Hello everyone, today I am doing a review of a VPS company called NinjaHawk Solutions. You have to bear with me. I have never done a review of another company. I have been with Ninja hawk for almost 4 months and thought it would be a good time to tell others what I think of them. I found them in the web hosting offers section, when they were doing a promo, like 50% off or something. Anyway I liked what they offered. I was not expecting much for 14 bucks but it had a refund so I jumped in. So I setup my account and within a few minutes I had my VPS. I had a small problem where storage quotas were being wrong, but it was resolved very quickly and I was back up and running in no time. The technical support was amazing and really fast. Something that you don’t expect from a budget VPS company. I don’t have a monitor on my VPS, but I have had no problems with uptime except, when the node that I was on got abused and caused a small 15 minutes downtime. Once again they stepped in and resolved it. I even had a few email problems that were not even their fault. Something messed up and I could not fix it. As they were unmanaged, I thought I would have to hire somebody or pay extra for their support. But once again I submitted a ticket, they asked me to go on live chat, we talked about the problem, and within a half an hour it was fixed. I know the old saying “You get what you pay for.”, but honestly I got more than what I paid for. I wish Microsoft support was this good. LOL. I hope the service continues to be this good in the future. Thanks for listening to me and thank you Ninja Hawk.
A step by step paper how to secure linux server with cPanel/WHM and
Apache installed. By default, linux is not secured enough but you have
to understand there is no such thing as “totally secured server/system”.
The purpose of this paper is to understand how to at least provide some
kind of security to the server.
So, you bought the server with CentOS 5 installed. If you ordered cPanel/WHM together with the server you can skip 2.1 step
2. WHMcPanel installation and configuration
2.1 WHMcPanel Installation
To begin your installation, use the following commands into SSH:
cd /home wget http://layer1.cpanel.net/latest ./latest
cd /home – Opens /home directory
wget http://layer1.cpanel.net/latest – Fetches the latest installation file from the cPanel servers.
./latest – Opens and runs the installation files.
WHMcPanel should be installed now. You should be able to access cPanel via
http://serverip:2082(SSL-2083) or http://serverip/cpanel and WHM via
http://serverip:2086(SSL-2087) or http://serverip/whm. Let’s configure
2.2 WHMcPanel Configuration
Login to WHM using root username/passwd
http://serverip:2086 or http://serverip/whm
WHM – Server setup – Tweak Security:
Enable open_basedir protection
Disable Compilers for all accounts(except root)
Enable Shell Bomb/memory Protection
Enable cPHulk Brute Force Protection
WHM – Account Functions:
Disable cPanel Demo Mode
Disable shell access for all accounts(except root)
WHM – Service Configuration – FTP Configuration:
Disable anonymous FTP access
WHM – MySQL:
Set some MySQL password(Don’t set the same password like for the root access)
-If you didn’t set MySQL password someone will be able to login into the DB with
username “root” without password and delete/edit/download any db on the server.
WHM – Service Configuration – Apache Configuration – PHP and SuExec Configuration
Enable suEXEC – suEXEC = On
When PHP runs as an Apache Module it executes as the user/group of the
webserver which is usually “nobody” or “apache”. suEXEC changes this so
scripts are run as a CGI. Than means scripts are executed as the user
that created them. With suEXEC script permissions can’t be set to
777(read/write/execute at user/group/world level)
3. The server and it’s services – PHP Installation, Optimization & Security
3.1 Keep all services and scripts up to date and make sure that you running the latest secured version.
On CentOS type this into SSH to upgrade/update services on the server.