WrenMaxwell provides a WHM cPanel Server Security Assessment as a service.
Our experienced staff will review your WHM cPanel configuration and provide recommendations to enhance the security of your server.
Server Security Assessment
Your written server security report will be ready within 72 hours of confirmation of order.
Order Now!Your written server security report will be ready within 72 hours of confirmation of order.
Our 150 point security check
| Service Check | Description |
|---|---|
Firewall Review |
Any existing firewall – hardware or software based – that is linked with the server will be inspected to confirm settings for open ports against the ports required for the services provided by the server. |
Rootkit Hunter |
Rootkit Hunter provides a method of checking if the server has been compromised. If Root Kit Hunter is installed a scan will be run and the output log reviewed. WrenMaxwell recommend the installation of Rootkit Hunter on all CPanel/WHM servers. |
Chkrootkit |
Chkrootkit is another tool for testing for Rootkits and if installed will also be run to produce a log for review. |
Operating System |
We will review the actual operating system version for current release information and advise on appropriate upgrade path. |
WHM / CPanel |
The WHM / CPanel software sits on top of the operating system and we check it’s version and update process. If automatic updates are configured, new features are often added with a default setting that may be inappropriate. We review and advise on all the WHM / CPanel server settings. |
Name server configuration |
WHM/CPanel by default uses Bind for Domain Name Services. We will review and advise on the appropriate name server settings for your server. |
Password Strength |
Weak passwords provide hackers an easy method to access a server. We review the password policy settings on your server and advise on how to improve password use for your accounts. |
SSL / HTTPS |
SSL certificates provide the security for web and email processing. Often certificates can be incorrectly configured, may be out of date, and not provide the end user experience that they are designed for. We check and report on all SSL configurations. |
FTP |
The FTP service on a CPanel server is a common access point and is frequently not required. We review FTP access and advise on security measures to minimise risk with the FTP service. |
SSH Secure Shell |
Secure Shell access to the server may be enabled but providing inappropriate access. We review the use of SSH and advise on security options. |
PHP |
The use of PHP as a web site programming language is frequent and most commonly with WordPress and similar CMS systems. We review the PHP configuration for performance and permissions for the WHM server and the CPanel accounts. |
MySQL |
The most commonly used database for WHM / CPanel is MySQL. We review the common security and performance settings. |
Email |
Email and Anti-spam measures can be confusing. Anti-spam setting defaults are not necessarily appropriate. SPF and DKIM records may be non-existent or incorrectly configured. We review all aspects of email processing on your server. |
Server Security |
WHM / CPanel includes a number of security options like ModSecurity, Brute Force Protection, and other security measures. We review the settings and provide recommended changes. |
Anti-virus |
ClamAV is the anti-virus software included with WHM / CPanel and we review its configuration and operation for effective AV measures. |
Configuration Settings |
Over 150 configuration settings are checked in a WHM / cPanel server and reported where they are secure or at risk. |
Server Security Assessment
Your written server security report will be ready within 72 hours of confirmation of order.
Order Now!Your written server security report will be ready within 72 hours of confirmation of order.
Key Points
WrenMaxwell does not modify anything on your server, the purpose of our access to your server is to report on what we find and recommend actions to take.
This service applies to a WHM/CPanel server not a shared CPanel site. We need to access the server as a whole not just a shared area in order to assess the security issues.
What is a Server Security Assessment?
Read the overview of WrenMaxwell Server Security Assessment process.
Security Assessment OverviewRead the overview of WrenMaxwell Server Security Assessment process.
