Security Tips

Configure cPanel & WHM With Complete Security And Tweaking

3 Mins read

Control panel cPanel or Web Host Manager (WHM) is a powerful and easy to use control panel that offers automation and GUI to simplify the management of web hosting. It enables one to manage and operate his Linux web hosting servers, databases, mail accounts, applications, security, FTP and more. Users can quickly accomplish their tasks using helpful web based interface of cPanel.

Prerequisites to Configure cPanel & WHM: Network and hardware requirements

Network requirements

table1

Hardware requirements

Configure cPanel & WHM

cPanel installation script

cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest

It will take approximately 45 to 60 minutes to install WHM/cPanel on the server. Following complete installation, here’s what you need to do to access the WM:

How to access the WHM?

WHM listens on the port number 2086 and 2087 securely, so it’s recommended that it be accessed on these port numbers.

http://ip-address:2086 — OR – https://ip-address:2087/

You may get SSL warning, accept it and save certificate in browser so that it’s not repeated every time.

Now enter the username as ‘root’ and password same as what was set initially during OS installation. There will be six initial steps to proceed further:

  1. Initial setup: WebHost Manager End User License Agreement has to be accepted.
  2. Setup Networking: Enter the contact information and set hostname with below command in shell.

    /usr/local/cpanel/bin/set_hostname <hostname>

    Also setup the resolver and enter the DNS server’s IP address.

    Warning : Set a reliable resolver here as your setup entry will be shown in file /etc/resolve.conf

  3. Setup IP Addresses: Enter IP address with proper subnet mask and gateway.
  4. Name server Configuration: In this section, we’ll configure the name server. Nameserver populates your server’s DNS information by the Internet to allow users to access website from your server.
  5. Services: In this section, we configure the services which are used by our clients on the server, including:
    • FTP Configuration
    • Mail Configuration
    • cPHulk Brute Force Protection configuration.

    Install a Common Set of Perl Modules- the most beautiful thing provided by cPanel.

  6. Setup quotas: This is the final stage of the Initial Setup process. This allows you to select if you wish to track/monitor disk usage on your server.Now initial setup has been completed and now we’ll setup WHM and configure some tweaking:
  1. Home »Server Configuration »Server Time: Setup your country time zone as per your location.

    Home-a

  2. Home »Server Configuration »Tweak Settings: Next we’ll configure some tweak setting and security settings in WHM.
    • Enable ioncube on the server if required, because it’s prerequisite need of Softaculous.

      WHM configuration

    • Setup mail sending limits

      cSetup

    • Prevent nobody from mail sending

      dPrevent

  3. Home »Security Center »Compiler Access: Disable the compiler access on the server for security reasons.

    Compiler access setting in whm

  4. Home »Security Center »cPHulk Brute Force Protection: Enable the cPHulk protection on the server to protect from DDoS like attacks.

    cPHulk Brute Force Protection

    Note: After enabling cPHulk on the server, first allow or whitelist your IP in cPHulk, otherwise if you are blocked, you will be restricted from accessing cPanel.

  5. Home »Security Center »Shell Fork Bomb Protection: Enable shell fork bomb protection in WHM.

    Shell Fork Bomb Protection

  6. Home »Security Center »SSH Password Authorization Tweak: Here we can setup SSH key based authentication and disable password based login if required. This will protect our server better.

    SSH Password Authorization Tweak in whm installation

  7. Home »Service Configuration »Apache Configuration »Global Configuration: Setup all the apache global configuration here- we can setup limit on the number of connections, maximum retry and number of active user limits here.

    Configuration

  8. Home »Service Configuration » FTP Server Configuration: In FTP server configuration tab, we can setup FTP server configuration. We should prevent ‘root’ user from accessing FTP.

    FTP Server Configuration in cPanel & WHM

  9. Home »Service Configuration »PHP Configuration Editor: PHP configuration related tweaking changes from PHP configuration editor option can be done here. We can setup limit on parameters like upload_max_filesize, memory_limit, disable_functions etc.

    PHP configuration in cPanel & WHM

    Using above steps, we can setup our WHM securely on the server.

    Services ZNetLive offer:

    Domain Names India

    Shared Hosting India

    WordPress Hosting India

    VPS Hosting India

    Dedicated Server India

    Let me know if I missed anything using comments below.

2 posts

About author
Ashish Laxkar, System admin-Linux, is a Red Hat Certified Security Specialist in Linux. An MCA, he has been handling technical issues, monitoring servers, working on open source applications, providing remote support, and maintenance for over 3 years now. He enjoys playing cricket and working with Kali Linux as a hobby.
Articles
Related posts
Security Tips

How to define a proactive security approach with Endpoint Detection and Response (EDR)?

5 Mins read
While navigating an evolving digital phase, businesses encounter the mounting challenge of safeguarding their endpoints against increasingly sophisticated cyber threats. Against this…
Security Tips

What is Endpoint Security? How does it work and what are its use cases?

4 Mins read
The traditional boundaries that once confined us to a designated office space have blurred, giving rise to the era of hybrid work….
Security Tips

7 Must-follow Tips for Data Leakage Prevention (DLP) in 2024

5 Mins read
In today’s modern digital world where technology rules the roost, safeguarding sensitive information has become highly critical. As organizations harness the power of…

2 Comments