From a convenient perspective, WDCP panel is indeed one of the good VPS host management panels in China. After all, it makes it much easier for many new VPS hosts to build websites, however, due to various official causes of WDCP panel, the environment has not been updated for many years. However, after each vulnerability, the environment will still be upgraded, but various problems still cannot be solved in a timely manner. However, in terms of user usage, this panel is currently used by a large number of users, especially many novice webmasters (old bird uses a one-click package or their own compiling environment.
However, as a novice user and only installs the WDCP panel by default, it is inevitable or there may be some insecure factors. Therefore, in this article, from the potential security problems, we do some simple protection. It cannot be said that 100% is indeed safe, but at least it can be improved than the default installation. Of course, the following installation steps are also available for reference in other panels and environments.
1. Modify the default panel password
After logging on to the WDCP panel for the first time, we will see the figure above. We must modify the default passwords for the two locations and make the changes more complex. We recommend that you use a mixture of letters, numbers, and symbols for more than 10 characters.
Second, modify the default WDCP panel port 8080
The default WDCP panel port is 8080. Generally, if you manually or software determines whether the panel is installed on our server, it will determine the commonly used Port. If you can see the WDCP logon interface, hackers can at least narrow down the scope of troubleshooting and then destroy panel vulnerabilities. For more information, see modify the WDCP port.
1. Modify the httpd. conf configuration file.
| The code is as follows: |
Copy code |
/Www/wdlinux/wdapache/conf/httpd. conf
|
Modify the httpd. conf file, 8080 on both sides, and then modify.
| The code is as follows: |
Copy code |
Listen 8080.
<VirtualHost *: 8080>
|
Change 8080 in the two locations to the desired port, such as 12890, and save and exit.
2. Modify the firewall
| The code is as follows: |
Copy code |
Iptables-I INPUT-p tcp -- dport 12890-j ACCEPT
|
3. Save iptables rules
| The code is as follows: |
Copy code |
Service iptables save
|
4. Restart the new port
| The code is as follows: |
Copy code |
Service wdapache restart
|
In this way, the new port will take effect.
3. Delete the default root directory file
After successfully installing the WDCP panel, you can directly enter the IP address to view the interface shown in the figure above. This makes it easy to determine which panel is used in our environment, this also has some security issues. We need to delete the files in this directory.
| The code is as follows: |
Copy code |
/Www/web/default/
|
By default, several files in this directory are deleted.
4. Upgrade PHP
The default WDCP panel is the PHP5.2 environment. We 'd better upgrade it to PHP5.5 or above, unless our CMS system requires a certain low PHP version, it is generally necessary to upgrade it to a higher version, this is because the PHP vulnerabilities are in earlier versions. Lao Jiang does not know whether to upgrade the patch for a lower version of PHP, but it is best to upgrade it to a higher version.
Fifth, basic security of the VPS environment
For the security of the VPS host environment, no matter which VPS, server, panel, or environment is used or manually deployed, the user name must be changed for ROOT user permissions, by default, the ROOT user cannot be guessed. Modify the ROOT user port and use a key to log on to the SSH environment. This ensures that the security of the entry is not eliminated.
Sixth, regular/automatic backup of website data
When we use virtual hosts, most of the security services are provided to us by our service providers. Even if the website has problems due to program problems, we can recover data from the host vendors, generally, they regularly back up data to users. If we select a VPS server, we must learn to back up data by ourselves. Once the security problem occurs, it is useless to find the basis of the host, we can regularly manually back up or automatically back up data based on the amount of data updated in our project, as well as the automatic synchronization incremental backup that will be organized and shared by Lao Jiang later (generally, regular automatic backup is enough, synchronous incremental backup can be used for website projects that update big user data ).
In summary, the above six methods do not ensure the security of 100% of WDCP users, but they can be installed in a better environment than the default ones. They are suitable for novice users, it is recommended that if we are still using WDCP or other panel users, we also need to refer to modify and ensure security
