BuycPanel Blog

BuycPanel Blog

Latest news and updates

12/26/2014 – How to Keep cPanel Secure

Posted by Jamison on 26 12 2014.

When hosting a website security will always be a concern. There are many people out there who want to get their hands on your files, passwords and other information they can exploit to their advantage. Don’t give them that chance and make sure your cPanel is always secure. Here are a few tips to help you do this.


  1. Always keep cPanel up to date. Developers release updates for good reasons, whether this is to add more features, add some tweaks, fix some bugs or offer another layer of protection against hackers and those who want their hands on your goods. It’s always a good idea to go for the latest updates.


  1. Use secure passwords. Passwords are among the easiest things for hackers to figure out, and they find it easy because you are not making it hard for them. You might be tempted to use a simple password like common words or those that have no numerals or non-numeral and non-alphabetic characters because they are easier to remember. You have to be aware that the weaker your password the easier it is for others to get it.


  1. Always use SSL. cPanel has the option of using Secure Socket Layer security. However, this is one option you should make mandatory for all users. They should be accessing your website through http after all, and not with https.


How to use a shared SSL to access cPanel


Use https and your IP address, followed by the secure port number. It should look like this:


https://(YourSite’sIPAddress):(your secure port number)


This will bring up a browser warning, which you have to bypass.


If you know your server name, input the following:


https://(ServerName):(your secure port number)


You can also try this:


https://(SecureServerName):(your secure port number)


Remember that you can only use shared SSL if you are on a shared server.


The server name for resellers should look like (something).(website name).com or secure1234.(website name).com.


The server name for shared web hosting customers should look like (something).(your webhosting service provider).com.


If you need your server’s secure name, you can always contact your webhosting service provider.


Getting around the Shared SSL browser warning


Chances are that in your attempt to access your domain name through a secure port on a shared SSL, you might have encountered a pop-up from your browser presenting a warning. This happens when the browser tries to validate your domain name on the shared certificate installed on the server.


There is a way for you to bypass the warning if you want to use the shared SSL and your browser doesn’t trust it:


With Mozilla Firefox


  1. Bring up the warning message and click the “I Understand the Risks” link at the bottom.
  2. Click on Add Exception.
  3. Click on Get Certificate.
  4. Click on Confirm Security Exception.


With Internet Explorer


Bring up the warning message and click Continue to this website


To avoid trouble with a shared SSL you can always get your own private SSL. This is method is more recommended than trying to work your way around your browser.