Login
Menu

How to make your server more secure via WHM

Home / How to make your server more secure via WHM

How to make your server more secure via WHM

What is WHM?

WHM or Web Host Manager allows administrative access to cPanel backend being a powerful program. WHM permits the user with a lot of flexibility and management whereas managing some very popular resource intensive websites, or massive no: of web sites. WHM not only permits the user to with the flexibility to sell web hosting services however also offers the choice to create and manage multiple cPanel accounts. It also saves your money and time by streamlining and automating the tedious task of server management. WHM permits you to manage all things undern one roof.

WHM enables you to try to the subsequent things?

  • It permits you to create, suspend and delete your cPanel accounts.
  • It permits you to see the status and data of the server.
  • Reset password, monitor and manage your web sites.
  • You get the access to see and change all of your domain names’ DNS zones.
  • You get the ability to tack the support request of your client through cPanel.
  • When you produce a new account WHM permits you to make your own default page.
  • Using WHM you’ll change your client usernames and domain names.
  • Ability for white labeling i.e. you’ll customise your control panel and web hosting with extensive branding.
  • Add-ons within the form of applications and plugins that allows you to supply a tailored solution to your customers.
  • Gives you the flexibility to manage your own backups, you do not have to worry regarding information loss.
  • Provides you with server monitoring tools, you’ll view the utilization of resources, diagnose issue of log files and secure the server from third party attacks.
  • The options and auxiliary tools that ar packed into WHM provides for a singular client expertise.

Steps to check Server Security in WHM

Login into the WHM and use the following steps to check the server security:

Step 1: Check WHM>>> Server Configuration >>> Tweak Settings & deactivate the following options:

  • Avoid users from parking or adding on common internet domains (i.e. gmail.com, aol.com)
  • Permit cPanel users to reset their password by means of email.
  • Default catch-all/default address behavior for the new accounts – fail

Step 2: Now go to WHM >> >Security >>> Manage Wheel Group Users

  • In the “Manage Wheel Group Users” section takes out all the users that are present, leaving your user account from the wheel group and the root.

Step 3: Then select WHM >>> Service Configuration >>> FTP Configuration

  • Anonymous FTP must be disabled.

Step 4: Now select WHM >>> Account Functions >>> Manage Shell Access

  • If there is no need to enable the Shell Access then disable it for all the users.

Step 5: Then select WHM >>> SQL Services >>> MySQL Root Password

  • The root password for MySQL must be changed.

Now perform a quick security scan to detect Trojan Horses from your WHM >>> Security in a week.

Note: one important security measure for your server, while creating any new security account, Choose WHM >>> Resellers >>> Reseller Center 

Enable “Prevent Accounts from being created with Shell ” & deactivate the “Allow Creation of Packages with Shell Access” this will prevent any 3rd party from accessing your server if they do not have your approval.

WHM >>> Security Center >>> Host Access Control

Host Access Control permits you to set up precise rules to permit or deny access to your server and services over it on the basis of IP address that is trying to connect. The most secure way of using Host Access Control it regulates the connection as per your wish i.e. to provide access only to the connections which you want.

WHM >>> Security Center >>> PHP open_basedir Tweak

PHP’s open_basedir protection averts users from opening files that are outside of their home directory with PHP.

In addition, you can install mod security to avoid web-based infection, cross scripting attacks and web-based intrusions to the server.