Interworx security discussion

Hi Everyone,

Anyone who is managing a couple of shared hosting servers knows: getting things secure is quiet a hassle. And as much how I like interworx, it is NOT very secure by default. Ofcourse this also counts for other CP software. Changes we are adding to make stuff more secure: patching php with suhosin, tweaked php.ini files, mod_security, suPHP & Maldet.

Our staff is quiet busy with dealing abuse problems on our servers such as:


  • server abused by some spammer guy
  • sites defaced/exploited of what so ever [/LIST] We all know security and information leaks getting more and more serious. The same hosting setups from a couple of years ago are not sufficient anymore.

    What does lack currently in interworx IMHO:

    • suPHP is added but it missing automaticly php.ini creation under the siteworx user. We are doing it this way now:
    • Selinux support. Yes we really need it. SElinux has made big steps and it?s very cool. It can stop a LOT of evil things within the Apache domain: root exploits, backdoors etc etc. It will be tricky but EVEN Parallels has managed to get it working with Plesk 11. I see a lot of parties migrating to Plesk 11 only for this reason.
    • Limit the outgoing e-mails to limit the damage after a spammer
    • On a personal note: I would like to get the mod_dnsbl module in proftpd, so we can whitelist/blacklist countries :-)

    Please Interworx make the life of our staffs fun again…also for our customers :smiley: I hope some other tips/tricks will follow and I hope Dan or something will react on this one.