Date: 10/09/2019 4 Minutes to Read
In this article:
The biggest changes in upgrading from Shared to VPS Hosting are root access and Web Host Manager (WHM). These two capabilities grant you more responsibility for maintaining server security for your content management systems (CMSs), websites, and email solutions.
You can access both of these features within your Account Management Panel (AMP). Below are ways to use that power to harden your VPS Hosting security stance.
Learn more about InMotion Hosting VPS Hosting plans.
ClamAV Scanner is an open source anti-virus scanner accessible in cPanel and configurable in WHM. After installing ClamAV in WHM as root, cPanel users can use the Virus Scanner to check files and mail. The scanner will list any potentially infected files after the scan.
Recommended: Run at least monthly.
cPHulk Brute Force Protection
cPHulk protects cPanel accounts against brute force login attempts. Enabling cPHulk allows you to configure failed login lockouts, whitelist/blacklist IP addresses and countries, and log login attempts.
Config&Server Security Firewall (CSF)
Config&Server Security Firewall (CSF) is a versatile server-level firewall with the ability to detect and prevent brute-force login attempts, port scans, and other network-based attacks.
Account owners with Advanced Policy Firewall (APF) should upgrade to CSF for improved security.
Recommended: Enable DNS security extensions (DNSSEC) when possible via your domain registrar and server or within proxy servers such as Cloudflare.
Email is a popular attack vector for cyber-attacks. Always look for signs of malicious emails. But enlist your server to assist you. Use all available server security software and spam filters within your server and email software.
ModSecurity is generally left alone unless it blocks an important task. If that’s the case, enable ModSec once you’re done. Contact Live Support for assistance troubleshooting the block, and/or consider another method to complete the task to maintain security.
Recommended: Keep ModSecurity enabled.
The newest PHP version is PHP 7.3 while 7.2 is the most commonly supported. All older PHP versions should be avoided and removed if not required to run important software.
Recommended: Run the Security Advisor periodically and follow its recommendations.
Softaculous Instant Installer takes the pain out of installing new software. However, there are many included installable CMSs that aren’t actively maintained or require an outdated PHP version. If you remove those older PHP versions, those installation scripts will have unmet requirements. Abandoned CMSs are more vulnerable to cyber-attacks.
Recommended: Only use CMSs and frameworks in active development. Remove outdated Softaculous scripts.
Don’t have Softaculous? Purchase it in AMP today.
A Secure Socket Layer (SSL) certificate encrypts communication between the user and the website. There are three validation levels for SSLs – domain (DV), organization (OV), and extended (EV). We offer a free and paid DVComodoSSL. We recommend paid SSLs for major organizations and e-commerce stores. The free AutoSSL suffices for other websites.
After installing an SSL, HTTPS will work with your website – e.g. https://www.inmotionhosting.com. But you’ll need to force your website to redirect from HTTP to HTTPS to ensure it protects website visitors. The type of website, CMS, or other software you use will determine how you implement this.
Recommended: Check WHM for updates monthly.
The unfortunate truth: you can do everything above and suffer from a malware infection. Up-to-date cPanel backups, stored externally from the server, are your primary disaster recovery solution. AMP snapshots are another backup option, but its a single backup for your entire container. It’s used to restore your entire VPS to a last known best configuration.
Recommended: Schedule cPanel backups in WHM and snapshots in AMP.
It’s important to train cPanel users, website administrators, and email account holders on everything above. Like customer service, security is everyone’s job. Share security news related to installed CMSs, cPanel, phishing, and InMotion infrastructure regularly.
24/7 Live Support is always available via phone, live chat, email, and Skype. You’ll need account verification information for account assistance. If we can’t resolve the issue with you, we’ll provide recommendations including other support options below.
Advanced Product Support (APS) is dedicated to supporting VPS-3000 hosting plans. APS is also available 24/7.
Managed Hosting specializes in custom server-level configurations and optimizations. Ask Live Support about Launch Assist to help you get started and your allotted Managed Hosting time.
Community Support Center is the place to engage the community for support, alternatives, and additional assistance. Remember, the forum is not a live chat support medium and InMotion administrators do not have access to your hosting account. For immediate assistance with support and billing, contact our 24/7 Live Support.
Want to add external protection to your web server security? Check out Sucuri web application firewall today.