Security

Essential cPanel Settings

Essential cPanel_Settings
Most web hosts provide access to the server and the website hosted on it through a cPanel. The cPanel offers a simple, flexible way to manage and customize the back end of a website. How you customize your cPanel can affect everything from security to the functionality of your website. Here we take a look at some of the best practices in setting a up a cPanel for the first time.

RECOMMENDED
Web Security: SSL and Beyond

The Future of Web Development:Browser Dominance,Web Components and More

Set a Strong Password

Your login credentials, which you set in the cPanel, will be used for everything from accessing databases to uploading websites through FTP accounts. A weak password leaves your website wide open to hackers. What’s worse, once the hacker gains control of your account, he or she can change your password and prevent you from accessing your own website.

Secure Apache

The easiest way for a hacker to gain access to your website is through your web server application. Apache is the most common web server application used and thus one the one most often targeted by hackers. One of the best things you can do to secure Apache is set mod_security. You install mod_security through the Addon Modules in the cPanel. While you are securing Apache, be sure to go to PHP open_basedir Tweak in the Security Center and set Enable php open-basedir Protection.

Update Email to the Maildir Format

Maildir provides both extra security and extra speed for the email that your web server provides. In some cases, your web host will already have installed maildir. If it has not, look for the scripts section in your cPanel and run the /scripts/convert2maildir script.

Lock Compilers

Compilers are used most often to convert C/C++ code into bits that are readable by the server’s processors. If you aren’t using C/C++, then you can go to Tweak SecurityCompilers Tweak and turn off those compilers, which will protect you from certain hacks.

Delete/Disable Unused Software

Almost any software can be exploited to gain access to your server. If you aren’t using a particular application, you should delete it or disable it to reduce the number of ways that someone can gain entry to your server. You can start by going to Service ManagerService Configuration and disabling all of the services that you are not using.

Enable Automatic Updates

Keeping your cPanel up to date ensures that you have the latest security patches and bug fixes. You can update your system manually, but it is easiest to just enable automatic updates. Go to Server ConfigurationUpdate Config and be sure that automatic updates are set for the Kernel, cPanel, User Applications, and System Software.

Enable the Firewall

A firewall is just one more line of defense against hackers, so it is wise to enable it if you  don’t have a specific reason to avoid a firewall. While you are at it, take the time to install an anti-virus program for your cPanel as well as an anti-rootkit program.

Enable Brute Force Protection

Brute force protection essentially disables cPanel access from any IP that attempts to login with the wrong credentials too many times. You usually find this option under Security CenterCPHulk Brute Force Protection. Simply click on “Enable” to prevent brute force attacks against your website.

Going Above and Beyond

While the measures above may appear excessive, they actually represent just the beginning of best security practices for the web. More advanced options require a bit of command line interaction, but are well worth the effort to learn if you are into serious web development. For the beginner, the tips above will go a long way to helping you secure your website. Last, but certainly not least, always back up your site and do it often. Most cPanels make it easy to back up your site, often giving you the option to set it to occur automatically. Back your site up often and any time you make a change so that you can fix problems and restore your website to full functionality without any loss of data.

Leave a Reply

Your email address will not be published. Required fields are marked *