Archive for the ‘cpanel’ tag
cPanel provides convenient server access and a user-friendly interface for managing your website. However, like any online environment, it has several potential security problems. As a responsible webmaster, it’s up to you to recognize these vulnerabilities and take steps to close any loopholes hackers could use to access your server or site. Take charge and manage critical access points with these eight cPanel security tips.
Create Strong Passwords
From the main cPanel portal to individual email accounts, every login point needs a strong, secure password. Guidelines for length vary, and some sources suggest as many as 14 characters to ensure protection. Longer passwords allow for more complex combinations of numbers, symbols and upper- and lower-case letters. Use a different password for accessing cPanel, FTP, email management and other secure areas, making sure none of them contain obvious information such as phone numbers or birthdays.
If you have trouble coming up with enough different combinations, try an online password generator. A password manager is useful for keeping track of your login information for all of cPanel so that you don’t have to look up each password every time you sign on.
Install a Firewall
A firewall lets you access cPanel while keeping unauthorized users out. Think of it as a border patrol for your server, constantly checking to ensure only the right people get through. ConfigServer Security and Firewall (CSF) is a popular firewall application for cPanel designed to serve this purpose. It scans the system on a regular basis and checks authentication logs to keep your site safe from hackers at all times. CSF also provides feedback on how to make your server more secure overall. Since more is better when it comes to security, check these reports and make any necessary changes as soon as possible.
Be a “Brute”
Although a firewall can prevent hackers from gaining access to your site, it won’t stop them from trying to log in. Brute force protection is a feature of cPanel used to block IP addresses after multiple failed login attempts. Found in the Security Center section, this option is easy to enable and customize. Use the IP Deny Manager to manually input IP addresses known to be malicious so that they’re never allowed to log on.
You can customize the brute force option, known as cPHulk, by setting how many minutes the tool monitors for repeated logins, the maximum number of failed logins allowed and how long each IP ban stays in place.
Stop Anonymous FTP Access
With anonymous FTP, anyone can log in to your site via FTP with only a username and a generic password. This may be useful for sharing files with a large number of people, but it’s like an open door to hackers. When all users can gain access to your server through such a simple process, every file becomes subject to tampering.
Set your FTP preferences to allow only for SSL logins, and require a password to be entered each time. The setting can be found under FTP Server Configuration in cPanel.
Make SSH Secure
Secure shell (SSH) is a convenient way to access your site from a remote location. Unfortunately, it can also provide an entry point for hackers. Information sent through SSH is authenticated and encrypted to prevent outside manipulation, so malicious users can’t touch it unless they break through your security measures.
The default port of 22 is the most common setting for SSH access. Changing it to another available port and implementing a security key for logins minimizes the risk of being hacked. Switch the settings from SSH1 to SSH2 for additional protection.
Protect Against Hotlinking
Hotlinking is the practice of linking an image or file on one server directly to a page on a remote website. Some people do this in ignorance, assuming the easiest way to embed an image is to use the original link, but it’s generally considered a bad practice. Hotlinked files use bandwidth from your site every time someone accesses them, and this has the potential to overload your servers if too many requests are made.
The Security section of cPanel offers hotlinking protection. Simply enable the setting to prevent third parties from linking to your files. Add an extra layer of security by specifying certain file extensions you don’t want to be hotlinked.
Tweak Your Settings
While you’re taking care of the larger security issues in cPanel, make sure you don’t neglect less common settings. Open Tweak Settings under Server Configuration to access an entire list of other possible security measures. With this checklist, you can:
• Help prevent the sending of unauthorized emails, including spam
• Shut down potential email attacks
• Block malicious referrals or redirects from hijacking your site
• Stop the generation of proxy domains
• Require IP validation for cookies
• Set up an additional security token for cPanel access
Enabling these supplemental security settings helps address any remaining vulnerabilities and keep hackers at bay.
Your web host should have automatic cPanel updates in place. If not, go to Update Preferences in the Server Configuration area and enable the setting yourself. Old versions of software, including cPanel, may contain security vulnerabilities hackers can use to access your server. Automatic updates ensure you’re always running the latest version of cPanel with any associated security patches and bug fixes. Go back and check once and a while to confirm updates are running as they should. If not, update manually and contact your web host to find out why the setting isn’t working.
Security is one area of website management where you should never cut corners to save time or effort. The smartest thing you can do is implement proper security measures for cPanel as soon as your hosting account is set up. Don’t wait until disaster strikes or assume the security promised by your web host is enough. Take proactive measures to keep hackers out and stay in control of your cPanel environment.
