We do support Round the Clock 24 x 7 x 365 (+91) 883 012 3924
header-image

L3 Web Hosting Blog

cPanel, Plesk, Wordpress Hosting SSD disk

Check out L3WebHosting blog for tips and in-depth articles on web hosting services !!

Password Protect WP-Admin folder

 

Mostly WordPress login pages are targeted for brute force attacks or other vulnerabilities.
Below are steps to password protect wp-admin login :

 

# Login to your cPanel.

# Scroll down till you see the Security Tab

# Click on the “Password Protect Directories”

# Next screen will ask you for directory location. just click on web root >> navigate to the folder where your WordPress is hosted. Then click on the /wp-admin/ folder.

# Simply check the box to password protect the directory. Then create a user for the directory.

# Back to cPanel Home page and open File Manager

Open & Edit .htaccess file and add the following code into .htaccess file

1
ErrorDocument 401 default

# Now when you try to access http://YourDomain.com/wp-admin , you will see an authentication required box.

 

 

How to add a second disk to an EC2 Instance in AWS


# Login to AWS console
# Navigate to EC2 -> Elastic Block Store -> Volumes

Create additional Volume in the availability zone of the EC2 instance.

# Go to Action -> Attach Volume
Now search your existing EC2 instance with its name and attach it.

# Now Login to your EC2 instance with root user and enter the below commands

mkfs.ext4 /dev/xvdf
mkdir /home2
mount /dev/xvdf /home2

# once all done, you can verify with `mount` or `df -h` to see the new volume.
# Also you need to add an entry of new valume into /etc/fstab

You can contact us at support@L3WebHosting.com if you require any assistance on AWS.

How to install PHP Selector on the CloudLinux

PHP Selector is a best feature of CloudLinux. It allows each user to select PHP version and modules.

PHP Selector is compatible with the following technologies: 
# suPHP
# mod_fcgid
# CGI (suexec)
# LiteSpeed.

 

It is not compatible with mod_php/DSO including mod_ruid2 and MPM ITK.
Use below commands to install PHP Selector :

# yum groupinstall alt-php

Update CageFS & LVE Manager with support for PHP Alternatives:

# yum update cagefs lvemanager

How to install CageFS on the CloudLinux

If you have CloudLinux installed on the server, you will able to setup CageFS on your server.

CageFS is a virtualized file system which enables each user to have its own cage.

 

With CageFS :
# Only safe binaries are available for user
# User will not able to see files/data of any other users on server
# User will not able to see server configuration files such as Apache/mysql/exim config files
# User will have limited access of /proc file system and will not be able to see other users running processes
CageFS works with 
# cPanel WHM
# Plesk
# DirectAdmin
# ISPmanager
# Interworx
# MySQL
# PostgreSQL
# LiteSpeed

 

To install CageFS:

$ yum install cagefs
$ /usr/sbin/cagefsctl –init

That last command will create skeleton directory that might be around 7GB in size. If you don’t have enough disk space in /usr/share, use following commands to have cagefs-skeleton being placed in a different location:

$ mkdir /home/cagefs-skeleton
$ ln -s /home/cagefs-skeleton /usr/share/cagefs-skeleton

On cPanel servers, if you will be placing skeleton into /home directory, you must configure the following option in:

cPanel WHM -> Server Configuration -> Basic cPanel/WHM Setup -> Basic Config -> Additional home directories

Change the value to blank (not default “home”)

Without changing this option, cPanel will create new accounts in incorrect places.

Once you initialize the template you can start enabling users.
By default, CageFS is disabled for all users.

 

 

 

 

 

How to set up a DMARC record

DMARC specify how mail servers should handle messages from your domain that does not have a valid SPF and DKIM records.

DMARC monitors fraudulent emails and legitimate traffic for Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication performance.

