Hi Everyone,
Anyone who is managing a couple of shared hosting servers knows: getting things secure is quiet a hassle. And as much how I like interworx, it is NOT very secure by default. Ofcourse this also counts for other CP software. Changes we are adding to make stuff more secure: patching php with suhosin, tweaked php.ini files, mod_security, suPHP & Maldet.
Our staff is quiet busy with dealing abuse problems on our servers such as:
[LIST=1]
What does lack currently in interworx IMHO:
- suPHP is added but it missing automaticly php.ini creation under the siteworx user. We are doing it this way now: http://forums.interworx.com/showpost.php?p=19102&postcount=8
- Selinux support. Yes we really need it. SElinux has made big steps and it?s very cool. It can stop a LOT of evil things within the Apache domain: root exploits, backdoors etc etc. It will be tricky but EVEN Parallels has managed to get it working with Plesk 11. I see a lot of parties migrating to Plesk 11 only for this reason.
- Limit the outgoing e-mails to limit the damage after a spammer
- On a personal note: I would like to get the mod_dnsbl module in proftpd, so we can whitelist/blacklist countries :-)
Please Interworx make the life of our staffs fun again…also for our customers 
I hope some other tips/tricks will follow and I hope Dan or something will react on this one.