Child pages
  • Initial Setup Assistant - Services
For cPanel & WHM version 74

Skip to end of metadata
Go to start of metadata

 

Step 1:

Agreement

Step 5:

Services

 

 

Services

This section allows you to configure the services that you and your clients use on the server.

Note:

To use the default settings, click Skip this step and use my server's default settings. at the top of the interface.

FTP Configuration

To configure an FTP server, select the FTP server software that you wish to use. You can choose ProFTPD, Pure-FTPD, or Disabled.

Warning:

Make certain that your FTP server supports the MLSD (Machine List Directory) or LIST commands. If the FTP server does not support these commands, the backup system cannot use the FTP server as a remote FTP server.

Note:

Review the information in the Advantages, Disadvantages, and Notes columns of the table for more information about each option.

Configure cPHulk Brute Force Protection

cPHulk Brute Force Protection provides protection from brute force attacks against your web services. To enable and configure this feature, perform the following steps:

  1. Select the Enable Brute Force Protection checkbox.
  2. To allow the chkservd service to monitor and restart the cPHulkd service, select the Allow the chkservd daemon to monitor and restart Brute Force Protection checkbox.
  3. To add your local IP address to the whitelist, select the Add my IP address to the whitelist checkbox.
  4. To receive a notification whenever an IP address that is not on the whitelist performs a successful root login, select the Send a notification for successful root logins when the IP address is not on the whitelist checkbox.
  5. To receive a notification whenever an IP address that is not on the whitelist but comes from a known netblock performs a successful root login, select the Send a notification for successful root logins when the IP address is not on the whitelist but is from a known netblock checkbox.
  6. To receive a notification whenever the system detects a brute force attack, select the Send a notification when the system detects a brute force user checkbox.
  7. To block IP addresses at the firewall level whenever they meet the conditions for brute force protection, select the Block IP addresses at the firewall level if they trigger brute force protection checkbox.
  8. To block IP addresses at the firewall level whenever they meet the conditions for a one-day block, select the Block IP addresses at the firewall level if they trigger a one-day block checkbox.

    Note:

    The options to block IP addresses at the firewall level require iptables 1.4 or higher and a non-Virtuozzo environment.

  9. If you wish to configure additional settings, select the Configure Advanced Settings checkbox. The following settings will appear. Enter the desired value in the text box that corresponds to each option:

    • Brute Force Protection Period (in minutes)  — The number of minutes to lock an account. Enter a value between 1 and 1,440 . This setting's value defaults to 5 .
    • Maximum Failures by Account — The maximum number of failed authentication attempts allowed per account. This value defaults to 15.
    • IP Address-based Brute Force Protection Period (in minutes) — The number of minutes to block the IP addresses of potentially malicious users. This value defaults to 15.
    • Maximum Failures per IP Address — The maximum number of failed authentication attempts that an IP address allows. This value defaults to 5.
    • Command to Run When an IP Address Triggers Brute Force Protection — The full path to a command that the system runs when an IP address triggers brute force protection.
    • Maximum Failures per IP Address before the IP Address is Blocked for One Day — The number of failed authentication attempts before cPHulk blocks an IP address for a one day period. This value defaults to 30.
    • Command to Run When an IP Address Triggers a One-day Block — The full path to a command that the system runs when the system blocks an IP address for a one-day period.

      Note:

      For a full list of the variables that you can use in this command, read our cPHulk Brute Force Protection documentation.

    • Duration to Retain Failed Logins (in minutes) — The number of minutes that the system allows for an attacker to reach the Maximum Failures per IP Address setting. This value defaults to 360.

Install a Common Set of Perl Modules

Select the Provide common modules to the /usr/bin/perl Perl installation checkbox to install a common set of Perl modules to the /usr/bin/ directory.

Note:

Certain scripts and CGI applications may require a Perl installation in the /usr/bin/perl file. cPanel & WHM does not use this file. For more information, read our Guide to Perl documentation.

Save and continue

Click Save and Go to Step 6.

To return to Step 4, click Go Back.

Additional documentation