In order to continue to improve the services I offer, and provide additional layer of security to your sites, I'm testing Imunify360 on CP2
This provides several additional layers of security:
If this goes well over the next 30 days, I will be rolling...
I've kicked off the updates for all my managed customers who are using centminmod to upgrade nginx to 1.17.3
I've applied the patched kernel to cp2.mattwservices.uk , and rebooted it just now.
Dirty COW (CVE-2016-5195)
Apologies for any downtime (less than 5 minutes), but this needed to be done.
cpanel.mattwservices.uk will be done later today or tomorrow.
As per the thread, last night thanks to the heads up from eva2000 , I've already applied the patch to the policy.xml files for all servers that I manage for people where you have ImageMagick installed.
Critical glibc Vulnerability Puts All Linux Machines at Risk
Where automatic updated aren't applied, I'm manually running a yum update to get the latest patched versions. Once this is done, I need to reboot the servers / VPS to bring the new versions in, as this is used by a LOT of services.
If you are running Wordpress, it's highly recommended you upgrade ASAP as the new release addresses 2 security issues
Full details can be found here
WordPress 4.4.2 Security Release - Why you need to update immediately - Wordfence
With the update to cPanel 54, all servers now support Two-Factor Authentication. This feature has been enabled, and you can set it up inside cPanel, under the Security section of your account.
I would highly recommend people enable this where possible, to add an additional layer of security...
LiteSpeed Web Server 4.2.24 and 5.0.2 have just been released!
Both versions have updated OpenSSL to address CVE-2015-1793. All LSWS users are recommended to upgrade ASAP.
New release also improved mod_security engin to work better with OWASP core rule set and improved compatibility with Plesk...
I've had to enable a few extra option on the mail server this morning, after being on the receiving end of the brute force DDOS attack against a sites mail accounts
You will need to ensure you are connecting to the server to receive your mails via the secure methods
Secure SSL/TLS Settings...