13 Best

Security Tips for

cPanel Server
From E2E Networks Ltd
1. Secure SSH

SSH, also known as Secure Shell or Secure

Socket Shell, is a network protocol that gives
users, particularly system administrators, a
secure way to access a computer over an
unsecured network.

Ø Move SSH access to different port

Ø Other than port 22 and less than
1024
Ø Always use SSHv2 only
Ø Disable Passwords
Ø Disable Root login
2. Secure Apache

Apache is a web server. You must secure

Apache installation.
Ø ModSecurity – Web Application Firewall
Ø Install ModSecurity
Ø Enable ModSecurity
Ø Implement symlink race condition protection

Ø Disable Apache Header Information

Ø Service Configà Apache Config à Global
Config
Ø Server Signature = Off
Ø Server Tokens = Product only
3. Enable a Firewall

A firewall is a network security system that

monitors and controls incoming and outgoing
network traffic based on predetermined
security rules.
Ø CSF (ConfigServer Security and Firewall)
Ø Most popular Firewall for cPanel
Ø Pluginsà ConfigServer Security and FireWall

Ø Settings
Ø CT_LIMIT
Ø CT_PERMANENT
Ø CT_BLOCK_TIME
4. Control access to services by IP Address

Isn’t it secure to control the access admin

services?

Ø WH Access Control
Ø Allow certain IP address to access
Ø cPanel
Ø WHP
Ø Webmail
Ø Web Disk
Ø FTP
Ø SSH
Ø POP3
Ø IMAP
5. Stay up-to-date

Always Be Aware Of Updates For

Run the latest and stable versions • Kernel
• cPanel & WHM
• System Software
6. OS Hardening

It’s important to harden operating

system(OS) to increase it’s security.

• Harden /tmp partition

• Run the /usr/local/cpanel/scripts/securetmp script to
mount your /tmp partition to a temporary file for extra
security.

• CentOS hardening
• http://www.tecmint.com/security-and-
hardening-centos-7-guide/
7. Restrict your system’s compilers

Many pre-packaged exploits require

functional compilers. Many users do not
require compilers. Strong recommendation.

Ø Disable Compilers
Ø WHM >> Home >> Security Center
>> Compiler Access
Ø /scripts/compilers off
8. Disable unused services and daemons

To reduce security risks, disable all services

and daemons that you do not use.

Ø Disable Services
Ø WHM >> Home >> Service Configuration >>
Service Manager)
9. Disable Anonymous FTP

We strongly recommend that you deny

anonymous users the ability to upload files to
your FTP server. This setting prevents
malicious software uploads, which can harm
your website/server.

Ø cPanel >> Home >> Files >> Anonymous

FTP
10. Rootkit khunter

A rootkit is a clandestine computer program

designed to provide continued privileged
access to a server while actively hiding its
presence.

Ø Install Rkhunter
Ø Configure Rkhunter
Ø Manual Scan
Ø Automatic Scan
Ø Schedule Scan
11. Hide PHP Version Information

ld PHP version 5.2, 5.3, 5.4, while used

widely, have vulnerabilities that are not
patched. Isn’t good to NOT to expose the
PHP version information?
Ø WHPà Service Configuration à PHP
Configuration Editior

ØExpose_PHP=“off”
12. Use secure passwords

Insecure passwords represent the most

common security vulnerability.

Ø Configure /etc/login.defs
Ø At least 8 charcters
Ø Use JTR Cracker for password security
test
Ø Use pam_passwdqc for password
strength..
13. Brute Force Protection

A brute force attack is a hacking method that

relies on an automated system to guess the
password to your web server.

Ø Use DDoS Protected network

Ø E2E Network is DDoS protected

Ø Use cPHulk
Ø Enable Brute Force Protection.

ØWHM à Security
Centerà cPHulk Brute
Force Protection
Additional Tips

HTTPS for cPanel & Site Security Check

WHM

Cookie IP Validation

Maldet SFTP in place of FTP

ClamAV – Anti Virus Disable Ping Request

Need of the Hour
cPanel integrated cloud servers

Cloud cPanel Nodes

Scalability and flexibility is the E2E Cloud Brings Affordable
need of the hour cPanel Integrated Cloud Servers

cPanel Affordable
Web hosting control panel Best price-performance ratio
 cPanel Cloud Servers
With pre-installed cPanel® & WHM®

24 X 7 Self-Service 1-Click Launch

Our lightning portal allows you to launch, You can launch a cPanel®
manage, and terminate cPanel® cloud & WHM® pre-installed
servers at anytime from anywhere server with just a click

Run Multiple Websites Automatic Backups

You can run all of your websites All your data is backed up
and web applications with ease automatically when you
enable backups

Scalable Full Root Access

You can scale your servers as per You’ll get full
your needs administrative privileges
on your cPanel® Cloud
Server
Pricing
* A minimum bill of ₹ 1038 will be generated as soon as you launch a cPanel server and this minimum billing applies at the beginning of each subsequent billing cycle.

Po
pu
15 GB 30 GB 40 GB 60 GB

la
r
₹ 4 per Hour ₹ 6.5 per Hour ₹ 8.5 per Hour ₹ 16 per Hour
Cent OS Cent OS Cent OS Cent OS
3 VCPUs 5 VCPUs 7 VCPUs 9 VCPUs
112 GB SSD Storage 225 GB SSD Storage 300 GB SSD Storage 1800 GB SSD Storage

₹2920 per Month ₹4745 per Month ₹6205 per Month ₹11680 per Month

# Including Bandwidth Charges

Pricing – cPanel Smart Dedicated Server
* A minimum bill of ₹ 1038 will be generated as soon as you launch a cPanel server and this minimum billing applies at the beginning of each subsequent billing cycle.

Po
pu
30 GB 60 GB 120 GB 240 GB

la
r
₹ 10 per Hour ₹ 15 per Hour ₹ 18 per Hour ₹ 32 per Hour
Cent OS Cent OS Cent OS Cent OS
8 VCPUs 12 VCPUs 12 VCPUs 32 VCPUs
450 GB SSD Storage 900 GB SSD Storage 900 GB SSD Storage 1800 GB SSD Storage

₹6935 per Month ₹10950 per Month ₹13140 per Month ₹22995 per Month

# Including Bandwidth Charges #Highly suitable digital marketing agencies

THANK YOU.
Ashish Charan
E: ashish.charan@e2enetworks.com
M: +91 – 70427-31987
W: www.e2enetworks.com

How about 14 day free trial?