• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Security Hardening - Plesk 11.5 on CentOS 6

B

Bluedog

New Pleskian
Hi,

I just started with CentOS and Plesk and I am trying to setup everything to be secure as much as possible :) And I would like to ask you if you can share some tips and tricks with me.
Because I am not sure if firewall at Plesk is secure enough or do I have to install fail2ban and IPtables etc.

Thanks a lot for any tips.
 
Hello,

I will suggest you install following plugin on your server in the security purpose

Install CSF/APF firewall
Install LMD (Linux Malware Detect )
And mod_security
 
Check out Atomic Secured Linux, a security suite designed for Plesk environments (we are the founders of Plesk!). https://www.atomicorp.com/products/asl.html

We also have a number of security application available in the Atomic repo, including the openvas vulnerability scanner. I highly recommend it for verifying your security controls.
 
InderS said:
Hello,

I will suggest you install following plugin on your server in the security purpose

Install CSF/APF firewall
Install LMD (Linux Malware Detect )
And mod_security
Click to expand...

Thanks for the tips! I just need to setup CSF correctly ;)
 
Yes, Install CSF and configured it correctly on your server

With the LMD you can scan your users website through command prompt, Maldet is a good scanner for the shell scripts scanning and through mod_sec you can prevent lot of web attack and sql injection
 
You must log in or register to reply here.

Similar threads

Jürgen_T
Question Safe to enable postgrey with free Plesk Email Security (Amavis + SpamAssassin + ClamAV)?
Replies
1
Views
213
ChristophRo
ChristophRo
A
Question secure mail.[domainname].xx with SSL
Replies
0
Views
845
Albertje
A
A
Question Spam detection on outgoing mails with Plesk Email Security
Replies
2
Views
647
Kaspar
K
O
Resolved Update Plesk 18.0.68 on CentOS7 result in no website reachable and email not working anymore
Replies
3
Views
551
Onkeltom01
O
A
Question Plesk firewall - CrowdSec iptables interaction
Replies
3
Views
396
andg
A
Back
Top