Hello,
Your ServerSecurePLUS setup is complete for host.boostmediagroup.com. Some configuration changes were made during the procedure which may affect how you connect to the server.
* The FTP server configuration will now require encryption to issue commands. If TLS for FTP is not enabled in your client, you will need to enable it at this point for connections to occur. The configuration was also modified to prevent the root user from accessing ftp at all.
* SSH settings have been modified in several ways to enhance the security of your server. The first change is that root user logins are disabled. This means you will need to log in as 'sshuser' and use the 'su' command to become the root user. The password for this user has been placed in "One-time Secret #2" in your Manage account. The ssh port has also been changed from 22 to 522, which may need to be updated in your ssh client configuration. The port change to 522 as well as the root login restrictions will affect sftp as well as ssh.
* The Nessus vulnerability scans we perform will be sent monthly to the contact email address that we have on file for your account. Please let us know if you would like this changed.
* We have also installed new ModSecurity rules. Few problems generally occur with these rules, however, if you notice you are denied access to pages that worked fine before, be sure to let us know, as we can disable rules for certain sections of your site, if necessary.
* Some configuration changes were made to php through the php.ini file, including some changes that disabled certain functions that are often used to propagate malware. We also ensured that php error reporting is not passed to the user.
* The ConfigServer eXploit Scanner is available to you through WHM. You can find a rundown of what features are available to you here:
http://configserver.com/cp/cxs.htmlIf you have any questions, please let us know!The following will be the most noticeable changes:
* Disable root SSH access and set up alternative SSH user
* Change SSH port from 22 to 522
* Upgrade Apache and PHP if needed
* Set SSL Cipher Suites, and harden Apache configuration by disabling Track/Trace, ServerSignature, ServerTokens, FileETag
* Upgrade ModSecurity rules
* Install Configserver Exploit Scanner (CXS)
* Disable commonly exploited PHP functions (show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set), and turn off display_errors, expose_php and enable_dl in the php.ini
* Turn on encryption for FTP, disable root user login
* Enable password strength check in WHM and set to required strength of 75
* Set cPanel/WHM login pages to use SSL only
* Enable mod_userdir protection (disables the /~username "site preview")
* For the Nessus scan, by default the scan results are sent to
[email protected], please let us know if you would like this changed