SpyreStudios

Web Design and Development Magazine

  • Design
  • Showcase
  • Inspirational
  • Tutorials
  • CSS
  • Resources
  • Tools
  • UX
  • More
    • Mobile
    • Usability
    • HTML5
    • Business
    • Freebies
    • Giveaway
    • About SpyreStudios
    • Advertise On SpyreStudios
    • Get In Touch With Us

Tips to Improve Your cPanel Security

January 9, 2019 by Spyre Studios

cPanel is a popular control panel for web hosting. It is part of almost every web hosting service. After all, it is easy to use from an end-user perspective. It is also secure, but not as secure that you might want it to be.

In this article, we will be sharing tips on how to improve your cPanel security. After implementing these tips, you will be sure that our website and cPanel is secure, and you can sleep without any worries. So, without any delay, let’s get started.

1. Use the latest version of cPanel

cPanel is always working towards releasing a more robust and secure version of their product. The key here is to improve their product with new features and also fix any vulnerabilities that are exposed in their last build.

As a user, you should always use their latest version to ensure that you get protection from the latest vulnerabilities. You can easily update your cPanel version by going to WHM > cPanel > Upgrade.

If you know scripting, typing the command can start the update easily.

#scripts/upcp – force

You can always ask your web hosting customer support to update your cPanel incase you are not sure what to do. Automatic updates should be turned on so that you don’t have to follow this step every time an update comes out. You can do it by going to WHM > Server Configuration > Update Preferences.

2. Put a secure password

The user is the weakest point in any security system. Yes, you read it right. A user can easily set a weak password. To secure your cPanel, you have to choose a strong password that you can remember or store somewhere safe. If you don’t, you are leaving your cPanel insecure against bots or hackers who will eventually gain access to your cPanel and infect your hosted websites. This can lead to tons of issues including spending money to fix it.

A secure password should have the following features.

  1. Minimum 8 characters long.
  2. Should contain a mix of alphanumeric, grammatical symbols and letters.
  3. Dictionary words or popular dates should be avoided.

If you are not sure whether your password is strong or not, you can use password generator tools to generate a strong password. You can also tweak server configuration and enable SSL so that your password doesn’t leak when you try to access your website or cPanel. This tip is also applicable to you if you are setting up a blog.

3. Secure SSH

SSH or Secure Shell is a way to access your server that is using cPanel remotely. If you are somewhat techy, you would surely love to use SSH as command line provides more flexibility when it comes to updating, fixing or implementing complex projects.

That’s why you should secure SSH so that hackers or third-party malicious actors cannot access it. You need to follow the below steps.

  • Ensure that your SSH packages are fully updated.
  • Setup a wheel user and disable the root user
  • Setup a password-less login

Now, let’s see how you can do the above steps. We will go through the 2nd and 3rd step as you should be able to figure out how to update your SSH packages.

To create a new wheel user, you need to use the following command.

adduser <wheel_user_name>

Once you type the above command and hit enter, you will be asked for a new password. You can also make an existing user a wheel user by going to WHM > Security Center. From there choose “Manage Wheel Group Users” > and click on “Add to Group.”

Once done, disable the root user by editing the SSH config file. Set the “PermitRootLogin” to “No.” Restarting tour SSH will ensure that your root user account is disabled. This is done to protect your SSH from the exploit. Root users are easily exploited and should not be used by you as well. The new wheel user needs to be used. 

The last step is to disable the password completely and enable key based authentication. This can be done by setting the Password Authentication value in the SSH config file to “no.”

You can find the SSH config file here: vi/etc/ssh/sshd_config

common security mistakes

4. Enable Brute-Force Protection

Brute force is one of the methods employed by the malicious actors to gain access to your cPanel. It is a way of hitting your server with a username/password combination until the match is reached. You can enable brute force protection through your Cpanel. To do so, you need to go to CPHulk Brute Force Protection. From there, go to the Security Center and click on “Enable,” 

By enabling it, anyone who tries to do brute force will get its IP blocked if there are too many unsuccessful login attempts. You can also block a particular IP or a range of IP if you want to.

5. Secure PHP and Apache

Two more aspects that you need to secure include the PHP and Apache. You can start securing Apache by installing ModSecurity, a module that specifies a new set of rules. It can protect your Apache server from methods such as code injection.

You might also want to disable some of the PHP functions so that it remains secure. For example, you need to turn off register_globals as it will prevent the server features to be secure and non-accessible from outside. You may also want to disable functions such as proc_open, passthru, shell_exec, allow_url_fopen, system, show_source, popen.

Also, don’t forget to restart Apache to make sure the changes take effect properly. Most of the VPS hosting reviews will mention if a hosting provides you to change these parameters or not. If they do, you are ready to go!

6. Enable Firewall

The firewall can act as an additional layer of protection. Firewall is pre-configured to protect you against most of the threats. You can install CSF package for your cPanel. It is one of the most popular firewall for cPanel. You can install it by typing the following commands one by one.

wget https://download.configserver.com/csf.tgz

tar zxvf csf.tgz

cd csf

./install.cpanel.sh

/etc/init.d/csf start

perl /usr/local/csf/bin/csftest.pl

vi /etc/csf/csf.conf

/etc/init.d/csf restart

Once the server restarts, you are all set to go.

Conclusion

Protecting your cPanel is as important as protecting your home. You should not leave it at default settings. So, which tips are you going to follow? Comment below and let us know. We are listening.

Author Bio: Elise Myers is an experienced web developer at WPCodingDev and a passionate blogger. She can help you in case you are looking for expert WordPress Developers to customize your website.

Filed Under: Development Tagged With: cpanel, security

Recent Posts

  • 31 Fresh Design Elements for Spring and Easter
  • 10 Templates for Music Concert Flyers
  • How to Build a Web Scraper Using Node.js
  • Best PHP Books, Courses and Tutorials in 2022
  • How to Get Your First Web Design Client

Archives

  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • May 2008
  • April 2008

Categories

  • Accessibility
  • Android
  • Apps
  • Art
  • Article
  • Blogging
  • Books
  • Bootstrap
  • Business
  • CSS
  • Design
  • Development
  • Ecommerce
  • Fireworks
  • Flash
  • Freebies
  • Freelance
  • General
  • Giveaway
  • Graphic Design
  • HTML5
  • Icons
  • Illustrator
  • InDesign
  • Infographics
  • Inspirational
  • Interview
  • Jobs
  • jQuery
  • Learning
  • Logos
  • Matrix
  • Minimalism
  • Mobile
  • Motion Graphics
  • Music
  • News
  • Photoshop
  • PHP
  • Promoted
  • Rails
  • Resources
  • Showcase
  • Tools
  • Tutorial
  • Twitter
  • Typography
  • Uncategorized
  • Usability
  • UX
  • Wallpapers
  • Wireframing
  • WordPress
  • Work

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

SpyreStudios © 2022