Share : Follow Us :
‘In computing, a firewall is a network security system that controls the
incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is assumed not to be secure and trusted.’
As avid readers of the blog know, I like to ground these ideas with every day analogies. You can think of a firewall like a door to your home. When the door is opened, people can walk directly into your house. Should you want to keep people out, you close and lock the door. This is the way a firewall works on a server. You place the firewall onto your server to keep intruders from the internet from accessing your data.
Firewalls can be either hardware or software based. If you go with a hardware based firewall, the firewall is connected to your switch that allows for traffic to be filtered upon a rule set you determine. You would use a hardware based firewall if you had a dedicated server. A software based firewall is installed within your server. It still blocks traffic based off rule sets you create, but it just does it from within the server and not out in front like a hardware based firewall.
For the rest of this article, I will provide you the steps to install CSF, which is short for ConfigServer Security and Firewall. This firewall is supported across many different Operating Sytems, RedHat Enterprise, Centos, CloudLinx, Fedore, Virtuozzo, VMWare, to name a few. You can read more about the supporeted systems here: http://configserver.com/cp/csf.html
This firewall can be installed with the following steps on your Linux based server:
mkdir /usr/local/src <– Creates the directory to install CSF
cd /usr/local/src <– Changes your location on the server to the newly created directory
wget http://www.configserver.com/free/csf.tgz <– downloads the CSF software to your server
tar xfz csf.tgz <– Extracts the software
cd csf <– Changes your location on the server to the CSF directory
./install.sh <– Installs the CSF firewall
CSF, when installed, and configured properly, places a preset list of rules onto your server. These rules can be configured directly within the csf.conf file or the csf configuration file. If you have a cPanel based server, you want to ensure that you have the following ports opened for inbound and outbound:
# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,143,443,465,587,993,995,2078,2082,2083,2086,2087,2095,2096”
# Allow outgoing TCP ports
TCP_OUT =”20,21,22,25,37,43,53,80,110,113,443,465,587,873,995,1167,2086,2087,2089 ”
Those ports cover most of the ports you will need for your cPanel or non-cPanel server to function. You can read more about ports and their functions here: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Once you do that, you may want to limit the amount of connections each user can make to your server. This can be set by changing CT_Limit in your csf.conf to the number of connections you want each user to be able to make. For example, CT_Limit = “150” will only allow each user to make 150 connections to your server.
You may also want to remove port 22 from TCP_IN along with setting your SSHD_config file to do only public_key authentication. Why would you do this? This will lock down your server from the outside and only allow people who have SSH keys installed into your server to gain access using SSH.
CSF can be configured in a multitude of ways to add another layer of security to your server. I highly recommend going to http://configserver.com/cp/csf.html and using the forums to learn more about the many features of CSF and how tweaking the settings can help ensure you’re providing a stable, safe and secure server environmentShare : Follow Us :
TurnKey Internet launches SEO Optimized cPanel Web Hosting with Unique Class-C IP Addresses no comments
LATHAM, NEW YORK (November 17th, 2014) – Sustainable IT solutions provider TurnKey Internet, Inc. announced that it has launched their all new high-performance enterprise-class SEO Optimized cPanel Web Hosting platform. The newly launched cPanel based Search Engine Optimized Web Hosting platform takes performance, speed, and efficiency to a new level, and combines up to 80 Unique Class-C IP Addresses and Secure Socket Layer (SSL) Certificate Technology to give SEO minded web masters and web professionals the greatest possible advantage to high rankings within Google’s search engine system.
TurnKey’s SEO Optimized cPanel Web Hosting leverages the combination of ultra fast servers with unique and diverse IPv4 and IPv6 addresses utilizing Secure Socket Layer (SSL) Certificates to provide what Google announced August 6th, 2014 as a key ranking signal for higher search engine results. Google’s announcement of web sites that utilize this technology and methodology to receive preferential rankings within the Google Search Engine system has been leveraged by TurnKey to provide a one-stop complete SEO solution to help web masters and web professionals succeed online.
At the core of the cPanel based Search Engine Optimized Web Hosting are TurnKey’s lightning fast servers powered by Intel’s Multi-Core Xeon CPU technology providing up to 32 CPU cores combined with ultra-fast Samsung SSD solid state drives attached via Raid-10 redundant connections. Each cPanel SEO Hosting Server produces over 600,000 DISK IOPS (input/output operations per second) and accesses Gigabit Bandwidth (1000 up x 1000 down) throughput with direct connections into TurnKey’s Juniper powered BGP4 redundant network infrastructure housed within TurnKey Internet’s SSAE 16 Type 2 Certified and ENERGY STAR® designated datacenter in New York.
