www.cPanel.vn

These are measures that can be taken to secure your server, with SSH access.      Udate OS, Apache and CPanel to the latest stable versions.     This can be done from WHM/CPanel.        Restrict SSH Access To restrict and secure SSH access, bind sshd to a single IP that is different than the main IP to the server, and on a different port than port 22. SSH into server and login as root. Note: You can download Putty by  Clicking Here. It's a clean running application that will not require installation on Windows-boxes.      At command prompt type: pico /etc/ssh/sshd_config    Scroll down to the section of the file that looks like this:

  Uncomment and change     #Port 22     to look like     Port 5678  (choose your own 4 to 5 digit port number (49151 is the highest port number)      Uncomment and change     #Protocol 2, 1    to look like     Protocol 2      Uncomment and change     #ListenAddress 0.0.0.0    to look like     ListenAddress 123.123.123.15  (use one of your own IP Addresses that has been assigned to your server)      Note 1: If you would like to disable direct Root Login, scroll down until you find     #PermitRootLogin yes    and uncomment it and make it look like     PermitRootLogin no    Save by pressing Ctrl o on your keyboard, and then exit by pressing Ctrl x on your keyboard.      Note 2: You can also create a custome nameserver specifically for your new SSH IP address. Just create one called something like ssh.xyz.com or whatever. Be sure to add an A address to your zone file for the new nameserver. Now restart SSH At command prompt type: [b]/etc/rc.d/init.d/sshd restart[b] Exit out of SSH, and then re-login to SSH using the new IP or nameserver, and the new port. Note: If you should have any problems, just Telnet into your server, fix the problem, then SSH in again. Telnet is a very unsecure protocol, so change your root password after you use it. Disable Telnet    To disable telnet, SSH into server and login as root.    At command prompt type: pico -w /etc/xinetd.d/telnet    change  disable = no   to   disable = yes    Save and Exit    At command prompt type: /etc/init.d/xinetd restart          Server e-mail everytime someone logs in as root To have the server e-mail you everytime someone logs in as root, SSH into server and login as root. At command prompt type: pico .bash_profile    Scroll down to the end of the file and add the following line:    echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | awk '{print $6}'`" your@email.com    Save and exit.           Set an SSH Legal Message    To an SSH legal message, SSH into server and login as root.    At command prompt type: pico /etc/motd    Enter your message, save and exit.    Note: I use the following message...     Now everytime someone logs in as root, they will see this message... go ahead a try it.          Disable Shell Accounts    To disable any shell accounts hosted on your server SSH into server and login as root.    At command prompt type: locate shell.php    Also check for:    locate irc locate eggdrop locate bnc locate BNC locate ptlink locate BitchX locate guardservices locate psyBNC locate .rhosts        Note: There will be several listings that will be OS/CPanel related. Examples are /home/cpapachebuild/buildapache/php-4.3.1/ext/ircg /usr/local/cpanel/etc/sym/eggdrop.sym /usr/local/cpanel/etc/sym/bnc.sym /usr/local/cpanel/etc/sym/psyBNC.sym /usr/local/cpanel/etc/sym/ptlink.sym /usr/lib/libncurses.so /usr/lib/libncurses.a etc. Disable identification output for Apache     To disable the version output for proftp, SSH into server and login as root.    At command prompt type: pico /etc/httpd/conf/httpd.conf      Scroll (way) down and change the following line to    ServerSignature Off       Restart Apache    At command prompt type: /etc/rc.d/init.d/httpd restart