Advanced VPS Monitoring: Recommendations Beyond cPFence?

wcors

cPFence Adding suspected users to the Owl blacklist is always recommended to allow automated blocking actions on long sql queries and processes.

That is useful.

wcors

cPFence Adding suspected users to the Owl blacklist is always recommended

The exact CLI command?

cPFence

wcors

No commands for this, Please check the knowledge base for more information.

Zoinkies

cPFence The only thing putting me off cpfence is the lack of UI. If there was a UI I would migrate immediately.

wcors

cPFence I checked the link, and it is helpful.
In future updates, I would prefer if @cPFence could implement an automation feature that would automatically blacklist users. This change would be very beneficial for many users.

ivansalloum

Zoinkies The only reason makes me choose cPFence is the lack of UI.

cPFence

Zoinkies

I understand the need for a UI for some users. Our CLI is user-friendly, designed to offer advanced control while keeping things simple. Give it a try, and I’m sure you’ll love it.

A UI will be available locally (optional) within your Enhance control panel as soon as the Enhance team completes the required framework. However, we don’t have plans to provide a centralized control panel for all servers remotely, as GDPR compliance is a priority for many of our key clients.

twest

Zoinkies what happened to your thread about the security vuln? I don't see it anymore, did you or enhance delete it? Wondering what the conclusion to that was.

adil

twest

false positive, just some of his customers running some commands, which have sent some alerts from his security plugin, so it wasn't really a vuln. this what I just remembered 😃

cPFence

twest what happened to your thread about the security vuln? I don't see it anymore, did you or enhance delete it? Wondering what the conclusion to that was.

It was a false positive from cPGuard, and no rootkit was installed. Zoinkies asked Adam to delete the thread. The issue is that many people won't see the update on what happened and might assume it's a vulnerability in Enhance!. I wish the thread hadn't been deleted.

bluelinq-computers

wcors Lynis Enterprise + Ansible https://cisofy.com/lynis/

twest

Thanks for the update guys!

Yeah deletion doesn't sound like the right move, it gave me some instant anxiety not seeing it there anymore lol

Zoinkies

twest Hey, sorry. Yea I asked Adam to delete it. Hindsight, maybe better to keep it around. But yes, was a false positive in the Rootkit detection. Basically one of our customers was using SSH and WP CLI, which appeared to the detection as a rootkit, which it wasn’t. Because WP CLI runs differently, it was detected.

No worries to have, has been confirmed by a few people as a false positive, and has been whitelisted on the rootkit database now.

wcors

@cPFence Overall, it has performed exceptionally well. (Both) The CPU usage on our three servers has been reduced from an average load of 2.60 to just 0.9, and there have been no reported issues from users regularly using the applications. The teams from both Enhance and CPFence have been incredibly helpful. As I am new to the Linux OS, I often ask unconventional questions, but the team consistently provides positive feedback and assistance, helping me understand how to further improve the system. I have also moved 15 more domains from ISPConfig3 to Enhance.

cPFence

wcors Overall, it has performed exceptionally well. (Both) The CPU usage on our three servers has been reduced from an average load of 2.60 to just 0.9, and there have been no reported issues from users regularly using the applications. The teams from both Enhance and CPFence have been incredibly helpful. As I am new to the Linux OS, I often ask unconventional questions, but the team consistently provides positive feedback and assistance, helping me understand how to further improve the system. I have also moved 15 more domains from ISPConfig3 to Enhance.

Thank you for your feedback. I’m glad to hear that cPFence has been useful for your business. Regarding the automatic Owl blacklist feature, we did have this feature before, but we had to temporarily disable it due to issues experienced by some clients. For now, you’ll need to manually blacklist problematic users, but once they’re added, it’s a set-it-and-forget-it process.