WHM or Web Host Manager is a powerful program that permits administrative access to cPanel backend. WHM enables the user with more flexibility and control while managing some very popular resource intensive websites, or large no: of websites. WHM not only enables the user to with the ability to sell web hosting services but also gives the option to create and manage multiple cPanel accounts. WHM saves your money and time by automating and streamlining the tedious task of server management. WHM allows you to manage all things under one roof.
Login into the WHM and use the following steps to check the server security:
Step 1: Check WHM>>> Server Configuration >>> Tweak Settings & deactivate the following options:
Step 2: Now go to WHM >> >Security >>> Manage Wheel Group Users
Step 3: Then select WHM >>> Service Configuration >>> FTP Configuration
Step 4: Now select WHM >>> Account Functions >>> Manage Shell Access
Step 5: Then select WHM >>> SQL Services >>> MySQL Root Password
Now perform a quick security scan to detect Trojan Horses from your WHM >>> Security in a week.
[alert] Note: one important security measure for your server, while creating any new security account, Choose WHM >>> Resellers >>> Reseller Center [/alert]
Enable “Prevent Accounts from being created with Shell ” & deactivate the “Allow Creation of Packages with Shell Access” this will prevent any 3rd party from accessing your server if they do not have your approval.
WHM >>> Security Center >>> Host Access Control
Host Access Control permits you to set up precise rules to permit or deny access to your server and services over it on the basis of IP address that is trying to connect. The most secure way of using Host Access Control it regulates the connection as per your wish i.e. to provide access only to the connections which you want.
WHM >>> Security Center >>> PHP open_basedir Tweak
PHP’s open_basedir protection averts users from opening files that are outside of their home directory with PHP.
In addition, you can install mod security to avoid web-based infection, cross scripting attacks and web-based intrusions to the server.
Powered by BetterDocs
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.