{"id":26622,"date":"2025-08-19T14:46:45","date_gmt":"2025-08-19T12:46:45","guid":{"rendered":"https:\/\/contabo.com\/blog\/?p=26622"},"modified":"2026-01-16T13:02:56","modified_gmt":"2026-01-16T12:02:56","slug":"how-to-enhance-cpanel-account-security-with-recommended-settings","status":"publish","type":"post","link":"https:\/\/contabo.com\/blog\/how-to-enhance-cpanel-account-security-with-recommended-settings\/","title":{"rendered":"How to Enhance cPanel Account Security with Recommended Settings\u00a0"},"content":{"rendered":"\n<p>Keeping your <a href=\"https:\/\/contabo.com\/blog\/how-cpanel-saves-you-time\/\" target=\"_blank\" rel=\"noreferrer noopener\">cPanel<\/a> hosting secure protects your websites, data, and customers. With the right cPanel security settings, you reduce attacks and prevent unauthorized access. In this guide, you learn how to harden both cPanel and WebHost Manager using built-in tools and smart server-side measures.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-secure-your-cpanel-and-webhost-manager-access\">Secure Your cPanel and WebHost Manager Access\u00a0<\/h2>\n\n\n\n<p>First, secure how you log in to your hosting environment.&nbsp;<\/p>\n\n\n\n<p>Always access <strong>cPanel<\/strong> and <strong>WebHost Manager<\/strong> over <strong>HTTPS<\/strong>. This encrypts your credentials and protects them from interception.&nbsp;<\/p>\n\n\n\n<p>Next, enable <strong>Two-Factor Authentication (2FA)<\/strong> for all admin-level users. You find this in WHM under <strong>\u201cSecurity Center &gt; Two-Factor Auth.\u201d<\/strong> 2FA adds a second login step and stops many unauthorized access attempts.&nbsp;<\/p>\n\n\n\n<p>Then, improve your SSH access. Avoid default ports whenever possible. Change your SSH port to a custom one. Disable password logins and switch to <strong>SSH key authentication<\/strong> instead. This makes brute-force attacks much harder.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-strengthen-passwords-and-user-policies\">Strengthen Passwords and User Policies\u00a0<\/h2>\n\n\n\n<p>Strong passwords still matter for cPanel account security. Therefore, enforce them using WebHost Manager.&nbsp;&nbsp;<\/p>\n\n\n\n<p>In <strong>WebHost Manager<\/strong>, open <strong>Password Strength Configuration<\/strong>. Set the minimum password score to at least <strong>80<\/strong>. This forces every user to choose complex and unique passwords. Also, never reuse passwords across different services. Use a password manager to generate and store logins securely. This simple habit reduces the damage from any single breach.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-secure-server-settings-for-cpanel-hosting\">Secure Server Settings for cPanel Hosting\u00a0<\/h2>\n\n\n\n<p>When you run <a href=\"https:\/\/contabo.com\/en\/cpanel-vps-server\/\" target=\"_blank\" rel=\"noreferrer noopener\">cPanel on a VPS<\/a> or dedicated server, you control the full system. Meaning, you also own the security responsibilities.&nbsp;<\/p>\n\n\n\n<p>Follow these best practices for a safer cPanel hosting environment:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable <strong>Two-Factor Authentication<\/strong> for WebHost Manager access.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Change the default <strong>SSH port<\/strong> and always use <a href=\"https:\/\/contabo.com\/blog\/how-to-use-ssh-keys-with-your-server\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>SSH keys<\/strong><\/a> instead of passwords.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Configure a <a href=\"https:\/\/contabo.com\/blog\/wiki\/firewall-gui\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>firewall<\/strong><\/a> and open only the ports you truly need.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Install <strong>anti-brute-force tools<\/strong> like Fail2ban or <strong>cPHulk<\/strong> to block repeated login attempts.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Run <strong>antivirus software<\/strong> such as <a href=\"https:\/\/contabo.com\/blog\/wiki\/mail-antivirus-clamav\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>ClamAV<\/strong><\/a> to scan for malware and suspicious files.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep applications like <strong>WordPress<\/strong> updated and use security plugins such as <strong>Wordfence<\/strong>.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>These layers work together and significantly harden your cPanel hosting server.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-enable-built-in-cpanel-security-features\">Enable Built-In cPanel Security Features\u00a0<\/h2>\n\n\n\n<p>cPanel includes helpful tools that increase security without extra software. You should enable and configure them carefully:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Activate <strong>ModSecurity<\/strong> under <strong>Security \u2192 ModSecurity<\/strong>. This web application firewall filters many common web exploits and malicious requests.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Turn on <strong>Hotlink Protection<\/strong> to stop other websites from embedding your images directly. This protects bandwidth and reduces some simple abuse.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Configure <strong>Leech Protection<\/strong> for sensitive directories, membership areas, or login sections. It limits repeated or shared logins and protects restricted content.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Together, these features significantly improve your overall cPanel security posture.