cPanel Webhosting Security

Posted by: admin  :  Category: cPanel & WHM, Linux Server Hosting, Security

PHP version 5.2 has an improved handling of remote code which reduces greatly security problems.

Tweak your local PHP settings for better security– this can be done by disabling unnecessary functions and options. Here are some sample recommended directives:

allow_url_fopen=off

disable_functions = proc_open , popen, disk_free_space, set_time_limit, leak, tmpfile, exec, system, shell_exec, passthru

 

Note that the above directives can cripple your code’s functionality. They have to be pasted in a php.ini file in each directory you’d like to have them applied.

Deny Perl and other bots from accessing your site. This can be easily done with the following rules in your .htaccess:

SetEnvIfNoCase User-Agent libwww-perl bad_bots

order deny,allow

deny from env=bad_bots

 

If you are not using Perl scripts, add a bogus handler for these files. In your home directory create a .htaccess file with the following content:

##Deny access to all CGI, Perl, Python and text files

<FilesMatch “\.(cgi|pl|py|txt)”>

Deny from all

</FilesMatch>

##If you are using a robots.txt file, please remove the

# sign from the following 3 lines to allow access only to the robots.txt file:

#<FilesMatch robots.txt>

#Allow from all

#</FilesMatch>

 

The above will prevent Perl scripts to be executed. Many exploits or backdoors are written in Perl and the above will prevent them from running. This directive will apply to all your sub-directories.

Filter possible intrusions make sure about Apache’s Mod Security. Mod Security is an Application firewall integrated with Apache. We at TurfSitePH.net can assist you with regards to enabling Apache’s Mod Security with your accounts, just email us via support@turfsiteph.net