Security TIPS for cPanel
Login to cPanel and WHM safely
Make sure to login to cPanel and WHM with a valid SSL installed domain name or host name. never login with IP address. for example if your domain name is example.com always login to cPanel with :
https://example.com:2083
and for WHM :
https://example.com:2087
To login without SSL (Not recommeded) you can use :
cPanel :
http://example.com:2082
WHM :
http://example.com:2086
| Port number | SSL | non-SSL |
|---|---|---|
| 2083 | YES | NO |
| 2082 | NO | YES |
| 2087 | YES | NO |
| 2086 | NO | YES |
Another way to login to cPanel is to use auto cPanel login tool.
To access cPanel with your domain name (as example.com) :
https://example.com/cpanel
for WHM :
https://example.com/whm
Firewall
You can install CSF firewall to protect your network, Installation commands :
cd /usr/src
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
To test CSF required modules :
perl /usr/local/csf/bin/csftest.pl
Don't worry if you cannot run all the features, so long as the script doesn't report any FATAL errors
Full installation manual : https://www.configserver.com/cp/csf.html
Secure SSH
Try not to use port 22 for SSH login. change it from /etc/ssh/sshd_config file to another number for example : 1527 and save it. Open the port number in your firewall rules and run :
service sshd restart