“This new SEO hosting service provides the most innovative technologies in today’s market combined with enhanced performance over traditionally hosted web sites. This all adds up to give our web hosting clients the absolute best advantage in the competitive search engine ranking market place.” Said David Conboy, TurnKey Internet’s Director of Client Services. “This is the most innovative, highest-performing SEO hosting configuration on the market, and a ground-breaking alternative to the other hosting options out there.”
The TurnKey cPanel SEO Optimized Web Hosting platform is a top-of-the-line hosting solution for webmasters, businesses, and individuals alike that want blazing fast response times from busy web sites and applications like WordPress, Drupal, Joomla, high-traffic blogs, and any expansive database drive web site. For more information on TurnKey’s new high performance SEO web hosting service visit:
About Turnkey Internet
Founded in 1999, TurnKey Internet, Inc. is a full-service green data center and leading provider of sustainable web hosting and IT solutions. From its SSAE 16 Type 2 and ENERGY STAR® certified facility in Latham, NY—New York’s Tech Valley Region—TurnKey offers web hosting, communication services, web-based IT systems, software as a service (SaaS), enterprise colocation services, and computing as a service to clients in more than 150 countries. For more information, please call (518) 618-0999 or visit www.turnkeyinternet.net/media.Share : Follow Us :
Avid readers of the blog know that I’m a slayer of tickets and protector of the Turnkey Internet realm of support tickets. If you have a support need with your software that you’ve purchased from Turnkey Internet, more than likely, I will be one of the team members who works on your issue. I wanted to write you gentleman and ladies, a post on a support request I see at least once a week if not more. I will start this article off by asking one question. Have you ever been locked out of your house? You walk out the house not thinking about the door, but then you realize that you need to go back into the house to grab your keys. However, the door is locked.
What will you do? If you’re a super prepared individual, you may have a spare key laying around somewhere, but if you’re like me, this may not be the case. So, what’s next? Maybe you start thinking, “hmmmm, I wonder if I have any windows unlocked?” You walk around the house hoping, praying, that you have a window unlocked. You soon discover, that you’re a very safety conscious individual and all of your windows are locked? Well, what do you do now? You have no spare key. No windows are unlocked. While that rock on the ground could easily go through the window, do you really want to pay money to get the window repaired?
This usually leaves you with no other option then contacting your local locksmith. Pay the ridiculous amount to have them drive out and let you back into your house in a matter of minutes. Now, what if that happens on your server? For the sake of this article, we will assume you have a server, VPS/Dedicated/Cloud, that has cPanel installed. You haven’t changed the password, but all of a sudden you can’t login to your cPanel or WHM anymore. What do you do? Well, if you purchased your services from Turnkey Internet, the quickest way would be to open a support ticket and have one our engineers allow you back in, but what if you’re a do it yourself type of person? Is there a back spare key you can use?
Now, just to be clear, I’m not talking about not being able to view your site in a browser, but specifically about your cPanel password, that you’ve not changed, no longer working. You may get the first thought that, holy crap, my account has been hacked. Someone has stolen my password and is slowly but surely stealing all of my data. While yes, this could be a possibility especially if you have an insecure password, e.g. CAT123, but what if you have a secure password. A 12 character password. It’s more less likely that your cPanel password has been stolen and more likely that you’re locked on our your account by cPHulk.
It’s very possible that you’ve heard of cPhulk before. For those of you who haven’t, the link below will explain exactly what cPHulk is:
cPhulk is a brute force protection software that is installed by cPanel by default. This little piece of software constantly monitors the server to ensure no one is brute forcing their way into your server. For users who do not know what brute forcing is, please see the link below:
To summarize that link, brute forcing is when a hacker tries every iteration possible to login to your account. They start with a dictionary of commonly used username and passwords and attempts to login to your account with each one. This is called a brute force attack and is what cPHulk is written to protect against. However, cPHulk can be a bit over zealous at times and end up blocking you out of your own accounts. So, how do you fix?
This fix assumes that you have root access to the server and a SSH client such as Putty to access the server.
- SSH to your server
- Type mysql
- Connect cphulkd;
- Delete from brutes;
- Delete from logins;
That will clear all IP’s currently blocked on the server and allow you to login to cPanel/WHM. At which point, you can go to Security Center -> cPHulk Brute Force Protection and white list your own IP to keep this from occurring in the future. You’ve essentially just become your own cPanel locksmith. If you’re still having issues, you can always open a support ticket with us directly at: https://helpdesk.turnkeyinternet.net/
Until next time…Share : Follow Us :