Select Page

cPanel Security


10 ways how server security services can protect your servers

10 ways how server security services can protect your servers

Everyday, around 30,000 websites are getting hacked (source Sophos Lab). You wouldn’t want your business to be one among them. With new malware and threats emerging on a daily basis, one should always be on a constant alert.

By hiring an expert server security services, you can prevent a security attack before it strikes your servers. Bobcares helps server owners protect their servers from all sorts of exploits.

(more…)

Disable RC4 ciphers in cPanel/WHM servers – Why and How to do it?

Secure transmission of data requires encrypting the data in many ways. Ciphers are the tools used for data encryption. RC4 is one such cipher.

RC4 generates a stream of pseudo-random bits. These bits are combined with plain text using ‘bit-wise exclusive-or’ pattern to produce the encrypted message, which is transmitted in TLS connections. (more…)

cPanel Log Rotation – Effective solution to log file growth

cPanel Log Rotation – Effective solution to log file growth

A log file can grow without bounds if it is not managed well. Larger log files are relatively harder to manipulate and also increase in the size of log file can result in file systems to run out of space. Opening, closing and manipulating data for very large file size consumes system resources and will therefore slow down the server.

An efficient solution to this problem is log rotation. It allows automatic rotation, compression, removal and mailing of log files. Log files can be rotated daily, weekly, monthly or when it grows too large. (more…)

Fix for DoS vulnerability in BIND DNS service

Fix for DoS vulnerability in BIND DNS service

On 28th July Internet Systems Consortium announced a critical vulnerability (CVE-2015-5477) in all BIND DNS server versions from 9.1.0 to 9.9.7-P1 and 9.10.2-P2. It allows a remote attacker to exploit an error in handling TKEY queries to launch a Denial of Service (DoS) attack which will cause the BIND DNS server to crash. If your cPanel/WHM, Odin Plesk or DirectAdmin servers are not patched, you should consider them vulnerable. (more…)

xmlrpc.php causing high load in server – How to recover and prevent this issue in cPanel, Plesk and DirectAdmin Apache servers

xmlrpc.php causing high load in server – How to recover and prevent this issue in cPanel, Plesk and DirectAdmin Apache servers

In cPanel, Plesk and DirectAdmin servers that have WordPress websites, high server load is sometimes reported with “xmlrpc.php” showing up as the top CPU hog. xmlrpc.php is a file in WordPress websites used for remote publishing and ping-back tracking. Botnets target this file to initiate brute force attacks to gain control of the targeted website. This causes high load in the server. (more…)

Security fix for libuser root privilege vulnerability

Security fix for libuser root privilege vulnerability

Qualys reported on 23rd July an important root privilege escalation vulnerability (CVE-2015-3246), and DoS attack vulnerability (CVE-2015-3245) for Linux servers using RedHat’s libuser package. Here’s how you can protect your cPanel, Plesk and DirectAdmin servers running CentOS or RedHat operating systems. (more…)

OpenSSL update for PCI Compliance on cPanel

Of the various support requests I have received recently, a few have been from customers wanting to upgrade OpenSSL on a cPanel server. The reason being the latest PCI compliance tests are reporting a vulnerability in the version of OpenSSL installed on their server. Well, depending on your setup, this may be a false positive.

(more…)