork Bomb: Prevent users with terminal access (SSH or Telnet).
  17. Secure PHP: Disable certain functions for security.
  18. System Integrity Monitor: SIM is a system and services monitor.
  19. Root Login Email Alert: Shot email when on successful WHM login.
  20. DNS Attacks: Protects server for DNS amplification attack.
  21. SSH Hardening: Disables direct root login and change SSH port.
  22. Background Process Killer: Kills certain processes and send you an email when it finds one of them.
  23. PHP open_basedir Protection: Prevents users from opening files outside of their home directory with PHP.
  24. Disable Compiler Access: Compilers are disabled for unprivileged users.
  25. Disable FTP Root Login: This is a considerable security risk and thus disabled.
  26. Logwatch Configuration: Log analysis system that parses system log files and sends email report of the analyzed data.
TopPlesk Security Hardening

Our team of Plesk server administrators helps you to set up a secure and stable your Plesk webhosting server through implementation of initial Plesk server hardening and security practices. The team performs initial hardening for your Plesk webhosting serves through implementation of routine security features such as:

  • Authentication: Social Media Authentication, Google Authenticator, SAML Authentication, LDAP Integration, Clef Integration, Active Directory Integration.
  • Anti-Spam/Anti-Virus: MagicSpam Integration, Dr. Web & Kaspersky Server Support, SMTP Relay Support, Outbound Anti-spam.
  • Server Security: Atomicore Mod-Security Rules Built-in, CloudFlare Servershield Support, Support, Nimbusec Support.
  • Network Security: Fail2ban support, Atomicore Secure Linux Support, Various Security Extensions.
  • CloudFlare: integration with CloudFlare takes advantage of all that the service provides, including CDN, DDOS prevention, firewall, caching, and more.
    Patchman: Detect and patch vulnerabilities before they can be mass exploited.

Proper initial hardening keeps common security breaches at bay and helps you to assure good server performance and uninterrupted service delivery.