(Ping! Zine Special CPanel Edition) – I am faced with a daunting task: write something useful about server security in 1,800 words or less. Entire books are devoted to the subject, though few could be considered anywhere near comprehensive. It is an issue which I elected to write about, and one that I view as the most important, yet least understood if not an outright neglected aspect of doing business on the Internet.
The purpose of this article is to expand a few horizons, to challenge folks with minimal security related experience to come up with ways to better protect themselves. The standard practice of downloading and installing 3rd party scripts for protection is woefully inefficient, and has proven to oftentimes be more harmful than helpful.
Without wasting further precious space, let’s begin.
If /etc/passwd flew out of your webserver 5 minutes ago, would you know? What if outbound traffic on your OpenVZ host node suddenly increased by 5000%? Would you know if your shared hosting server started listening on TCP port 4444? If a new uid 0 user was added? A new ssh key was authorized?
If you answered “No” to most of those questions, it may be time to rethink your perspective on information security.
Read more in the Special cPanel Edition – CPanel & WHMCS: Combining Powers!