Here are steps to set up and implement a DMARC record in cPanel :

# Login to cPanel

# Click Zone Editor under Domains

# Add TXT record as follows

Field Setting
Name _dmarc
TTL 14400
Type TXT
TXT Data Below are some options :
None: v=DMARC1; p=none; sp=none; rf=afrf; pct=100; ri=86400
Reject: v=DMARC1; p=reject; sp=none; rf=afrf; pct=100; ri=86400
Quarantine: v=DMARC1; p=quarantine; sp=none; rf=afrf; pct=100; ri=86400

How to increase phpMyAdmin Upload Limit on Centos Web Panel CWP server

Sometimes you want to upload or import large mysql database through phpMyAdmin but it fails with upload limit error.

Follow below steps to increase upload or import limit for phpMyAdmin :

# Login with root user on Centos Web Panel CWP server
# Open below file :

/usr/local/cwp/php71/php.ini

Search for upload_max_filesize and post_max_size and increase those values.

Now we need to restart CWP php-fpm service

service cwp-phpfpm restart

DdoS Deflate Helps To Protect Server From DDoS Attacks

Denial of service DoS attacks typically flood servers and networks with high traffic in order to overwhelm the victim resources and make it difficult for legitimate users to use resources. This effectively makes it impossible to stop the attack simply by blocking a single source.

DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It uses netstat command to track all traffic and automatically block attacker’s IP address through IP tables or APF according to the configuration.

Below are steps to install DDOS Deflate on your server :
# Login to server with root user

cd /usr/local/src/

wget http://www.inetbase.com/scripts/ddos/install.sh

chmod 0700 install.sh

./install.sh

You can change configration options by editing below file

/usr/local/ddos/ddos.conf

# Start DDOS Deflate service

/usr/local/ddos/ddos.sh -c

# Create a cronjob to run DDOS Deflate script regularly

ddos –cron

# Display whitelisted IP addresses

ddos -I | –ignore-list

# Display blocked IP addresses

ddos -b | –bans-list

# To start a daemon

ddos -d | –start

# To stop the daemon

ddos -s | –stop

# To show status of daemon

ddos -t | –status

# To display active connections

ddos -v | –view

Setup Port or IP address Redirection with CSF

Port/IP address Redirection is one of best feature of CSF ConfigServer Security Firewall.

With this feature we can redirect any/all ports or IP address to alternative ports/IP addresses.

Below are requirements for Port/IP address Redirection feature :

nat tables
ipt_DNAT iptables module
ipt_SNAT iptables module
ipt_REDIRECT iptables module

The following are the allowed redirection formats :

# DNAT (redirect from one IP address to a different one):

IPx|*|IPy|*|tcp/udp – To IPx redirects to IPy
IPx|portA|IPy|portB|tcp/udp – To IPx to portA redirects to IPy portB

# DNAT examples:

192.168.254.62|*|10.0.0.1|*|tcp
192.168.254.62|666|10.0.0.1|25|tcp

# REDIRECT (redirect from port to a different one):

IPx|portA|*|portB|tcp/udp – To IPx to portA redirects to portB
*|portA|*|portB|tcp/udp – To portA redirects to portB

# REDIRECT examples:

*|666|*|25|tcp
192.168.254.60|666|*|25|tcp
192.168.254.4|666|*|25|tcp

ConfigServer Security & Firewall (csf)

ConfigServer Security Firewall is an advanced firewall for most Linux distribution.

Supported Operating systems :
# RedHat Enterprise v5 to v7
# CentOS v5 to v7
# CloudLinux v5 to v7
# Fedora v20 to v26
# OpenSUSE v10, v11, v12
# Debian v3.1 – v9
# Ubuntu v6 to v15
# Slackware v12

Below are features of CSF :

