Security and Other Stuff

Hallo

I just started my trial for interworx and so far i love the interface as well as the default landing page for a domain those gears are cool

The question is bout security , i have been using cPanel for well as long as i can remember and cpanel supports CSF which i am quite familiar with, so since interworx uses APF , how secure is it ? from hackings that is ? I have had quite a terrible lot of people getting hacked (mostly it ws wordpress and outdated scripts) but once it was quite heavy where the attacker gained the database information from the wp-config files .

Is they a guide to setting up the firewall rules like CSF or its all trial and test like the rest ?

Alles Gute

Hi nuffsaid

Welcome to IW forum and glad your liking IW.

Please have a look on the forum for BFD, which helps greatly with firewall, and is easy to install/setup.

We use it to protect our clients WP logins and works lovely.

To be honest though, if you WP are outdated, no protection is going to help I don’t think.

Many thanks

John

Thanks for your response …
Tell me, since i am quite familiar with CSF , if i disable the built in firewall and install CSF will that cause any complications ?

I can set up the user interface for easier access plus it does come with a few tips for php hardening …

Is that a good idea ?

Hi nuffsaid

I would think you might break or weaken IW to be honest.

I know other users have asked similar question, but as far as I know, no one has completed the change.

However, that said, with BFD installed, it is extremely good and there’s no reason to change.

Lastly, please remember there is IW ver 5.1 due out, which were all waiting for.

Many thanks

John

[QUOTE=nuffsaid;27410]Thanks for your response …
Tell me, since i am quite familiar with CSF , if i disable the built in firewall and install CSF will that cause any complications ?

I can set up the user interface for easier access plus it does come with a few tips for php hardening …

Is that a good idea ?[/QUOTE]

Not recommended one bit, and I’ve asked them about making CSF for cPanel but they refuse saying they are used to cPanel and will only support that.

All you need is:

  1. BFD as stated by John: https://licensecart.com/billing/plugin/support_manager/knowledgebase/view/85/install-brute-force-dectection/7/
  2. Secure your Wordpress with the latest versions or better still migrate to another CMS.
  3. Change your SSH port and disable password and use passphrases to log into SSH: https://licensecart.com/billing/plugin/support_manager/knowledgebase/view/121/how-can-i-set-up-a-ssh-key/17/
  4. You could install Maldetct to help detect malware: https://licensecart.com/billing/plugin/support_manager/knowledgebase/view/92/install-maldetect/7/

InterWorx uses Chroot so you can ensure that users can’t bypass out of that account if they are hacked. And InterWorx keeps security to the maximum: http://files.rack911labs.com/whitepapers/RACK911_Labs_-_Year_In_Review-2013.pdf