Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Extra Attempt protections of Bots

Discussion in 'Security' started by inthukha, Jul 18, 2013.

  1. inthukha

    inthukha Well-Known Member

    Joined:
    Jul 17, 2013
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello,

    I m in the process of VPS hardening where WHM/CPanel installed and performed all of the basic and advanced security steps.

    I want to make more secure the way where clients will access. i want to make control panel access with more security of .htaccess handled. so if client or any other freak person try to 2082 or 2086 or 2096 via browser so .htaccess ask verification code and after putting the code client will able to access Password screen.

    Please advise how can i perform this step with more smarty way? i want to know complete process of how .htaccess work upfront of those access points for verifications.

    Many thanks
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,870
    Likes Received:
    1,811
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    cPanel and WHM are already password protected using a secure method. Is there a specific reason you prefer an alternate method of logging into cPanel/WHM compared to what's already implemented?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. inthukha

    inthukha Well-Known Member

    Joined:
    Jul 17, 2013
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    No, i just asking to verification. not logging into cpanel/whm.

    i just want if someone try to login cpanel or WHM he/she face .htaccess user:passowrd screen where they use custom user:password provided from "ME". and once they done they will able to login their cpanel/WHM.
     
  4. srider

    srider Registered

    Joined:
    Sep 13, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Palm Springs, CA USA
    Apache only listens on port 80 and maybe 443 in a typical configuration. Apache is the only process that uses .htaccess.

    cPanel is a separate process from Apache, this is necessary if cPanel is to monitor and control Apache. And it's a good thing.

    You can add protection against dictionary attacks on Apache and/or cPanel by installing ConfigServer CSF, a truly excellent firewall. It has an option to watch cPanel login failures and respond with a temporary or permanent IP ban. It has been working for me for many years. You will love CSF firewall, trust me.

    ConfigServer Security & Firewall
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,870
    Likes Received:
    1,811
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You can also ensure the following option is enabled for added security to cPanel/WHM login attempts:

    "WHM Home » Security Center » cPHulk Brute Force Protection"

    You can restrict access to specific services such as cPanel/WHM using Host Access Control:

    "WHM Home » Security Center » Host Access Control"

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice