You should take care of the following settings once you have successfully installed cPguard
1. Activate cPGuard by submitting your License Key . Please note that one License key should be applicable for one server. If you want to use a License Key which is activated for another server already, you should re-issue the key before submitting it for your new server.
2. Once the License is activated succesfully, go to cPGuard >> Settings >> Scanner :- Here make sure that "Virus Scanner" is turnd ON. The service will start automatically within 60 secods of license activation. Then choose your action preferences for Virus files [ files detected based on the virus definitions ] and Suspicious files [ file detected based on intelligent processing ]. Default options set are "Email Only" for Virus Files [ Available options are Quarantine, Disable file, Email Only ] and "Email Only" for Suspicious Files [ Available options are Quarantine, Disable file and Email Only. Recommended setting is Email Only and we discourage to set it to quarantine ]. Here you have the options to blacklist/whitelist files, whitelist user, etc.
3. Go to cPGuard >> Settings >> Security Tools :- Here make sure that "Bruteforce Protection" is turned ON. Also it is recommended to enable "CSF Integration" which will block abusive IPs in CSF. Turn on “IPDB Firewall” and whitelist the country if you have the traffic coming from any specific country
4. Go to cPGuard >> Settings >> WAF :- Turn ON "WAF Integration". This is importnant and it is recommended to Turn it ON always and it can increase the Web Security level for your Web Apps. Also you can turn on Extra Rules based on your preference.For best results, you should enable all recommended rule sets from the list.
5. Go to cPGuard >> Settings >> Exim RBL and IP Reputation :- Please enable/disable IP monitoring for desired IP addresses. It is enabled by default, but we recommend you to enable same for IP addresses which are using for emails. Additionally you may opt-out from certain RBLs against which we are checking for the blacklists. Tweaking this will help to reduce the time and resource need for RBL checks. It is also recommended to enable sRBL which can help you to stop large scale of incoming Spam emails to your server.
6. Go tocPGuard >> Settings >> Automatic Suspension :- You can choose your autoamtic account suspension preference here. You can enter the preferred value and enable account suspension on virus files detection and domain blacklist or turn off the features completely.
7. Go to cPGuard >> Settings >> Notifications: - Here you can manage the email addresses to receve the alerts or reports from cPGuard and the enable/disable the notification types that you would like to receieve.
8. Go to cPGuard >> Settings >> Additional Settings :- We recommened to enable "RootKit Scanner " which will run daily scan on the server using RkHunter and ChkRootkit. Enabling error reporting will help us to gather the comming error and fix them pro-actively. Also choose the preferred period to rotate logs and the language preference for the plugin.
The default values set are based on the general requirements; so we recommend you to tweak them based on your need.
At any point, if you need assistance/clarification regarding any of the settings, please do not hesitate to contact our team and we will be more than happy to assist you!