Secure websites on Interworx Control Panel
What is Interworx Control Panel?
InterWorx is web hosting control panel software for web hosting. The application is divided into two interfaces: NodeWorx, which can be utilized by a server administrator to manage a server, and SiteWorx can be utilized by a website owner to manage a particular website. The NodeWorx interface also contains functionality for web hosting resellers to manage multiple SiteWorx accounts without allowing the ability to manage server daemons and configurations.
How to secure your InterWorx server using cPGuard
As a web security suite, cPGuard can protect your InterWorx server using its modules that operate in various layers. The installation and configuration are simple and driven through cPGuard Standalone configuration options.
To install cPGuard on your InterWorx server, use the following command
cd /usr/local/src && rm -f cpguard_install.sh && curl -o cpguard_install.sh -L https://downloads.opsshield.com/cpguard/cpguard_install.sh && bash cpguard_install.sh LICENCE-KEY
- LICENCE-KEY – This is the license key that you have purchased and wish to apply to your server. This is mandatory to complete installation and bind your server to the App Portal
After running the above command, the installer script will run and install dependency packages for your Operating System. Once the dependency packages are installed successfully, you need to proceed with the Standalone configuration for the InterWorx server.
The Standalone configuration has 2 main sections..the Web Server Configuration and WAF Configuration. You need to configure this based on the web server/ WAF server you have on your server. You will get automated recommendations for your Web Server Configuration, Domain List, User List, and Suspend Script. For WAF configuration you need to insert the value based on the Web Server installed. Given below is the sample installation steps for Apache Web Server.
1. Web Server Configuration with Apache
You can choose the default recommended values for each configuration parameter as shown in the image
2. WAF Configuration for Apache
Please note that cPGuard WAF is built on top of the ModSecurity module. But Interworx by default does not support or enable the ModSecurity module in Apache and they officially do not use it. So we install the ModSecurity Apache module during the cPGuard setup to enable the WAF module. Please refer following for the WAF configuration values
waf_server = apache waf_server_conf = /etc/httpd/modsecurity.d/cpguard.conf waf_server_restart = /usr/sbin/service httpd restart waf_audit_log = /var/log/httpd/modsec_audit.log
3. User list and user suspend script
For user list and suspend hook, you may choose the default recommended values and they will work fine as ecxpected.
Once the installation is completed successfully, you will be able to manage your server from the cPGuard App Portal