Author Topic: how to secure CentOS server using CWP features  (Read 36639 times)

0 Members and 1 Guest are viewing this topic.

Offline
*****
Re: how to secure CentOS server using CWP features
« Reply #15 on: March 18, 2023, 02:54:23 AM »
#Port 22 <-- Here! Remove the # and change 22 to whatever you want
#AddressFamily any
[/quote]
Don't forget to also change the port in /etc/csf/csf.conf under the TCP_IN line:
Code: [Select]
TCP_IN = "20,21,[i][b]2222[/b][/i],25,53,80,110,143,443,465,587,993,995,2030,2031"(not that I recommend port 2222, as FritzFrog scans for that in addition to 22).

Offline
*
Re: how to secure CentOS server using CWP features
« Reply #16 on: August 17, 2023, 11:11:22 PM »
Anyone having problems with spamming issues from your CWP servers, can anyone advise me on how to fix it
Stephen Dove

Offline
*****
Re: how to secure CentOS server using CWP features
« Reply #17 on: August 18, 2023, 02:37:54 AM »
Make sure you have DKIM/DMARC set up:
https://www.youtube.com/watch?v=DiYoUltNszU
Are your SPF records correct?
SASL authentication required?
Are any of your accounts compromised (with weak passwords)? Check your log files and look for suspicious activity.
Do you have any insecure scripts that use php's mail function?
Are you blocking spammy countries (CN,RU,KP) with the CSF firewall?

Offline
*
Re: how to secure CentOS server using CWP features
« Reply #18 on: August 18, 2023, 07:51:58 AM »
Blocking country in CSF is very bad advice, if you have high traffic sites CSF will totally destroy your server and CPU.

Offline
*****
Re: how to secure CentOS server using CWP features
« Reply #19 on: August 19, 2023, 02:47:03 AM »
It's a measured tactic; you determine which is more important: 1). receiving mail from every potential source and staying fully RFC compliant and enjoying peak performance (minus the added mail processing load of handling spam from RU and CN), or 2). engaging in the realities of modern warfare aka mail server administration -- with firewall blocking and spam filtering, including country IP range blocking.

Offline
*****
Re: how to secure CentOS server using CWP features
« Reply #20 on: August 19, 2023, 04:18:10 AM »
You can also use Cloudflare to help sort out some.
This is always recommended as an additional layer of protection.

Also following the guide at:
https://www.alphagnu.com/topic/43-disable-php-mail-function-in-cwp-%E2%80%93-control-webpanel/
Helps mitigate any malicious scripts.

Managing a server has never been easy.