Learn How to secure your website with cPanel. With malware attacks expected to increase by 385% in 2020, site security is more important than ever. However, keeping your site safe from ransomware, malware, and other malicious activities can be a challenging and time-consuming task.
Fortunately, there are many ways to protect your website from malware and other cybersecurity issues. Many hosting providers enable customers to configure a range of site security settings using cPanel, the popular Linux control dashboard.
In this post, we will explain what website security is and why it is important. We will also provide seven practical tips that you can use to improve your site security and secure your website through cPanel. Ready? Let’s start!
Why protecting your website is important
Creating a high-quality website for your business takes time and money. However, without the right level of security, you can put your site at risk. According to cybersecurity statistics published by Forbes, one in three Americans has been the victim of a ransomware attack, and only five percent of companies ensure their folders are properly protected. This is why it is so important for site owners to regularly take steps to secure their websites.
However, protection against cybercrime is one of the main benefits of maintaining good site security protocols, as well as some other benefits, including:
It helps to keep your employees safe
In the same way that your website can be vulnerable to malware attacks, so can your employees. Viruses can move from device to device. Therefore, if your site is infected, the devices your team members use to access the site may also be compromised.
This can prevent your website from going down
Site owners should aim for the least possible website downtime. Good cyber security measures can help you achieve this. By taking protective measures before an attack occurs, you can prevent malware from causing problems that force you to take your site offline.
It can inspire confidence in your customers
For the online business, reputation is everything, even when it comes to your website. By following good cybersecurity protocols and sharing them with your customers, you can help them feel safe and secure when using your site.
Next, we’ll look at cPanel, the most commonly used control panel for WordPress sites. You can use it to further secure your website without investing in an expensive plugin.
A brief introduction to cPanel
cPanel is a control application that enables you to perform server tasks for your WordPress website:
It is not the only such application available, but it is the most used Linux control panel. cPanel provides an easy-to-use interface for users to perform essential server-side maintenance tasks, including:
- File management
- Database management
- Email management
- Site backup
It can make managing your site easy due to automated processes and a 24/7 support team. As such, it may be worth considering if you want to save time and effort in managing your website.
There are several ways you can use cPanel to increase cyber security. Next, we’ll look at some of the things you can do to secure your website with this application.
How to Protect Your Website with cPanel
There are many site security plugins you can use to enhance your cybersecurity. However, many of these are premium plugins that are not available for free. Using cPanel, you can secure your website using the tools you already have at your disposal, so you don’t have to spend a single penny. Here are our top seven tips for securing your website with cPanel. Using cPanel, you can secure your website using the tools you already have at your disposal, so you don’t have to spend a single penny. Here are our top seven tips for securing your website with cPanel.
1. Update cPanel regularly
Outdated content on your website can cause serious vulnerabilities. This is also true for cPanel. If it’s not up to date, you can leave your site open to attacks and breaches. Additionally, you may miss out on access to new security features by using an older version. Updates are used to fix bugs, add new features and improve cPanel’s security. As such, it might be a good idea to make sure you’re always using the latest version of the software.
The good news is that it’s fairly easy to keep cPanel up to date. Depending on your hosting package, you may not need to update it manually, as system administrators can take care of it for you.
If you need to update manually, start by logging into Webhost Manager (WHM). At the top right of the main WHM screen, you’ll be able to see the current version of cPanel you’re running:
If a new version is available, you’ll also see a box right below it that gives you the option to update now. All you need to do is click on it and wait for it to finish upgrading (it may take some time). Note that the update box is not visible in the image above, as we are currently running the latest stable build.
2. Choose strong passwords and update them regularly
It is essential to ensure that all entry points to your site are protected by strong passwords. Without a secure password, seasoned cybercriminals can easily infiltrate your site and install malware.
Fortunately, resetting your password is easy with cPanel. It even comes with a password generator that helps you secure your site using strong credentials. To keep your site as secure as possible, it is recommended that you change all passwords regularly. Configuring them once a month is usually sufficient.
To change your cPanel password, log in and go to the Preferences tab, then click on Passwords and Security:
Next, you will be prompted to input your old password, as well as your newly updated password. You will also see a score that tells you how weak or strong your credential is. If the password you choose is too weak, you may want to click Password Generator instead. This will automatically create a new, stronger login:
Once you’ve done this, copy the generated password and paste it into the new password field. Also, be sure to store it in a safe place that you can access if you need a reminder. When you’re ready, click Save Password Now! Once you’ve done this, your update should be complete and you can start using your new credentials.
3. Password Protect Your Vulnerable Directories
In addition to having a strong password for your cPanel account, it is equally important to password-protect your vulnerable directories. Doing this in cPanel enables you to restrict access to certain content to certain users.
Once you add password protection to a directory, your site will prompt visitors to enter a username and password in their web browser before accessing it. It helps protect sensitive content from unauthorized access.
To add password protection to a directory, begin by logging in to cPanel. Next, scroll to the Files section and click Directory Privacy:
Here, you will be able to see a list of all your directories. Click Edit next to the name of the folder you want to protect. On the next page, tick the box next to the text Password protect this directory. Then, type a name for the protected directory below and click Save:
Once you’ve done this, you should see a brief ‘success’ message. Click Go Back, then enter a username and password in the appropriate text boxes, and then click Save.
