Page tree
Skip to end of metadata
Go to start of metadata

This document is for a previous release of cPanel & WHM. To view our latest documentation, visit our Home page.

For cPanel & WHM 11.48

 

Step 1:

Agreement

Step 5:

Services

 

 

Services

This section allows you to configure the services that you and your clients use on the server.

Note:

To use the default settings, click Skip This Step and Use Default Settings at the top of the interface.

FTP Configuration

To configure an FTP server, select the FTP server software that you wish to use. You can choose ProFTPD, Pure-FTPD, or Disabled.

Note:

Review the information in the Advantages, Disadvantages, and Notes columns of the table for more information about each option.

Mail Configuration

To configure a mail server, perform the following steps:

  1. Select the mail server that you wish to use. You can choose Courier, Dovecot, or Disabled.

    Note:

    For more information about each option, view the Features and Notes columns of the table.

  2. If you wish to preserve settings for each mailbox as you migrate to the new mail server, select the Convert Mailbox Format checkbox. Deselect this checkbox to increase the speed of the migration.

    Warning:

    If you deselect this checkbox, you may lose your email settings.

Configure cPHulk Brute Force Protection

cPHulk provides protection from brute force attacks against your web services. To enable and configure cPHulk, perform the following steps:

  1. Select the Enable cPHulk checkbox.
  2. To receive a notification whenever an IP address that is not on the whitelist performs a successful root login, select the Send a notification upon successful root login when the IP address is not on the whitelist checkbox.
  3. To receive a notification whenever cPHulk detects a brute force attack, select the Send a notification when the system detects a brute force user checkbox.
  4. To block IP addresses at the firewall level whenever they meet the conditions for brute force protection, select the Block IP addresses at the firewall level if they trigger brute force protection checkbox.
  5. To block IP addresses at the firewall level whenever they meet the conditions for a one-day block, select the Block IP addresses at the firewall level if they trigger a one-day block checkbox.

    Note:

    The options to block IP addresses at the firewall level require iptables 1.4 or higher and a non-Virtuozzo environment.

  6. If you wish to configure additional cPHulk settings, select the Configure Advanced Settings checkbox.

     Click here to view cPHulk's Advanced Settings...

    The following Advanced Settings will appear. Enter the desired value in the text box that corresponds to each option:

    • Brute Force Protection Period (in minutes)  — The number of minutes to lock an account. The default value is 5 .
    • Maximum Failures by Account — The maximum number of failed authentication attempts allowed per account. The default value is 15.
    • IP Address-based Brute Force Protection Period (in minutes) — The number of minutes to block the IP addresses of potentially malicious users. The default value is 15.
    • Maximum Failures per IP Address — The maximum number of failed authentication attempts that an IP address allows. The default value is 5.
    • Command to Run When an IP Address Triggers Brute Force Protection — The full path to a command that the system runs when an IP address triggers brute force protection.
    • Maximum Failures per IP Address before the IP Address is Blocked for One Day — The number of failed authentication attempts before cPHulk blocks an IP address for a one day period. The default value is 30.
    • Command to Run When an IP Address Triggers a One-day Block — The full path to a command that the system runs when the system blocks an IP address for a one-day period.

      Note:

      For a full list of the variables that you can use in this command, read our cPHulk Brute Force Protection documentation. 

    • Duration for Retaining Failed Logins (in minutes) — The number of minutes that the system allows for an attacker to reach the Maximum Failures per IP Address setting. The default value is 360.

Install a Common Set of Perl Modules

Select the Provide modules to /usr/bin/perl formerly provided by checkperlmodules checkbox to install a common set of Perl modules to the /usr/bin/ directory.

Note:

Certain scripts and CGI applications may require a Perl installation in the /usr/bin/perl file. cPanel & WHM does not use this file. For more information, read our Prepare Perl Scripts for cPanel & WHM's Internal Perl documentation.

Save and continue

Click Save & Go to Step 6.

To return to Step 4, click Go Back.