Basic Security for your Dedicated server
Many different functions and options affect the security of your Dedicated server through WHM. Access to your server, updates for your software and backups are just a few of the things that you would need to consider to keep your server secure. The following list is a set of the basic security options provided within WHM.
Password strength is a security option that allows you to set the default required password strength for passwords that are used to access different parts of your dedicated server. For information on how to use this option, please see How to Set the Password Strength in WHM. If you are curious about the effectiveness of using a secure password, please see Password Strength and Security.
Two Factor Authentication
Two-factor authentication allows you to set up a secure login to your dedicated server using a smartphone and authentication application. Two-factor authentication works by providing a password from the user and then a code generated by an authentication app on the smartphone. For example, once you enable two-factor authentication, you would then configure it to connect to the app on your phone. WHM will provide a QR code that must be scanned by the application on the phone, which then generates a code that you must put into WHM. Once the code has been correctly added, the phone will be "synchronized" to the server. The application generates a random code every thirty seconds. Login would require that you use your password and code provided by the authentication app on the smartphone. If you fail to add the code on the screen of your phone within thirty seconds, you would receive a new code and have to use the newly generated code. The code is 6 digits and easy to type in within that period of time. For more information about using two-factor authentication, please see cPanel Two-Factor Authentication. Two-factor authentication applications include:
- Android, iOS and Blackberry - Google Authenticator
- Android and iOS - Duo Mobile
- Windows Phone - Authenticator
These applications are time-based one-time password applications. To remove two-factor authentication, go to the Two-Factor Authentication option under the Security Center, then click on Manage My Account tab, then click on Remove Two-Factor Authentication.
The Security Advisor is a great feature of cPanel in that it provides clear advice on actions you can take to make your server more secure. Each suggestion also provides links to give you a thorough explanation of each topic and suggestion. The screenshot at right shows an example of the security advisor in action. Use the suggestions provided to guide your steps to make your server.
This section allows you to control the version that you're using for cPanel or WHM, Operating System, and Apache SpamAssassin. You can set the version, frequency, and location for updates to be loaded. Keeping your Dedicated Server updated is important because updates often include security updates or bug fixes that can affect the security of your website.