Mumbai Webhosting Articles

Secure your website with cPanel

by

Kalpana
in

Securing your website using cPanel involves several key steps to protect your site from potential threats, such as hacking, malware, and other vulnerabilities. cPanel provides tools and features that make it easy to enhance the security of your website and server.

Steps to Secure Your Website with cPanel:

1. Install an SSL Certificate

  • SSL (Secure Socket Layer) encrypts data transferred between the server and the users, ensuring secure communication.
  • In cPanel:
    1. Log in to your cPanel account.
    2. Go to the Security section and click on SSL/TLS.
    3. You can generate a free AutoSSL or purchase an SSL certificate from a provider.
    4. Install the certificate to enable HTTPS.
  • Ensure that your site is always served over HTTPS by setting up a redirect from HTTP to HTTPS.

2. Use Secure Passwords and Enable Two-Factor Authentication (2FA)

  • Weak passwords are a major vulnerability. Ensure all admin accounts use strong, unique passwords.
  • To enable 2FA:
    1. In cPanel, navigate to the Security section.
    2. Click on Two-Factor Authentication.
    3. Follow the steps to enable 2FA for your cPanel account.

3. Enable and Configure Firewall

  • A firewall helps protect your server from unwanted access.
  • In cPanel, you can manage firewall settings through ConfigServer Security & Firewall (CSF) if it is installed on your server. If not, you may need to install a third-party firewall.

4. Enable ModSecurity

  • ModSecurity is a web application firewall (WAF) that helps protect your site from various attacks like SQL injection, XSS (Cross-Site Scripting), and more.
  • To enable:
    1. Go to the Security section.
    2. Click on ModSecurity and enable it for the domains you want to protect.

5. Set Up and Schedule Backups

  • Regular backups ensure that you can quickly restore your site in case of an attack or data loss.
  • In cPanel:
    1. Go to the Files section and click on Backup or Backup Wizard.
    2. Set up a backup schedule to automatically back up your site files and databases.
    3. Store your backups in a secure location, such as an external cloud service or local storage.

6. Protect Against Brute Force Attacks

  • cPHulk is a cPanel tool that helps prevent brute force attacks by blocking suspicious login attempts.
  • To enable cPHulk:
    1. Go to Security.
    2. Click on cPHulk Brute Force Protection and configure the settings.
    3. You can block IP addresses after a certain number of failed login attempts.
  • Hotlink protection prevents other websites from using your bandwidth by embedding images or other files hosted on your site.
  • To enable:
    1. In the Security section, click on Hotlink Protection.
    2. Configure the allowed domains and block hotlinking for specific file types (like images).

8. Enable Directory Privacy

  • Protect sensitive directories with a password using Directory Privacy in cPanel.
  • To enable:
    1. Go to the Files section.
    2. Click on Directory Privacy.
    3. Select the directory you want to protect and set a username and password for access.

9. Disable Unused Services and Ports

  • Disable any cPanel services or ports that are not in use to minimize vulnerabilities. This can be done through WHM (Web Host Manager) for advanced users with root access.

10. Keep Software and Plugins Updated

  • Outdated CMS (like WordPress), plugins, or themes can be vulnerable to attacks. Regularly update all software via cPanel’s Softaculous App Installer or manually to keep everything secure.

11. Scan for Malware

  • Use a malware scanner like ClamAV (available in cPanel) to regularly scan your website for malware.
  • To scan:
    1. In the Advanced section, click on Virus Scanner.
    2. Select the areas you want to scan (e.g., entire home directory) and initiate a scan.

12. Limit File Permissions

  • Restrict file permissions to minimize the risk of unauthorized access. Ensure that files are set to 644 and directories to 755.

Additional Security Best Practices:

  • Disable PHP Execution in directories like /uploads to prevent attackers from running malicious PHP scripts.
  • Use IP Blocker in cPanel to block suspicious IP addresses from accessing your website.
  • Configure Leech Protection to prevent users from publicly posting sensitive login credentials.

By following these steps, you can significantly improve the security of your website using cPanel, protecting your data, visitors, and business.