  • # Straight-forward SPI iptables firewall script
  • # Daemon process that checks for login authentication failures for:
    • – Courier imap, Dovecot, uw-imap, Kerio
    • – openSSH
    • – cPanel, WHM, Webmail (cPanel servers only)
    • – Pure-ftpd, vsftpd, Proftpd
    • – Password protected web pages (htpasswd)
    • – Mod_security failures (v1 and v2)
    • – Suhosin failures
    • – Exim SMTP AUTH
    • – Custom login failures with the separate log file and regular expression matching
  • # POP3/IMAP login tracking to enforce logins per hour
  • # SSH login notification
  • # SU login notification
  • # Excessive connection blocking
  • # UI Integration for cPanelDirectAdmin and Webmin
  • # Easy upgrade between versions from within cPanel/WHM, DirectAdmin or Webmin
  • # Easy upgrade between versions from shell
  • # Pre-configured to work on a cPanel server with all the standard cPanel ports open
  • # Pre-configured to work on a DirectAdmin server with all the standard DirectAdmin ports open
  • # Auto-configures the SSH port if it’s non-standard on installation
  • # Block traffic on unused server IP addresses – helps reduce the risk to your server
  • # Alert when end-user scripts sending excessive emails per hour – for identifying spamming scripts
  • # Suspicious process reporting – reports potential exploits running on the server
  • # Excessive user processes reporting
  • # Excessive user process usage reporting and optional termination
  • # Suspicious file reporting – reports potential exploit files in /tmp and similar directories
  • # Directory and file watching – reports if a watched directory or a file changes
  • # Block traffic on a variety of Block Lists including DShield Block List and Spamhaus DROP List
  • # BOGON packet protection
  • # Pre-configured settings for Low, Medium or High firewall security (cPanel servers only)
  • # Works with multiple ethernet devices
  • # Server Security Check – Performs a basic security and settings check on the server (via cPanel/DirectAdmin/Webmin UI)
  • # Allow Dynamic DNS IP addresses – always allow your IP address even if it changes whenever you connect to the internet
  • # Alert sent if server load average remains high for a specified length of time
  • # mod_security log reporting (if installed)
  • # Email relay tracking – tracks all email sent through the server and issues alerts for excessive usage (cPanel servers only)
  • # IDS (Intrusion Detection System) – the last line of detection alerts you to changes to system and application binaries
  • # SYN Flood protection
  • # Ping of death protection
  • # Port Scan tracking and blocking
  • # Permanent and Temporary (with TTL) IP blocking
  • # Exploit checks
  • # Account modification tracking – sends alerts if an account entry is modified, e.g. if the password is changed or the login shell
  • # Shared syslog aware
  • # Messenger Service – Allows you to redirect connection requests from blocked IP addresses to preconfigured text and html pages to inform the visitor that they have been blocked in the firewall. This can be particularly useful for those with a large user base and help process support requests more efficiently
  • # Country Code blocking – Allows you to deny or allow access by ISO Country Code
  • # Port Flooding Detection – Per IP, per Port connection flooding detection and mitigation to help block DOS attacks
  • # DirectAdmin UI integration
  • # Updated Webmin UI integration
  • # WHM root access notification (cPanel servers only)
  • # lfd Clustering – allows IP address blocks to be automatically propagated around a group of servers running lfd. It allows allows cluster-wide allows, removals and configuration changes
  • # Quick start csf – deferred startup by lfd for servers with large block and/or allow lists
  • # Distributed Login Failure Attack detection
  • # Temporary IP allows (with TTL)
  • # IPv6 Support with ip6tables
  • # Integrated UI – no need for a separate Control Panel or Apache to use the csf configuration
  • # Integrated support for cse within the Integrated UI
  • # cPanel Reseller access to per reseller configurable options Unblock, Deny, Allow and Search IP address blocks
  • # System Statistics – Basic graphs showing the performance of the server, e.g. Load Averages, CPU Usage, Memory Usage, etc
  • # ipset support for large IP lists
  • # Integrated with the CloudFlare Firewall
  • Follow below steps to install CSF :
    
    cd /usr/src
    wget https://download.configserver.com/csf.tgz
    tar -xzf csf.tgz
    cd csf
    sh install.sh