#CPANEL WHM PASSWORD#
SSH keys are more secure and, if password logins are disabled, they make successful brute-force attacks impossible. Another way to improve SSH security avoids passwords in favor of SSH keys.
#CPANEL WHM HOW TO#
Next time you log in to SSH, specify the port in your SSH command: ssh -p 32356 How To Use SSH Keys with the Root AccountĬhanging the SSH port reduces brute-force log-in attempts, but it won’t stop a motivated attacker. Finally, restart the SSH service: /scripts/restart_sshīe sure to take note of the port number you chose. Save and close the SSH configuration file. nano /etc/ssh/sshd_configĭelete the pound sign at the beginning of the line and change the 22 to your new port. Log in as root with SSH and open the /etc/ssh/sshd_config file in your preferred text editor. Otherwise, it will block SSH connections, and you won’t be able to log in. You should avoid 0–1023-the so-called well-known ports, including SSH’s 22-but you are free to choose between 1024–65535.īefore you begin, be sure to configure your firewall to allow connections on the new port. A Linux server has 65535 (2 7) available ports. If they can’t find the port, they can’t attempt to log in. Even if users choose long and hard-to-guess passwords-which is not always the case-brute-force attacks can generate a vast number of failed login attempts that waste server resources.Ĭhanging the port number confuses unsophisticated bots. The SSH service traditionally listens for connections on port 22, so bots target that port with brute-force attacks that attempt to guess a valid username and password. Communication between them is encrypted so eavesdroppers can’t see sensitive data traveling over the network. The server runs an SSH service, and a client on your local device connects to it. SSH (Secure Shell) is an encrypted network protocol that keeps authentication credentials and data safe when you connect to your server’s shell. We’re focusing on server-level security, so you will need access to your server’s root account, both in WHM and on the command line via SSH. Leveraging cPanel Security Advisor to mitigate common Linux security problems.Automatically blocking brute-force attacks with cPHulk.Implementing SSH keys to avoid security vulnerabilities caused by weak passwords.Changing the SSH port to confuse bad bots.In this article, we’re going to look at four techniques that leverage cPanel and WHM to enhance Linux server security.
#CPANEL WHM SOFTWARE#
Configuration mistakes, software vulnerabilities, and poor Linux security practices can open the door to bad actors and malicious bots.ĬPanel & WHM includes many Linux security tools that help server administrators to build a secure hosting environment. CentOS is a stable and secure foundation, but it is not invulnerable. The internet is a hostile environment, and your web hosting servers face innumerable threats from bad actors who want to steal data and exploit server resources.