Latest Article

Casbay News

Promotions

Casbay Events

Tips Sharing

aaa

Stay tuned with us

Linux VPS Server security

Top 5 Recommended Plesk Security extension for your Linux VPS Server

Plesk is a web hosting control panel used to control the user’s VPS (Virtual Private Server). Plesk is one of the most known control panels for VPS along with cPanel and is also used by Casbay’s Linux VPS Hosting.

Plesk is known for its security and provides a number of security extensions for users to pick. The following will be a list of security extensions recommended to users.

1. Imunify360

Imunify360 is a complete multi-layered web server security platform created by CloudLinux to safeguard Linux web servers from most kinds of attacks including brute-force attacks, denial of service (DoS), vulnerability exploitation, port scanning, and others. The following are the features that were provided by the multi-layered web server security platform.

  • Advanced web application firewall (WAF) with machine learning rulesets.
  • Intrusion Detection System and Prevention System (IDS/IPS).
  • Auto-scan and removal of viruses and malware.
  • Malicious PHP script detection and blocking.
  • Rebootless kernel patch updating.
  • Web host panel integration.

The WAF by Imunify also relies on ModSecurity and will be automatically installed on certain versions of Imunify360. Users will need to manually disable ModSecurity vendors depending on the web-based panel. Aside from that, Imunify360 is user-friendly and is able to keep the server safe without much effort. This extension is supported on Plesk version 17.0 and above and can be installed in the following systems:

  • CentOS 6/7/8
  • CloudLinux OS 6/7/8
  • Ubuntu 16/18/20
  • RHEL 6/7/8
  • AlmaLinux 8

For more information, check out Introduction | Documentation (imunify360.com).

2. BitNinja

BitNinja is a general-purpose security-as-a-service server defense tool by BitNinja Kft that specializes in server security and gives real-time protection against a wide range of threats without much configuration needed. Similar to Imunify 360, it can safeguard against a wide range of attacks. The feature provided by this is extensions are as followed:

  • Advanced firewall/WAF, mod security, and self-written rules.
  • Intrusion Detection System and Prevention System (IDS/IPS).
  • Automated real-time virus and malware scanning and removal.
  • Malicious PHP script detection and blocking.
  • Identification and automatic mitigation of malicious attack sources.
  • Unified security console for hosting companies.
  • Optional security console for website owners.

BitNinja utilizes the same WAF model as Cloudflare and Incapsula and uses the WAF engine by ModSecurity. A disadvantage of BitNinja is that they couldn’t update and finetune their WAF ruleset constantly. This extension is supported on Plesk version 17.0 and above and can be installed in the following systems:

  • CentOS 7 and above
  • CloudLinux OS 7 and above
  • Ubuntu 15 and above
  • Debian 8 and above

For more information, check out BitNinja Documentation — BitNinja 2.28.15 documentation.

3. ModSecurity

ModSecurity is a well-known web application firewall (WAF) created by Atomicorp. This extension works by checking incoming HTTP requests, and it will either block or allow the HTTP request to the website depending on the ruleset applied. ModSecurity extensions on Plesk offer free and paid versions where it is already integrated into Plesk by default and users can pay for extensive rulesets. This could provide more customizable rulesets requested but it would also require the user to have more knowledge regarding it. Both Plesk Linux and Plesk Windows support the ModSecurity extension.

For more information, check out ModSecurity Rules & WAF Solutions – Atomicorp.

4. Warden Anti-spam and Virus Protection

Warden Anti-spam and Virus Protection is one of the most reliable antivirus and anti-spam tools developed by Danami. The reason why to use this application is to prevent phishing, where hackers find ways to persuade people to click into unsafe links which are mainly done through emails or chats. This extension is powered by multiple third-party software such as Amavis, SpamAssassin, and ClamAV packages from EPEL or Debian/Ubuntu Repositories to provide the following features.

  • Inbound and outbound scanning
  • Database logging
  • Custom rule builder
  • Spam and virus quarantine
  • Real-time spam learning
  • Rich reporting
  • Multi-access role

These extensions support Plesk Obsidian 18.x and Plesk Onyx 17.8.11. The supported operating system is as follows:

  • AlmaLinux 8
  • CentOS 7/8
  • CloudLinux 7/8
  • Debian 9/10
  • RedHatEnterprise 7/8
  • Ubuntu 18.04/20.04

The supported VPS for this extension are Virtuozzo, OpenVZ, KVM, Xen, Vmware, and HyperV.

For more information, check out Basics | Warden Anti-spam and Virus Protection Documentation (danami.com).

5. SSH Keys Manager

SSH Keys Manager is an extension developed by Plesk to manage SSH keys from the Plesk user interface. This extension allows users to manage their SSH keys. To enable SSH access:

  1. Open a subscription
  2. Enter WebHosting Access -> Access to the server over SSH
  3. Select /bin/sh and click OK.

The reason for using this extension is because Linux users will connect to servers using SSH (Secure Shell) keys, where they are the access certificates used in the SSH protocol. It’s widely known and used for its secure connection, encrypted file transfer, and strong authorization. Overall, it is much more convenient and more secure at the same time compared to traditional passwords.

These are the security extensions that are recommended to use in Plesk. Please do note that the index of the extension in this article does not justify the ranking of the extensions.