Enable WHM login Alerts
You can enable this option in CSF firewall configuration./etc/csf/csf.conf
WHM >> Plugins >> ConfigServer Security&Firewall > csf – ConfigServer Firewall”.
Just click the “Firewall Configuration”
# Send an email alert if anyone accesses WHM via root. An IP address will be
# reported again 1 hour after the last tracked access (or if lfd is restarted)
LF_CPANEL_ALERT = “1”
Enable SSH login Alerts
Login to your server as root usercd /root
vi .bashrc
Scroll to the end of the file then add the following:
echo ‘ALERT – Root Shell Access (ServerName) on:’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d'(‘ -f2 | cut -d’)’ -f1`” your@yourdomain.com
Replace YourServerName with the handle for your actual server
Replace you@yourdomain.com with your actual email address
No comments:
Post a Comment