(Updated 2018-06-12) Directadmin since version 1.39 has a built-in brute force monitor, which scan your service logs for any brute force login attempts on your system (dovecot, exim, proftpd, sshd) and sent notifications to an admin. Here you can find a short guide on how to block attackers with CSF (ConfigServer Firewall)
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
If you sell additional IPs to your users, so they could connect remote servers from your hosting server using their dedicated IP as a source IP, you might want (or even need) to protect it from hijacking by other customer of yours. So nobody else could use it.
It was mentioned somewhere that to have session.save_path pointed into /tmp is not very secure, as a hacker with a hosting account on your server might hijack a session file from a neighbor site, if he (or she) manages to get list of files located in /tmp. To prevent this you might want to store sessions under user's home directory.
A step-by-step How-To on the subject is inside. With that you'll learn how to configure da_exim and da_dovecot to use Sieve email filters, and how to configure roundcube to manage the rules.
If you decided to use Modsecurity on your server with DirectAdmin, there is sometimes a need to disable the module for a particular domain (virtual host). And here I'm going to describe how to achieve the desired.
Plugins are a set of files/scripts that expand own directadmin's functions and abilities. How to install a directadmin plugin is described in this article.
Ability to add plugins without needing to change the skin for each update since Directadmin v.1.22
Plugins are scripts which you create, allowing you to let your Users to
do tasks, but only with the process level of their own user ID*.
Plugins are quite simple, they're basically just a list of files,
extracted to a directory, some of which are scripts to execute code you
want. Included in the files are also "hooks", data that is inserted
into the DA skins allowing you to add links to your plugin from DA