Wordpress Login LockDown
Limits the number of login attempts from a given IP range within a certain time period.
Description
Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.
Installation
1. Extract the zip file into your plugins directory into its own folder.
2. Activate the plugin in the Plugin options.
3. Customize the settings from the Options panel, if desired.
Reference:
http://wordpress.org/extend/plugins/login-lockdown/
Tags: LockDown, login, Wordpress
Chkrootkit outputs hidden processes and LKM warnings.
The LKM appear whenever “hidden” processes are found. They’re usually processes that have started between the different checks that chkrootkit runs while processing. Usually, they’re named mysql httpd or exim processes. You can get more information about which processes are being caught using:
cd /root/chkrootkit-0.*
./chkrootkit -x lkm
When you run it you will probably find that it returns anything from none to several process
Tags: chkrootkit, hidden, LKM, processes, warning
Deleting Stats logs daily in cPanel
Deleting Stats logs is something that is enabled on most servers but one does encounter servers with a full domlogs directory. To delete those logs you can follow these steps.
First step is to check how large are the apache domain logs, you can check those on a cPanel server by running “du -hs /usr/local/apache/domlogs”. If the size of those logs is large, then you may want as much free space as possible. Login to WHM and click Tweak Settings. Within that menu click “Delete each domain’s access logs after stats run” which will enable this and click ‘Save’. Now at the end of the stats run every night it will wipe out the directory so you should not have the logs grow very large, unless of course your server is very busy.
Tags: cpanel, deleting, logs, stats
Apache cPanel SSL Cert Installation
Installing your cPanel SSL Certificate
The following instructions are for cPanel 11. If you have a different version of cPanel, you will go through a similar process but you may need to ask your web host for specific instructions.
1.Download your Intermediate and Primary Certificate files from your certificate provider to the directory where you will keep your certificate and key files.
2.Login to your cPanel control panel.
3.Find and click on SSL/TLS Manager.
4.Click on Generate, view, upload, or delete SSL certificates.
5.Under the Upload a New Certificate section, click on the Browse button and find your Primary Certificate (yourdomain.crt) that you downloaded in the first step.
Tags: Apache, Cert, cpanel, Installation, ssl
Using the Password Generator
cPanel provides a helpful tool for generating secure passwords that are difficult for malicious users to guess. You can use the Password Generator anywhere the button is available.
When the Password Generator button is clicked, the new password will appear in the text box within the pop-up window. If the password in the text box is not suitable, you can click Generate Password as many times as you like, until you are satisfied with the password.
To dictate the contents of the new password:
Click Advanced Options.
Click the checkboxes to include or leave out uppercase letters, lowercase letters, numbers, or symbols. You can specify the length of the password in the Length text box.
Click the checkbox at the bottom of the pop-up window if you have copied the password in a safe place.
Click Use Password to use the password you have just generated.
Tags: Generator, password
