Keeping your cPanel hosting secure protects your websites, data, and customers. With the right cPanel security settings, you reduce attacks and prevent unauthorized access. In this guide, you learn how to harden both cPanel and WebHost Manager using built-in tools and smart server-side measures.
Secure Your cPanel and WebHost Manager Access
First, secure how you log in to your hosting environment.
Always access cPanel and WebHost Manager over HTTPS. This encrypts your credentials and protects them from interception.
Next, enable Two-Factor Authentication (2FA) for all admin-level users. You find this in WHM under “Security Center > Two-Factor Auth.” 2FA adds a second login step and stops many unauthorized access attempts.
Then, improve your SSH access. Avoid default ports whenever possible. Change your SSH port to a custom one. Disable password logins and switch to SSH key authentication instead. This makes brute-force attacks much harder.
Strengthen Passwords and User Policies
Strong passwords still matter for cPanel account security. Therefore, enforce them using WebHost Manager.
In WebHost Manager, open Password Strength Configuration. Set the minimum password score to at least 80. This forces every user to choose complex and unique passwords. Also, never reuse passwords across different services. Use a password manager to generate and store logins securely. This simple habit reduces the damage from any single breach.
Secure Server Settings for cPanel Hosting
When you run cPanel on a VPS or dedicated server, you control the full system. Meaning, you also own the security responsibilities.
Follow these best practices for a safer cPanel hosting environment:
- Enable Two-Factor Authentication for WebHost Manager access.
- Change the default SSH port and always use SSH keys instead of passwords.
- Configure a firewall and open only the ports you truly need.
- Install anti-brute-force tools like Fail2ban or cPHulk to block repeated login attempts.
- Run antivirus software such as ClamAV to scan for malware and suspicious files.
- Keep applications like WordPress updated and use security plugins such as Wordfence.
These layers work together and significantly harden your cPanel hosting server.
Enable Built-In cPanel Security Features
cPanel includes helpful tools that increase security without extra software. You should enable and configure them carefully:
- Activate ModSecurity under Security → ModSecurity. This web application firewall filters many common web exploits and malicious requests.
- Turn on Hotlink Protection to stop other websites from embedding your images directly. This protects bandwidth and reduces some simple abuse.
- Configure Leech Protection for sensitive directories, membership areas, or login sections. It limits repeated or shared logins and protects restricted content.
Together, these features significantly improve your overall cPanel security posture.
Monitor Your Server and Stay Updated
Security is an ongoing process, not a one-time checklist. You need regular monitoring and updates.
Use the Security Advisor inside WebHost Manager. It scans your system and highlights risky configurations or missing protections. Review its suggestions regularly and apply corrections where possible.
Also, schedule automatic updates for cPanel, WebHost Manager, and related services like Apache, PHP, and MySQL. Updated software includes important security patches that close known vulnerabilities.
Watch Our YouTube Video on Enhancing cPanel Account Settings
If you are more of a visual learner, we have a YouTube video ready for you.
Conclusion
To recap the main points:
- Secure access to cPanel and WebHost Manager using HTTPS, Two-Factor Authentication, and SSH keys.
- Harden the server with firewalls, anti-brute-force tools, antivirus scans, and regular application updates.
- Enable built-in cPanel security features like ModSecurity, Hotlink Protection, and Leech Protection.
- Monitor your environment with Security Advisor and keep all components updated.