How to Configure Security Policies in WHM

WHM (Web Host Manager) includes tools to help you secure your linux VPS Hosting and Dedicated server. Steps such as limiting logins by IP address, enabling two-factor authentication, or setting password strength and age limits can greatly increase the security of your server. In this guide, we will show you how to configure the security policies of your VPS or Dedicated server.

Configure Security Policies

  1. Log into WHM as the ‘root‘ user.
  2. Type ‘policies’ in the search field.
  3. Click the Configure Security Policies link under the Security Center section.
  4. You can then enable “Security Policy Items”. Choose from the following options.
    Limit logins to verified IP addresses
    Two-Factor Authentication: Google Authenticator
    Password Strength (selecting this will direct you to the Password Strength Configuration page)
    Password Age (selecting this will allow you to enter a Maximum Password Age)
  5. There is also a section where you can set Security Policy Extensions, but cPanel warns “do not enable these extensions unless you have an in-depth understanding of your remote API usage and DNS cluster configuration.” If you still want to adjust the settings you can enable security policies for the following.
    API requests
    DNS Cluster Requests
  6. After choosing your security policy settings click the Save button. You are finished when you see a message stating “Security Policies Configured.”

Congratulations, now you know how to configure security policies in WHM!

Leave a Reply