Security
IP Blocker
IP Blocker
The IP Blocker interface allows you to block access to your site for one or more IP addresses or fully qualified domain names (FQDNs).
Block an IP address
To deny access to an IP address or range of IP addresses, perform the following steps:
1 – Enter the IP address or range in the IP Address or Domain text box. You can enter IP addresses in any of formats:
2 – Click Add.
Unblock an IP address
To remove an IP address from the list of blocked IP addresses, perform the following steps:
1 – Click Delete in the Actions column for the appropriate IP address.
2 – Click Remove IP.
Video: https://youtu.be/1QBBR5MakjE
SSL/TLS
SSL/TLS
The features in this interface allow you to generate and manage SSL certificates, signing requests, and keys, which enhance your website’s security. They are useful for websites that regularly work with sensitive information, such as login credentials and credit card numbers. Encryption protects visitors’ communications from malicious users.
Documents available
The following documents provide more information about the sections of this interface:
- Private Keys – KEY— Generate, view, upload, or delete private keys.
- Certificate Signing Requests – CSR— Generate, view, or delete SSL certificate signing requests.
- Certificates – CRT — Set up an SSL certificate for the site.
- Install and Manage SSL for your site HTTPS— Generate, view, upload, or delete SSL certificates.
Video: https://youtu.be/mLiSPw5wU7M
Hotlink Protection
Hotlink Protection
A hotlink occurs when someone embeds content from your site in another site and uses your bandwidth to serve the files. You can use this interface to prevent this issue.
Enable hotlink protection
To enable hotlink protection, perform the following steps:
1 – Click Enable.
2 – To allow specific sites to hotlink to your site, add their URLs to the List the URLs to which you wish to allow access list.
3 – To block direct access to files of specific types, add those file extensions to the Block direct access for the following extensions list.
4 – To allow visitors access to specific content through the URL, select the Allow direct requests option.
5 – To redirect requests for certain content, enter the URL to which you want to redirect your visitor in the Redirect the request to the following URL text box.
6 – Click Submit.
Disable hotlink protection
To disable hotlink protection, click Disable.
Video: https://youtu.be/-3yakFHB5Fg
Leech Protection
Leech Protection
The Leech Protection interface allows you to detect unusual levels of activity in password-restricted directories. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it. This is useful if, for example, someone posts a user’s login credentials on a public site.
Enable leech protection
To enable Leech Protection for a directory, perform the following steps:
1 – The Leech Protection window will appear. Select which of the four main directories you wish to view in the file window:
- Home Directory (/home/user)
- Web Root (/public_html/www)
- Public FTP Root (/public_ftp)
- Document Root (/public_html)
2 – Select the directory that you wish to protect.
- Click the appropriate folder icon to navigate to a different folder.
- Click the desired folder’s name to select it.
3 – Enter the maximum number of logins that you wish to allow each user within a two-hour period.
4 – To redirect users who exceed the maximum number of logins within a two-hour period, enter a URL to which you wish to redirect them.
5 – To configure the system to send an email alert when Leech Protect activates, select the Send Email Alert To checkbox. Then, enter the email address to alert.
6 – To disable an account that exceeds the maximum number of logins, select the Disable Compromised Accounts checkbox.
7 – Click Enable.
Disable leech protection
To disable leech protection, perform the following steps:
1 – The Leech Protection window will appear. Select which of the four main directories you wish to view in the file window:
- Home Directory (/home/user)
- Web Root (/public_html/www)
- Public FTP Root (/public_ftp)
- Document Root (/public_html)
2 – Select the directory that you wish to protect.
- Click the appropriate folder icon to navigate to a different folder.
- Click the desired folder’s name to select it.
3 – Click Disable.
Manage users
To add, edit, and delete users, click Manage Users to navigate to cPanel’s Directory Privacy interface (cPanel >> Home >> Security >> Directory Privacy).
Video: https://youtu.be/2hxyneZLu24
ModSecurity
ModSecurity
This interface allows you to enable or disable ModSecurity™ for your domains.
Configure All Domains
To enable or disable ModSecurity for all of your domains, click Enable or Disable.
Configure Individual Domains
To enable or disable ModSecurity for a specific domain, select On or Off.
SSL/TLS Status
SSL/TLS Status
This interface allows you to view, upgrade, or renew your Secure Sockets Layer (SSL) certificates. You can also view useful information about each domain’s SSL certificate, for example:
- The type of certificate that secures the domain.
- When the certificate expires or expired.
- Graphical representation of all certificates for quick reference.
- Options such as View Certificate or Upgrade Certificate for applicable domains.
- AutoSSLDomain Control Validation (DCV) error messages for applicable domains.
- The last time that AutoSSLran for applicable domains.
Search bar and filter
The Search text box allows you to filter by domain name. Enter all or part of the domain name to update the domain list. For filter options, click the filter icon.
Click the tab below to view each filter option.
- Domain Types.
- SSL Types.
- SSL Statuses.
- AutoSSL Statuses.
The Domains table
The Domains table displays each domain’s certificate and provides options to view or upgrade the certificate.
- Domain — This column displays a complete or filtered list of all domains on the cPanel account.
- Certificate Status — This column displays domain specific certificate information. If an error exists for the domain in the /var/cpanel/logs/autossl/ directory, that error will display in this column. This column also displays the time AutoSSLlast ran for applicable domains.
Two-Factor Authentication
Two-Factor Authentication
Two-factor authentication (2FA) is an improved security measure that requires two forms of identification: your password and a generated security code. With 2FA enabled, an application on your smartphone supplies a code that you must enter with your password to log in. Without your smartphone, you cannot log in.
Configure two-factor authentication
To configure two-factor authentication, perform the following steps:
1 – Click Set Up Two-Factor Authentication.
2 – To configure two-factor authentication, you must link your cPanel account and your 2FA app:
- To automatically create the link, scan the displayed QR code with your app.
- To manually create the link, enter the provided Account and Key information in your app.
3 – Open your 2FA app to retrieve the six-digit security code.
4 – Enter the six-digit security code in the Security Code text box.
5 – Click Configure Two-Factor Authentication.
Remove two-factor authentication
To remove two-factor authentication, click Remove Two-Factor Authentication.
Reconfigure two-factor authentication
To reconfigure two-factor authentication, click Reconfigure
Video: https://youtu.be/0I6nyEXcuCA