Security – Page 2 – The cPanel Admin

Installing LetsEncrypt SSL Certificates on CentOS + cPanel Servers

nessa • February 15, 2016

Update! cPanel supports LetsEncrypt, but you just need to install the plugin for it to work. To do this, run: /scripts/install_lets_encrypt_autossl_provider Once installed, Let’s Encrypt will appear in WHM’s Manage AutoSSL interface (Home >> SSL/TLS >> Manage AutoSSL) where you can enable the provider. At the time of this writing, LetsEncrypt is in public beta […]

Installing LetsEncrypt SSL Certificates on CentOS + cPanel Servers Read Post »

Howto, Linux, Security

Upgrading OpenSSH on CentOS and AlmaLinux

nessa • June 26, 2015

Note: This is an update from our 2011 post. If you’ve taken a peek at your PCI scan results lately, you may have noticed that your scan provider is now requiring OpenSSH 6.6 or higher due to CVE-2014-2532 – a version that is not currently available in the CentOS 5 or 6 repositories. A Yum update isn’t going

Upgrading OpenSSH on CentOS and AlmaLinux Read Post »

Linux, Security

CloudLinux or BetterLinux?

nessa • June 15, 2015

UPDATE 6/18: Shortly after this was posted and one of the major hosting companies I’m affiliated with removed BetterLinux from their servers due to stability problems, BetterLinux announced that they are shutting down, effective July 1st. Customers ask us all the time whether they should use CloudLinux or BetterLinux on their servers, and what differences exist

CloudLinux or BetterLinux? Read Post »

Apache, Fixes, Howto, Linux, News, Security

de-POODLE-ing: How to Disable Support for SSLv3 on a cPanel Server

nessa • October 18, 2014

The latest security buzz this month is about the SSLv3 POODLE vulnerability, and how SSL version 3.0 is now officially designated as insecure, joining its predecessors versions 1.0 (unreleased) and 2.0. This effectively concludes the life cycle of the SSL protocol in favor of TLS. This post will give you a brief overview of what POODLE

de-POODLE-ing: How to Disable Support for SSLv3 on a cPanel Server Read Post »

Linux, Security

SSH Security for Shared Hosting

nessa • September 26, 2014

Web hosts often shy away from the idea of allowing SSH access to their clients on shared servers, typically due to security concerns bred by the hosting industry. Some of the largest providers, however, are now offering SSH to make their services more functional for advanced users, so now we are often asked whether allowing SSH as a feature is a

SSH Security for Shared Hosting Read Post »

Security

cPanel Configuration Clusters and Security Considerations

nessa • June 5, 2014

cPanel 11.44 introduces a new feature fresh from their feature request system that now allows server administrators to deploy the configuration of one server to multiple servers in what the they call a “configuration cluster”. It will start by offering this capability to just the cPanel update preferences, but will eventually be expanded to work with

cPanel Configuration Clusters and Security Considerations Read Post »

Apache, Linux, Security

OpenSSL Heartbleed Bug and What You Need to Know

nessa • April 7, 2014

Over the past few days, we have received an overwhelming number of questions about the OpenSSL Heartbleed bug and how cPanel system administrators should be handling this. First of all, if you haven’t read Codenomicon’s write-up on the bug, which thoroughly explains what it is, you should look visit heartbleed.com. Because their website already covers

OpenSSL Heartbleed Bug and What You Need to Know Read Post »

Apache, Hacks, Howto, Scripts, Security

Wildcard SSL Installation Script

nessa • December 23, 2010

Us administrators eventually come to the realization that when you have a wildcard SSL certificate for 40 subdomains, you can’t practically have separate IPs and cPanel accounts for all of them. If you have a wildcard SSL certificate for all your su cheap kamagra bdomains, you can easily install the certificate on a single IP

Wildcard SSL Installation Script Read Post »

Mail, Security

Exim Privilege Escalation in 4.69-23

Mark • December 10, 2010

The cPanel security team found an issue in Exim that can potentially allow a user on the system to potentially run commands as the root user. Luckily, cPanel has already released a patch which is available for immediate download via their Exim upgrade script. If your system is set to update cPanel automatically, you may

Exim Privilege Escalation in 4.69-23 Read Post »