5. Getting Started with the cPShield-v2 plugin for cPanel/WHM

The cPShield-v2 plugin for cPanel/WHM is divided into 8 sections:

1.Dashboard

On the Dashboard, the different options that can be seen are,

    *  "Server load" you can see the graphical representation of current server load. Also, you can check the server loads of Week, Monthly by pressing the desired button. You can maximize the view of the graph by pressing the arrow.

    * " Summary" have the information of  Current Mail Count, Blacklist/Mail reputation status, Malware Infection. You can maximize to its detailed view by clicking on View more button.


2.Malware Scan

There are four options under the Malware Scan,

    *  "Scan Now" will allow you to do a quick scan of All users or a custom directories and also you can see most recent scan result.  

    *  "Monitoring"  cPanel user accounts, specific ones or custom directories at monitoring intervals that you set.  Set your prefered monitoring interval and choose user or Add custom path. Once you select the option Users, Select the users that you want to monitor by clicking >  or you can choose all users for monitoring by clicking >>. As the same to remove users from monitoring list you can use either < to remove one by one or << to all users. Press the  Save changes to update the settings.
   
    *  "Report" will show the all scan report and Quarantine history along with the scan ID,  from there you can remove the reports by clicking the Delete button.

   *  " Settings"  you can add Directories or file extensions can be exempted from scanning and you can save it by clicking the Update button. And the configuration option allows you to set email alerts for completed scans or when malware is detected. So just need to fill your email address and select Email alert Yes and save the settings by pressing Save Button.


3. RKhunter

There are three basic options under the RKhunter,

   *  "Scan" will allow you to do the scan for Rootkit infections in the server and Scan for possible vulnerabilities in the server. You can start Rootkit Scan by pressing  Rootkit Scan button and you can enable Scan for vulnerabilities by clicking Scan for warnings button.

   *   "Scan Logs", you can see the recent scan log and by clicking Daily Log allow you to see the daily scan log.

   *   "Settings", Type your email address and press Submit to get the alert of scan through email. Press the Update RKhunter to update the RKhunter to the latest version.

Click Add Cron / Remove Cron button to active or remove the daily auto scan.


4.Email


   *  "Mail Queue",  To see the current mail queue stat and full details of Time, Size, From, Header, Body.

   * " Frozen Mails", To see the Frozen mail header and body information click the View button under the desired heading. To remove the frozen mail on by one press clear.
         To clear the entire frozen mail from the queue click the Clear All Frozen Mails button from the bottom.

   *  "Mail Stats", with 18 elaborate statistics along with List of errors help you to view and learn about your mail server health. You can select the 18 options from the rightmost side of the window.
   
    *  "Monitor", select the maximum Queue count by using scroll button. Type the email address which you want to get the email alert of mail queue. Enter the minute which you want to run the cron. Press Enable to save the details.


5.Firewall

    
*  "Rule", click the button to Add New Rule and put the IP address and type the port number selected allow/deny option and finally select the protocol TCP/UDP. Enter the button  Submit Query for adding the rule. You can also delete/Edit the rule.

     *  "Configuration",  Here you can edit the firewall configuration file and by clicking Update & Restart button will save the settings.

     *  "Port", Click the rightmost Edit button to add/modify the Inbound TCP port, Inbound UDP port, OutBound TCP port, OutBound UDP port. Once clicked the Edit button type/clear the port number and press the submit to save.

     *  "Settings", Click the ON button to enable the Advance Firewall Policy(APF)/ Brute Force Detection (BFD)  firewall. Click the Restart APF to restart the firewall.


6.SSH Hardening


     * "Disable Root", For creating a sudo user type the username and password and press the Create Sudo User.  You can disable/enable the root login clicking ON/OFF from under the Permit Root Login.  You can also view/edit/remove the sudo user from the bottom.

     * " Change Port", Type the customized port which you want to use for SSH login and press Change SSH Port button or select the random port and click the Use Random Port button.

     * "Reset SSH", Click the Change To Default SSH Conf button to reset the SSH port to default.

     * "Monitoring", type the email address you want to get the alert of root login and press Enable button.


7.Reputation


      * "IP Reputation", you can see the reputation of your server IP address and you can check the reputation by clicking Check Now button.

      * "Domain Reputation", you check/see the domain reputation that is hosted within the server. You can check reputation by clicking the Check Now button.


8.System


     * " System Info", you can see the Current time, Actual Uptime, Logged in, Load Average of the server.  Set Load  treshold value and type your email address which you want to get 
the alert of server load and press Enable button to start load monitoring.

     * "SSH Access Log", To see the logs of Server SSH access.It will have information about the  User, IP and date.

     * "WHM Access Log", To see the logs of WHM Access. It will have information of IP and date.
/usr/lo cal










  • 4 Users Found This Useful
Was this answer helpful?

Related Articles

Unable to change inotify max_user_watches. Monitoring might not work.

If the server is a virtual server and the virtualizations are OpenVZ, LXC, Docker etc, then you...

2. Features

Dashboard  View current, weekly and monthly server CPU load and split based on each day's...

4. How to install cPShield-v2 in your WHM?

Install Admin-Ahead cPShield-v2 plugin for cPanel/WHM * Login to your remote cPanel server via...

1. About cPShield-v2

Admin-Ahead's cPShield-v2 is the new and enhanced version of cPshield :: All In One Security...

6. What is the Advanced Malware Scan in cPShield-v2 plugin for cPanel/WHM

The Advanced Malware Scan in  cPShield-v2 plugin is broadly divided into 4 categories:Scan Now...