Note: You can automatically generate a strong password by clicking the Password Generator button:
If you ever want to remove password protection, repeat the above steps to navigate to the directory again Then, clear the password to protect this directory checkbox.
4. Enable cPHulk brute-force protection
cPHulk is another useful service provided by cPanel that helps protect your server from brute-force attacks. An attacker involved in these attacks uses an automated system to try to guess your username and password by repeatedly trying different combinations in quick succession.
Using cPHulk through cPanel allows you to automatically block IP addresses or accounts that exhibit suspicious behavior. This prevents attackers from making any further attempts to log in, thus preventing them from gaining unauthorized access and installing malware on your site.
To enable CPHulk Brute-Force protection, you must first log into WHM. From there, navigate to Security Center in the left sidebar and click on cPHulk Brute Force Protection:
After that, you can toggle the button to enable cPHulk protection:
Once it is enabled, you can change the configuration settings. For example, you can specify how many failed login attempts are required to lock out IP addresses, and how long to lock them out. Once you’ve made the changes, click Save:
Note that in addition to configuration settings, there are several other tabs available on this page: Whitelist Management, Blacklist Management, and History Reports.
You can manually whitelist and blacklist certain IP addresses by navigating to the appropriate tab. This is useful in certain situations. For example, it might be a good idea to whitelist your own IP to avoid being locked out of your server.
If you need to see a log of what actions cPHulk has taken, you can do so by clicking the History Report tab.
5. Protect Against Hotlinking
Hotlinking (sometimes called ‘direct linking’) refers to when another website links directly to content hosted on your website, such as image files. When their website visitors load the page, your site serves the image files they see This allows other websites to effectively ‘steal’ your bandwidth and use it to display images to their visitors.
Naturally, this is something you’ll likely want to avoid. Fortunately, you can do so easily. All you need to do is configure Hotlink Security using cPanel. Here’s how to go about it.
First, log into cPanel and scroll down to the Security section. Then, click on Hotlink Protection icon:
On the upcoming page, you can toggle Hotlink protection on or off. You can also change your configuration settings. For example, you may want to specify certain URLs that are allowed to access your files (cPanel will automatically populate this box with recommended local URLs):
Next, you can also specify the specific file extensions you want to block direct access to by using the Block direct access for the following extensions box (make sure you separate each file extension with a comma):
Again, the box above should be automatically pre-populated with the file extensions that are usually hotlinked. However, you may want to add additional file extensions that are not already included.
You can add a URL to the redirect request
It will serve users of blocked sites with specific URL pages instead of hotlinked files Once you are done making changes to the settings, just click on submit.
6. Use Patchman by SITELOCK
Patchman is a really useful security service that helps prevent your site from being hacked. Once installed, it automatically scans your website for malware. If it detects any potential threats, it immediately emails you to inform you about them. If you don’t fix the problem within 24 hours, Patchman will quarantine the affected files to keep your site safe:
Not only that, Patchman also detects if your WordPress, Drupa, or Joomla installation needs patching. Again, it will notify you about it via email and automatically apply the patch if you don’t fix it yourself within a week.
7. Use the Secure Shell File Transfer Protocol (SFTP)
SFTP stands for Secure Shell File Transfer Protocol. As the name suggests, it is a secure version of the regular File Transfer Protocol (FTP). It uses the tight Shell protocol to encrypt transfers.
If you don’t already know, FTP is how you transfer files between your computer and your hosting server to be publicly accessible and vice versa. These files are often confidential and may contain sensitive data such as usernames and passwords.
The problem is that the original FTP protocol does not encrypt this data, which makes it vulnerable to interception by attackers. If you want to prevent hackers from gaining access to your data, it is recommended that you encrypt it using STFP instead.
To transfer files using SFTP, your main cPanel account private key is required for authentication. To find it, log into cPanel and scroll down to the Security section. Then, click SSH access:
On the next page, click Manage SSH Keys:
If you already have a public/private key pair, you can use them for SFTP transfers. If you don’t already have one, you can create a new one by clicking Create a new key:
Once you’ve created a new key, return to the Manage SSH Keys interface and click the Manage link next to the new key. After that, click the Allow button to allow:
Go back and scroll down to Private Keys and click View/Download The next page should display your SSH key details. You can click the download key to save it somewhere safe on your computer:
Once you have done all the above, your site is ready for an SFTP connection. You can open your favorite FTP client and use the private key you downloaded to connect via SFTP.
Conclusion
Keeping your site safe from malicious activity and malware is crucial. Fortunately, cPanel offers you several ways to ensure your site is safe and secure.
Here’s a quick overview of how to protect your website using cPanel:
- Update cPanel regularly.
- Choose strong passwords and update them regularly.
- Password protects your vulnerable directory.
- Enable cPHulk brute-force protection.
- Protect from hotlinks.
- Use Patchman by Sitelock.
- Use Secure Shell File Transfer Protocol (SFTP).
If you are looking for a hosting provider who understands the importance of site security and reliable hosting, check out our affordable Linux hosting plans!
