How to install Rkhunter on cPanel Server

By
3 Comments

Hi,

Security is always our concern when we have servers contain very sensitive data. There are many security enhancement tools for Linux/Unix bases systems. We go for firewalls and malware detectors sometimes. Here the Rkhunter is also a tool like that but it’s more powerful than the rest of the tools available.

The Rkhunter can help us to find rootkits, backdoors and other exploits and vulnerable scripts, programs etc running on the servers. Are familiar with AIDE? The Rkhunter has the same logic that used by AIDE, it detects file modifications, inspects file permissions, suspicious file names and kernel modules etc.

This can be uses as a auditing tool if the data are so fragile and if we are so concerned about it. I will explain how we can install this tool on a cPanel server. You can also follow the same method even if your server does not have cPanel installed on it. The steps are common.

Install Rkhunter on cPanel servers

  1. Login to the server as root user.
  2. Run the following commands on the server to install Rkhunter.

cd /usr wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz tar -zxvf rkhunter-1.4.2.tar.gz cd rkhunter-1.4.2 ./installer.sh --layout default --install

The next step is to update the Rkhunter database, it’s basically copy or save the current system info, like info about the files, permissions etc. Later a modification is done, it will compare that with this saved info.

Run the below commands to update the database for Rkhunter:
# /usr/local/bin/rkhunter --update # /usr/local/bin/rkhunter --propupd

Output:

Run rkhunter for the first time

We will go for the command mentioned below to run the tool for the first time:
# rkhunter -c

Output:

Automation: add a cronjob to execute Rkhunter

To set cron job and audit the server on daily basis, please do the steps below:
nano -w /etc/cron.daily/rkhunter.sh
Paste this text inside:
#!/bin/sh ( /usr/local/bin/rkhunter --versioncheck /usr/local/bin/rkhunter --update /usr/local/bin/rkhunter --cronjob --report-warnings-only ) | /bin/mail -s 'rkhunter Daily Run ($hostname) your_address@mail.com

Set file permissions:
# chmod 700 /etc/cron.daily/rkhunter.sh

That’s all guys, please note that the Rkhunter will not always give the perfect info or output, you can also go for AIDE, OSSEC etc to explore more! Thanks ! 🙂

3 thoughts on “How to install Rkhunter on cPanel Server

  1. Hyo

    Hi there! Do you know if they make any plugins to assist with Search Engine Optimization? I’m trying to get my website to rank for some targeted keywords but I’m not seeing very good gains.
    If you know of any please share. Appreciate it! You can read similar text here: Eco wool

  2. Blake

    Hi there! Do you know if they make any plugins to help with Search Engine Optimization? I’m trying to get my website
    to rank for some targeted keywords but I’m not seeing very good success.
    If you know of any please share. Appreciate it! I saw similar article here:
    Bij nl

  3. gsa ser list

    Your style is unique in comparison to other folks I have
    read stuff from. I appreciate you for posting when you’ve got the opportunity, Guess
    I will just book mark this page.!

Leave a Reply

Your email address will not be published.