Extra Attempt protections of Bots

I

inthukha

Well-Known Member
Jul 17, 2013
61
0
6
cPanel Access Level
Root Administrator
Hello,

I m in the process of VPS hardening where WHM/CPanel installed and performed all of the basic and advanced security steps.

I want to make more secure the way where clients will access. i want to make control panel access with more security of .htaccess handled. so if client or any other freak person try to 2082 or 2086 or 2096 via browser so .htaccess ask verification code and after putting the code client will able to access Password screen.

Please advise how can i perform this step with more smarty way? i want to know complete process of how .htaccess work upfront of those access points for verifications.

Many thanks
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,260
463
Hello :)

cPanel and WHM are already password protected using a secure method. Is there a specific reason you prefer an alternate method of logging into cPanel/WHM compared to what's already implemented?

Thank you.
 
I

inthukha

Well-Known Member
Jul 17, 2013
61
0
6
cPanel Access Level
Root Administrator
No, i just asking to verification. not logging into cpanel/whm.

i just want if someone try to login cpanel or WHM he/she face .htaccess user:passowrd screen where they use custom user:password provided from "ME". and once they done they will able to login their cpanel/WHM.
 
S

srider

Registered
Sep 13, 2004
3
0
151
Palm Springs, CA USA
Apache only listens on port 80 and maybe 443 in a typical configuration. Apache is the only process that uses .htaccess.

cPanel is a separate process from Apache, this is necessary if cPanel is to monitor and control Apache. And it's a good thing.

You can add protection against dictionary attacks on Apache and/or cPanel by installing ConfigServer CSF, a truly excellent firewall. It has an option to watch cPanel login failures and respond with a temporary or permanent IP ban. It has been working for me for many years. You will love CSF firewall, trust me.

ConfigServer Security & Firewall
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,260
463
You can also ensure the following option is enabled for added security to cPanel/WHM login attempts:

"WHM Home » Security Center » cPHulk Brute Force Protection"

You can restrict access to specific services such as cPanel/WHM using Host Access Control:

"WHM Home » Security Center » Host Access Control"

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
N New server installation generate extra certificates on the hostname? Security 2
S Use csf to block incoming hits to extra local IPs? Security 2
W KernelCare “Extra” Patchset option not showing in WHM > Security Advisor Security 8
Z SOLVED Security Advisor "No symlink protection detected" Message When KernelCare + Extras Is Installed Security 2
Q i have an extra ftp user in cpanel Security 1
Similar threads
New server installation generate extra certificates on the hostname?
Use csf to block incoming hits to extra local IPs?
KernelCare “Extra” Patchset option not showing in WHM > Security Advisor
SOLVED Security Advisor "No symlink protection detected" Message When KernelCare + Extras Is Installed
i have an extra ftp user in cpanel
Top Bottom