How to secure your cPanel server

1 year ago
Admin
4 minutes

Securing your cPanel server is crucial to protect against potential threats and ensure the safety of your data and services. Here are detailed steps to enhance the security of your cPanel server:

1. Secure SSH Access

  • Change the Default SSH Port: Edit the SSH configuration file (/etc/ssh/sshd_config) and change the default port (22) to a less common port.
    Port 2200
  • Disable Root Login: Prevent direct root login by setting PermitRootLogin to no in the SSH configuration file.
    PermitRootLogin no
  • Use SSH Keys: Set up SSH keys for authentication instead of passwords. Generate a key pair using ssh-keygen and add the public key to the ~/.ssh/authorized_keys file on the server.

2. Firewall Configuration

3. Use cPHulk Brute Force Protection

  • Enable cPHulk: Access WHM and navigate to Home > Security Center > cPHulk Brute Force Protection. Enable cPHulk to protect against brute force attacks.
  • Configure cPHulk: Set the sensitivity and actions to be taken when a brute force attack is detected.

4. Install and Configure ModSecurity

  • Install ModSecurity: Go to Home > Security Center > ModSecurity™ Vendors in WHM and install the Comodo or OWASP rule sets.
  • Configure Rules: Enable and configure the rules to filter out malicious requests and enhance the security of your web applications.

5. Enable Two-Factor Authentication (2FA)

  • Set Up 2FA: Navigate to Home > Security Center > Two-Factor Authentication in WHM and enable it for both WHM and cPanel accounts.
  • Configure User Accounts: Ensure that users configure 2FA using an authenticator app for added security.

6. Regular Updates

  • Update cPanel & WHM: Regularly update cPanel & WHM to the latest version to ensure all security patches are applied. This can be done from Home > cPanel > Upgrade to Latest Version.
  • Update System Packages: Use the package manager to keep all system software up to date.
    sudo yum update

7. Enable cPanel Security Advisor

  • Run Security Advisor: Use the Security Advisor in WHM (Home > Security Center > Security Advisor) to scan your server for potential security issues and follow the recommendations.

8. Harden PHP

  • Edit PHP Configuration: In Home > Software > MultiPHP INI Editor, modify the disable_functions directive to disable dangerous PHP functions such as exec, shell_exec, system, and passthru.
  • Restrict Open Basedir: Use the open_basedir directive to restrict PHP scripts to specific directories.

9. Secure MySQL/MariaDB

  • Set a Strong Password: Ensure the root user for MySQL/MariaDB has a strong password.
  • Remove Anonymous Users: Remove any anonymous user accounts.
  • Disable Remote Root Login: Prevent remote login for the root user by setting bind-address = 127.0.0.1 in the MySQL configuration file.

10. Backup Regularly

  • Configure Backups: Set up regular automated backups using the cPanel Backup Wizard. Store backups in a secure offsite location.
  • Verify Backups: Periodically check that backups are being created and can be restored successfully.

11. Monitor and Audit Logs

  • Log Monitoring: Regularly check logs for any unusual activity. Important logs include /var/log/messages, /var/log/secure, and cPanel/WHM logs in /usr/local/cpanel/logs/.
  • Automate Monitoring: Use tools like Logwatch or Logrotate to automate log monitoring and management.

12. Additional Security Measures

  • Disable Unused Services: Turn off any services that are not needed to reduce the attack surface.
  • Use Strong Password Policies: Enforce strong passwords for all user accounts.
  • Implement IP Whitelisting: Restrict access to WHM, cPanel, and SSH to specific IP addresses using the firewall.

By following these steps, you can significantly enhance the security of your cPanel server and protect it against various threats. Always stay informed about the latest security practices and updates from cPanel and other relevant sources.

Was this article helpful?
YesNo