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-monitor-your-server-and-stay-updated\">Monitor Your Server and Stay Updated\u00a0<\/h2>\n\n\n\n<p>Security is an ongoing process, not a one-time checklist. You need regular monitoring and updates.&nbsp;<\/p>\n\n\n\n<p>Use the <strong>Security Advisor<\/strong> inside WebHost Manager. It scans your system and highlights risky configurations or missing protections. Review its suggestions regularly and apply corrections where possible.&nbsp;<\/p>\n\n\n\n<p>Also, schedule automatic updates for <strong>cPanel<\/strong>, <strong>WebHost Manager<\/strong>, and related services like <strong>Apache<\/strong>, <strong>PHP<\/strong>, and <a href=\"https:\/\/contabo.com\/blog\/open-source-databases-series-mysql\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>MySQL<\/strong><\/a>. Updated software includes important security patches that close known vulnerabilities.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-watch-our-youtube-video-on-enhancing-cpanel-account-settings\">Watch Our YouTube Video on Enhancing cPanel Account Settings\u00a0<\/h2>\n\n\n\n<p>If you are more of a visual learner, we have a YouTube video ready for you.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<div class=\"ast-oembed-container \" style=\"height: 100%;\"><iframe loading=\"lazy\" title=\"How to enhance cPanel account security\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/UcXxrudD4jI?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/div>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-conclusion\">Conclusion\u00a0<\/h2>\n\n\n\n<p>To recap the main points:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Secure access to cPanel and WebHost Manager using <strong>HTTPS<\/strong>, <strong>Two-Factor Authentication<\/strong>, and <strong>SSH keys<\/strong>.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Harden the server with firewalls, anti-brute-force tools, antivirus scans, and regular application updates.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable built-in cPanel security features like <strong>ModSecurity<\/strong>, <strong>Hotlink Protection<\/strong>, and <strong>Leech Protection<\/strong>.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Monitor your environment with Security Advisor and keep all components updated.&nbsp;<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Keeping your cPanel hosting secure protects your websites, data, and customers. With the right cPanel security settings, you reduce attacks and prevent unauthorized access. In this guide, you learn how to harden both cPanel and WebHost Manager using built-in tools and smart server-side measures.&nbsp; Secure Your cPanel and WebHost Manager Access\u00a0 First, secure how you [&hellip;]<\/p>\n","protected":false},"author":77,"featured_media":26639,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[18],"tags":[],"ppma_author":[3116],"class_list":["post-26622","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorials"],"uagb_featured_image_src":{"full":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/08\/How-to-Enhance-cPanel-Account-Security-with-Recommended-Settings-2.png",1200,630,false],"thumbnail":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/08\/How-to-Enhance-cPanel-Account-Security-with-Recommended-Settings-2-150x150.png",150,150,true],"medium":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/08\/How-to-Enhance-cPanel-Account-Security-with-Recommended-Settings-2-600x315.png",600,315,true],"medium_large":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/08\/How-to-Enhance-cPanel-Account-Security-with-Recommended-Settings-2-768x403.png",768,403,true],"large":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/08\/How-to-Enhance-cPanel-Account-Security-with-Recommended-Settings-2.png",1200,630,false],"1536x1536":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/08\/How-to-Enhance-cPanel-Account-Security-with-Recommended-Settings-2.png",1200,630,false],"2048x2048":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/08\/How-to-Enhance-cPanel-Account-Security-with-Recommended-Settings-2.png",1200,630,false]},"uagb_author_info":{"display_name":"Anika Kopte","author_link":"https:\/\/contabo.com\/blog\/author\/anika\/"},"uagb_comment_info":0,"uagb_excerpt":"Keeping your cPanel hosting secure protects your websites, data, and customers. With the right cPanel security settings, you reduce attacks and prevent unauthorized access. In this guide, you learn how to harden both cPanel and WebHost Manager using built-in tools and smart server-side measures.&nbsp; Secure Your cPanel and WebHost Manager Access\u00a0 First, secure how you&hellip;","authors":[{"term_id":3116,"user_id":77,"is_guest":0,"slug":"anika","display_name":"Anika Kopte","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/1c425caa652c679ae47e3f85a48de4e19f09d37bcb5593ba88a7aa4a08bb1d81?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/26622","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/users\/77"}],"replies":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/comments?post=26622"}],"version-history":[{"count":2,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/26622\/revisions"}],"predecessor-version":[{"id":27425,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/26622\/revisions\/27425"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/media\/26639"}],"wp:attachment":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/media?parent=26622"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/categories?post=26622"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/tags?post=26622"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=26622"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}