The information that is transferred between client computers these days is ever growing more confidential; it is for this reason that cPanel provides you with many different tools to help keep your website secure, and any information that is passed between it and your visitors. cPanel is able to provide you with password protected directories, an IP deny manager, SSL/TLS certificate manager, SSH/shell access management, hot link protections, leech protection and GnuPG keys; all these tools put together give you the ability to protect directories or areas of your website which might contain sensitive information that you don’t want people without passwords to see, and the ability to keep those people with intentions of harming your website or server away from it. Most of these security tools should only be deployed in the situation when you need them; for example an IP should only be added to the IP deny manager when it is pretty obvious that the visitor at that IP address has harmful intentions for your website. Most of the listed tools are only their to give advantage to your website and the server on which you are hosted; however, there is one tool that gives benefits to both you and your visitors – these are SSL certificates. SSL certificates are basically there to ensure the information passed between your website and the client machine is secure. If you run a small static website which doesn’t receive many visitors, then the need for you to use any of these security features is fairly low; however, the opposite is appliable to larger sites which receive many visitors, this is because that if you have a larger website with more visitors, hackers, spammers and other types of malicious threat will want to take your deface your website or even take it down to cause the most inconvenience possible.

Although Linux web hosting servers are well known to be much more secure than their Windows counterparts, they still require many different levels of security to ensure that the website they run are not compromised in any way. Different technologies are implemented to ensure that the data passed between the website and client is secure, and that the data that is stored is secure as well. The following are different technologies are available for use through your cPanel control panel and ensure that your website is secure as it can possibly be; they ensure that you are able protect different areas of your website to ensure that the data stored within those areas is secure, to ensuring that other people and websites aren’t able to take all your bandwidth up easily. Other areas covered include how to ban people from your website, which can be of the utmost importance if you feel that any part of your website has been compromised in any shape or form. You might also find that one part of your website is not working for some reason, you might be finding that when you enter certain information in a text box, you are ending up back at the root of your domain; the cause of this is explained and can help relieve any frustrations that you might have over the subject.

Password Protected Directories

The password protected directory security feature that is built into cPanel allows you to password protect multiple directories within your website with multiple usernames and password; it is done via the use of the .htaccess file, and no technical work is needed on your end since all the file generating is done by cPanel – all you have to do is enter the usernames and password of the people that you want to have access to the protected directories, the good thing is that you can add, delete and edit users at any time you want through cPanel, you can even have multiple password protected directories. By password protecting certain directories of your website, you are able to store sensitive information in them which you may not want to risk storing in a regular unprotected directory which can be accessed by anyone, including spammers and hackers; you are also able to create a secure part of your website that only you have control over. You might also want to take advantage of this feature to create an area of your website that only people such staff can enter; this area could be similar to your internal intranet in the fact that you could use it to share information without having to meet a colleague face to face, which can be very time consuming. The .htaccess method of user authentication is the preferred type by some who have little technical knowledge; this is because more complicated systems that are based on programming languages such as PHP are more complicated to install since they require a database and for file permissions to be set, however, the .htaccess method of user authentication isn’t as secure as a PHP/MySQL based system since the user credentials are being stored in plain text and not in an encrypted password protected database.

IP Deny Manager

The IP deny manager built into cPanel allows you to ban the IP addresses of any visitor to your website. This security tool is useful to you if you have a suspicion that a user from a certain IP address is trying to hack, spam or harm your website in any way. This feature gives you access to control who can access your website; some web hosts do not allow access to this however, since IP banning is generally carried out either by the hosting node automatically or by firewalls that are in front of the server. Some web hosting servers will automatically block IP addresses for one reason or another; if any IP trying to access your website has been banned automatically by the main hosting server, then it should appear in your list of blocked IP addresses. You are able to block visitors either by their IP address or hostname; cPanel also gives you the option to block an entire subnet of IP addresses – this can be useful if you think that you are under attack from one subnet, or country for that matter. You are also able to delete any IP address that you have added to the block this – this is something that can be useful if you have mistakenly blocked a hostname or IP address. If you have blocked a range of IP addresses, then they will be displayed in a list being classed as ‘Beginning IP’ and ‘Ending IP’ to avoid confusion when checking which IP addresses have been blocked. You should always be careful when using the IP deny manager; this is because you could easily enter an IP address incorrectly and blocking the wrong person – you may even enter your own IP address by accident and end up blocking yourself.

SSL/TLS Manager

The purpose of the SSL/TLS manager is to allow you to control digital certificates which may be assigned to your website. It also gives you the ability to generate private keys and CSRs without any intervention from your web host to allow you to buy SSL or TLS certificates from suppliers who sell them, and if you have the appropriate knowledge you can then install them yourself. SSL and TLS certificates are used to encrypt the data that is sent between your website and the people who visit it; they are normally deployed in environments where the information exchanges between the two is highly sensitive and could cause great damage if it were to fall into the wrong hands – examples of this kind of data would be credit/debit card details as well as usernames and password for webites where personal information is stored. SSL/TLS certificate encryption can come in different levels; the main levels used by most mainstream websites are either 128bit or 256bit – the higher the number the more encrypted the exchanged information is. If you have a website where users are logging in and out all the time, and you accept online orders where customers enter their credit or debit card details, then you should consider implementing an SSL/TLS certificate if you haven’t already; the trust that your customers have in your website will also increase if you display a seal on your website from the vendor that you bought your certificate from saying that your website is secure to trade through and that any details transferred between them and your website is highly encrypted. Websites that use secure certificates can be easily identified since an ‘s’ will appear after the ‘http’ in the address bar at the top of your web browser; SSL websites also generally run on port 443 through a web server. One thing to note is that SSL certificates will only run on dedicated IP addresses, which you must purchase separately from your web host; they will not run on shared IP addresses which is what you get in a normal shared website hosting environment.

