You should take care of the following settings once you have successfully installed cPguard
1. Go to cPGuard >> Settings >> General :- Please make sure that the cPGuard service is running fine; else start the service [ it will take a while to complete establishing the watch; the time will be depending on how big your file system is ]. Turn ON/OFF Scanner, Brute-force protection, Auto clean infected files, RBL checking and WAF. Also you can Turn ON/OFF the WAF rules; recommended to turn it ON [ You should disable all other ModSec rules set like OWASP, Comodo, etc before enabling cPGuard WAF ] . Also choose log rotation period.
2. Go to cPGuard >> Settings >> Scanner :- Choose your action preferences for Virus files [ files detected based on the virus definitions ] and Suspicious files [ file detected based on intelligent processing ]. Default options set are "Email Only" for Virus Files [ Available options are Quarantine, Disable file, Email Only ] and "Email Only" for Suspicious Files [ Available options are Quarantine, Disable file and Email Only. Recommended setting is Email Only and we discourage to set it to quarantine ]. Here you have the options to blacklist/whitelist files, whitelist user, etc.
3. Go to cPGuard >> Settings >> Security Tools :- Choose your firewall option. We recommend to choose CSF if it is already installed and operational on your server. Additionally you have the option to blacklist/whitelist an IP address, whitelist domain , etc
4. Go to cPGuard >> Settings >> Notifications :- Please make sure to mention your preferred email addresses into the respective areas to which you would like to receive alerts from cPguard. Additionally please choose your alert preferences for Scanner, Brute-force and RBL notifications.
5. Go to cPGuard >> Settings >> RBL :- Please enable/disable IP monitoring for desired IP addresses. It is enabled by default, but we recommend you to enable same for IP addresses which are using for emails. Additionally you may opt-out from certain RBLs against which we are checking for the blacklists. Tweaking this will help to reduce the time and resource need for RBL checks. It is also recommended to enable sRBL which can help you to stop large scale of incoming Spam emails to your server.
6. Go to cPGuard >> Security Tools >> CSF Configuration :- Tweak some of your CSF configurations here. One of the settings we encourage to enable "LF_SCRIPT_ACTION " which will scan your email scripts.
6. Go to cPGuard >> Settings >> About: - Apply your license here
The default values set are based on the general requirements; so we recommend you to tweak them based on your need.
At any point, if you need assistance/clarification regarding any of the settings, please do not hesitate to contact our team and we will be more than happy to assist you!