cPanel Security policies
How many times have we seen a server getting hacked and thus being of no use to all its users. Among web-hosts, the most used control panel is WHM/cPanel and there has been numerous incidents where a single account of cPanel server getting hacked has resulted in loss of business for everyone else sharing the server.
Server security is an important aspect for web-hosts, and keeping this in mind, the newest version of WHM/cPanel, 11.28, has brought a whole new meaning to server security by introducing a WHM/cPanel “Security Policy” which can be applied to WHM/cPanel and webmail access to the system.
Security policy in general is a set of security rules which govern the users of a system. The users are made to practice(and yes it is compulsory) some security rules.
Some of these, have already been there for a while. Let us see a few simple features that have been implemented and its uses.
1. Limit logins to verified IP addresses – Now you not only need the correct login credentials to login to your cPanel account but also need access to the system whose IP address has been registered in WHM.
Think it like this, a hacker gets your cPanel’s accounts passwords using sniffers, man-in-middle attack or social engineering, but still cannot access your account since he does not have access to your system (well if he has your systems login credentials, that is another story altogether). This adds a double layer of security.
2. Specify a minimum password strength – Most often we tend to use simple and short passwords. With the new cPanel security features, root user of the server can specify the minimum length of passwords to be used when creating or changing passwords.
As you would know, the length of the passwords is directly related to time and effort required to crack the password using brute-force attack.
3. Specify a maximum password age – Using the same password again and again makes it more susceptible to being cracked. Using the “maximum password age”, root user can force other users to change the passwords after specific number of days.
Imagine a scenario where a cracker uses your account for some malicious activities and you are unaware of it as it does not affect server performance.
If you are made to change your account password, the cracker can no longer use the account and if he has to do so he needs to crack your password again. Lets make the cracker’s life more difficult.
All said and done, now let us see from where the root user can activate this security policy plugin. Oh, didn’t I mention it earlier this new feature is just a plugin which can be activated and deactivated at your will.
How to define the security policy
1. Front-end – Access the security policy from WHM under “Security Center > Configure Security Policies”. This will provide you with check-boxes to enable a policy and then provide you with more options on the particular policy.
Enabling or disabling a policy will automatically restart the cpsrvd daemon.
2. Back-end – The back-end file to be edited is /var/cPanel/cPanel.config. You should always take a backup of this file before making any changes. After editing the file restart the cpsrvd daemon.
Now, let us see what will happen if a policy is violated. There are various ways WHM can handle them. Two of them are stated below.
1. Error pages – When a policy breach cannot be resolved, the user is shown a error page which shows the user something is wrong.
2. Redirect – If a policy breach can be resolved, the user is directly redirect to the page where he can fill in the details and resolve the issue.
For further reading, you can check this pdf http://www.cPanel.net/secpolicy.pdf. Happy Security.
Bobcares provides Outsourced Web Hosting Support and Outsourced Server Management for online businesses. Our services include 24/7 server support, help desk support, live chat support and phone support.