CWP Secure CentOS/Linux Kernel

CWP - Control WebPanel recently introduced CWP Secure CentOS Kernel for wide usage on CWP WebHosting Servers.

CWP secure kernel when in use provides the highest security possible on the market for the shared hosting, no other control panel has something similar integrated to compare with. It can be only compared with Cloudlinux/CageFS.

CWP custom kernel with security level similar to SeLinux.

Since this protection is MAC at the kernel level meaning all not allowed by the policy by default is denied and that provides the highest security for your system.

Not supported systems: openVZ, cloudlinux, Virtuozzo, Lxc, Docker container Requirement: Having the ability to run & install default centos kernel. Supported OS el7: CentOS 7 Supported OS el8: CentOS Stream, CWP CentOS Delayed, Rocky Linux, Alma Linux, Oracle Linux

Currently, the CWP kernel is protecting: - cwp user panel - apache webserver - varnish web cache server - nginx webserver - user cron's and all applications running as cron - user ssh access - all PHP versions available in CWP: switcher, selector, and PHP-FPM selector ...we are continuously developing additional rules to expand protection on many other services

Example issues which kernel is protecting you from: - symlink attacks (most commonly used to hack all users on the server) - execution of malware or custom scripts - access to server system files (/etc,/var, /usr, /home and all others) - access to /tmp and /var/tmp files - access to /dev/shm memory partition - custom script connecting to other servers/ports - malware cron running bad things - hacked user ssh access to be used for running hacker scripts - hacked user ssh access to be used for accessing the system files - the limited set of secure tested ssh commands are only available to users ...and many others.

Full Story