How to: Secure your cPanel / WHM server

1) Use secure passwords!

Insecure passwords are the most common security vulnerability for most servers. If an account password is insecure and is compromised, client sites can be defaced, infected, or used to spread viruses. Having secure passwords is paramount to having a secure server.

You can edit /etc/login.defs to configure many password options on your system. It is well documented.
Generally, a password utilizing at least 8 characters including alphanumeric and grammatical symbols is sufficient.

Never use passwords based upon dictionary words or significant dates. If you are uncertain about the security of a password, then you can test it using JTR cracker. If a password can be broken in a few hours, then it is probably too insecure and should not be used. You can also install tools like pam_passwdqc to check the strength of passwords.

Directadmin: Basic System Security

Note that it's ultimately the responsibility of the server admin to ensure his system is secure.  These are some basic security tips that can be done to help protect your system.  This is not an end-all guide for server security, admins must be diligent, but rather some suggestions for a start to securing your server.

Iptables Basic Guide

Where are the main iptables files stored?

/etc/init.d/iptables is the INIT script which is used to start, stop the service and/or to save the rulesets.

/etc/sysconfig/iptables this is the file that holds the saved rulesets.

/sbin/iptables and this is the iptables binary.

Before you actually start configuring the rules, let's take a look at the current configuration:

# iptables -L