Categories
Articles

How to Secure Your cPanel Server

You never know when a vicious individual or group of people will target your server and launch malicious attacks against you. Fortunately, you can secure your cPanel server to prevent these unwanted assaults.

The cPanel platform alludes to the web-hosting control panel based on UNIX, a multi-user and multi-tasking OS or operating system, which provides a graphical user interface with tools for automation. This panel helps ease the process of website hosting. It utilizes a three-tiered layout providing functionality to website owners, administrators, and resellers. Hence, they can control various aspects of server and site administration using the customary browser.

As a background, the Web Host Manager (WHM) cPanel includes an Application Programming Interface (API) as well as a command line. Said features allow third-party software merchants, developers, and hosting firms to automate traditional system organizational procedures. The cPanel operates as Virtual Private Server (VPS) or dedicated server supporting apps like FreeBSD, CentOS Linux distribution, and Red Hat Linux.

Security as Priority

The cPanel Partner provides the highest preference for security that website owners value very much. For absolute protection, verify the previous version on your server and contact your system administrator. Log in as root and run the proper command. To determine the version your host uses, log into the WHM cPanel and you can see the version at the upper right-hand corner.

Many webmasters consider VPS as an essential tool. You will find VPS with the cPanel shared hosting more cost-effective and promises to be a win-win option for website owners. This system enables you to obtain responsive service without expensive maintenance fees. The application’s features permit users to manage the hosting space as well as domain name through the interface.

Server and cPanel Security

You need server security to safeguard your site and data it contains against cyber attacks and hacking. Secure and update servers on a regular basis to deal with malware, phishing, and hackers. Read the following preventive measures:

  • Use strong usernames and passwords together with dependable authentication procedures. These precautionary techniques can help make your accounts less vulnerable to fraud.
  • At the same time, understand the usefulness of the two-factor authentication as well as extra security layers. Passwords should have a minimum of eight characters including symbols, numbers, and punctuation marks. Use different passwords for multiple accounts.
  • Secure SSH or SSH protocol and sometimes called Secure Shell is a method that safeguards remote logins from one PC to the other. It produces options for consistent authentication and protects communications flow with powerful encryption.
  • Use SSH instead of unreliable file transfer processes like File Transfer protocol (FTP) or unprotected login systems such as remote logins.
  • Update your Operating Systems frequently (within a few hours following critical updates) as well as your control panels. Avoid disclosing confidential information to anyone unless you trust the person fully.
  • Do not install untested software or save backups and old software versions on your production system. Likewise, limit access to your directories with proper permissions.
  • For web application security, sign up for any notifications about updates on web applications. Update the apps without delay and scan each one with remote security implements.
  • Use a firewall for web apps. Check the file upload fields to make sure the code cannot be uploaded. Choose coding structures with positive security history.

Protection of your cPanel will require securing uploaded files employing File Transfer Protocol Secure (FTPS) or SSH File Transfer Protocol (SFTP). FTP without Security Sockets Layer (SSL) does not have the capacity to encode your login data or files that must be transferred.

In other words, the information or files can be captured and altered by hackers. Many web hosts and file transfer apps support highly secure techniques in transferring these files like the Secure FTPS connection.

Security will always be one of the most vital facets in hosting particularly with the emergence of Denial-of-Service cyber-attacks where perpetrators try to make the computer or network resources unavailable to users by disrupting services or host connection to the Internet momentarily or indefinitely.

Another threat comes from Brute Force cracking which refers to the trial and error procedure adopted by programs to decipher encrypted information like passwords and Data Encryption Standard keys.

Detailed Explanation of SSH Access and Apache

Wise website owners or administrators control SSH access while setting up new cPanel servers as protection against Brute Force attacks. To contain Brute Force utilizing the root account, immobilize the root login by logging in as regular user and choose either sudo or su.

Another option could be to alter the default SSH port. Shift the SSH access to an entirely different port and discourage unknown parties from identifying your server or detecting your SSH port.

Step 1: Login to WHM as root and create a new account (WHM>Account Functions>Create a New Account.

Step 2: Determine if the new user account has shell access (WHM>Account Functions>Manage Shell Access).

Step 3: Then add the new user account to the “Wheel Group” (WHM>Security Center>Manage Wheel Group Users).

Step 4: Use an SSH client, such as Putty, to connect to your server on port 22 and authenticate yourself using the newly created account.

Step 5: Issue this command in order to become root:

       # su – root

Step 6: Then edit the SSH daemon configuration file using “vi” (or any other text editor).

       # vi /etc/ssh/sshd_config

Step 7: Look for the line that says:

       #PermitRootLogin yes

Step 8: Change the value of that line to “no”.

       PermitRootLogin no

Step 9: Look for the line that says:

       Port 22

Step 10: Indicate a new unused port for the SSH daemon. Contact your hosting provider for suggestions to determine whether or not the port is blocked by their network’s firewall.

Step 11: Save the file and exit the editor.

Step 12: Restart the SSH service.

       # service sshd restart

Step 13: Terminate your SSH session by issuing the “exit” command two times.

Secure the Apache platform installation. A very effective tool to stop malicious use of Apache is called ModSecurity™.

  • Users of cPanel & WHM version 11.44 and earlier can install it on Add on Modules in the cPanel section of WHM. Find more information regarding mod security at http://www.modsecurity.org/.
  • Users of cPanel & WHM version 11.46 and later can use the following interfaces to manage ModSecurity™:
    • WHM’s ModSecurity™ Tools interface: (WHM>Home>Security Center> ModSecurity™ Tools).
    • WHM’s ModSecurity™ Configuration interface: (WHM>Home Security Center> ModSecurity™ Configuration).
  • Include suEXEC when you compile Apache to guarantee that CGI apps and scripts function as the user owning or executing them. This strategy helps pinpoint possible malicious scripts as well as imposes permission and environmental controls.

One alternative can be to compile Apache plus PHP with PHP suPHP compelling all scripts to operate as the user owning that particular script. Thus, you can discover PHP scripts that run on the server. It is possible to identify the malicious owner and address the concern right away.

To put together Apache and PHP with PHP suPHP, look for the suPHP selection located in the Apache upgrade interface at the Web Host Manager or while running /scripts/easyapache from the command language interpreter or command line user interface.

At this point, you may set up an SSH connection to your web server making use of the newly-identified port to ensure an active configuration. Or, utilize the SSH keys rather than the normal under name and password authentication to get into the server.

If you choose the SSH keys, disable the password authentication – WHM>Security Center>SSH Password Authorization Tweak.

Configuration Server Security and Firewall

Install a firewall. This is crucial for a dedicated server regardless of whether you are resellers or not. Try to consider Config Sever Security or CSF. It stands for a free firewall plug-in designed for cPanel as well as Webmin and DirectAdmin. CSF can conduct a security inspection and provide appropriate recommendations in improving server security. After installing CSF, you can gain access through WHM>Plug-ins>ConfigSeverSecurity & Firewall.

Install anti-virus software. Although viruses do not really target the Linux OS, the use of an anti-virus still yields advantages since the practice will prevent your visitors from distributing viruses unintentionally to the websites of other users. Majority of such viruses detected by this software were meant to infect Windows PCs and not the Linux servers. One effective antivirus solution is the Clam AV that integrates with cPanel and Config Sever Security.

Step 1: Log in to Web Host Manager as root.

Step 2: Go to cPanel>Manage Plug-ins from the main menu.

Step 3: Choose Install and Keep Updated in the Clam AV box.

Step 4: Click Save.

Configure Clam AV by proceeding to: WHM>Plug-ins>Configure Clam AV Scanner.

You may enable protection for PHP to prevent browsers from opening any files that do not belong to the PHP’s home directory. This is possible using Tweak Security within the WHM. At the same time, lock down the system compilers. Many users do not use C as well as C++ compilers.

Go for Compilers Tweak within the Tweak Security in WHM in turning of the use of compilers for unauthorized users. Another option could be to disable them for selected users. A lot of pre-packaged exploits call for working compilers. Disabling these compilers will help secure against numerous exploits.

Conclusion

You can always find a plethora of reliable information in the worldwide web about security for your cPanel, website information, and server. Here is the good news for cPanel users. It is less difficult to protect your data if you opt for this type of control system. By following these pointers, you minimize your susceptibility to such attacks and enhance the overall protection of your system promptly.

Even as you can reduce the threats, this may not pose a total remedy so optimization should be part of your approach complemented by due diligence and frequent updates. Try to stay on the progressive side of cPanel security so your website and business will be safe for many years.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.