Mod Security

Although not a feature built into cPanel itself, mod_security (sometimes referred to as mod_sec for short) is still a security which most web hosts deploy within a shared cPanel website hosting environment. Its main aim is to stop any malicious attacks being carried out on scripts which may be vulnerable; for example, it throws a user back to the homepage of the website if they try to enter any HTML into a regular text field. Mod_security is in place to stop attacks on programs which have known holes such as Joomla!, which is an open source CMS system used by many websites, although it is widely known that it is insecure in many areas. If you have a website or use an application which is being effected by mod_security in the form that when you try to edit any pages or post any information using regular text fields, you end up back at the root of the domain, there is a fix that you can place in your .htaccess file to ensure that the applications are still usable. Other types of PHP website application that may be affected by this include forum softwares, blog softwares and other types of application in which the data posted back to the page contains any code of sorts. Spammers and hackers are beginning to target websites even more these days, which is the reason why so many web hosts have deployed mod_security; it is able to ensure that websites can’t be compromised, and that if they are, other websites hosted on the same server as the compromised website are not affected by the hack/hijack. You should only disable mod_security in the situation that you are running an application that is being affected by it; if your website or application that you run is not being affected by it then you should leave it be since it leaves your website open for attack if you disable it without any good reason because at the end of the day, you should prefer to have a secure site rather than one which is open for easy attack. One thing to note is that your web host might not allow you to disable it because they don’t want the other websites on the same server as you to be compromised; in this case you should pack up and move to another cPanel based web host that does not use it or does use it, but at the same time allows you to disable it.

SSH/Shell Access

SSH is rarely given in a shared web hosting environment due to the attached security risks, but some web hosts including eUKhost do provide some servers which do allow customers who need SSH access the ability to use it. SSH is generally used for the transfer of files between Linux web hosting servers, although at root level it can be used to administer a server; unlike telnet, the data which is exchanged between the client machine and the server which is running SSH is normally encrypted. Those web hosts that do allow you SSH/shell access will normally provide you with an interface in cPanel which you can use to administer your SSH/shell access; you are able to modify and change private keys which are an alternative to use instead of a password when communicating through SSH since they allow automatic login; when a person is normally communicating with a Linux web hosting server via SSH, they are normally required to enter a username and password – this type of information is not needed when using a private key since that key is normally unique in some way or another – private keys are a perferred method of authentication when running scripts that require SSH access to another server. Through cPanel, you are also given the ability to import existing private keys; this function can be useful to you if you are migrating your website hosting account from another server or provider. One thing to note is that you do require a certain amount of Linux knowledge to be able to use SSH access in a shared web hostig environment effectively; you might not also be able to be granted SSH access in a shared environment because of the associated security risks, but those hosts that do provide it will normally require some sort of proof that you need it before assigning it to you.

Hot Link Protection

Hot linking is when a another person or website links directly to an image that is hosted within your web space without your knowledge or permission; hot linking can quickly use up any bandwidth assigned to your website hosting account if the image that is being hot linked is rather large in file size and if the website that is hot linking the image or file gets a lot of visitors. Images are the main type of file that are hot linked, but other file types such as video can be easily hot linked; in fact any type of file can be hot linked. By enabling hot link protection, you can ensure that any file with the extension that you have listed when enabling hot link protection will not be displayed on any website under any domain except the main domain that you have assigned to your web hosting account; if someone does hot link to the file then it just won’t be displayed on any other website – its as simple as that. You are also able to direct any request to any listed file extension on your website to another image or page; this can be helpful in the combat of hot linking since the page that you redirect people to could be one explaining why they shouldn’t hot link. If you don’t disable hot linking then you could end up having your bandwidth stolen, which is not something you want since the price of bandwidth is quite high, and if you have an option set to automatically bill you for any bandwidth overages then you could end up with a very very big bandwidth bill. The hot linking panel that is built into cPanel also gives you the option to not allow people to call any of the designated file types in a browser, meaning that they can only be called from your web pages. One thing to note is that you should be careful when choosing which file types that you don’t want to be hot linked; if you enter an extension which you didn’t mean to enter then you could end up affecting not only your website but others which might be hot linking to something within your website.

Leech Protect

Leech protect is a function that is built into cPanel to restrict a user from publicly posting their password to a restricted area of your website; it can also be put in place to stop malicious attackers such as spammers and hackers from trying to guess a the password of a username multiple times. To enable leech protection for a directory in your website, just select the ‘Leech Protect’ option from the security panel on the homepage of your cPanel control panel; you are then prompted to enter things such as how many times a user is allowed to login to a certain folder as well as the time length in which the number of times that they can login is applicable. You can also specify the page that leech users should be sent to – this page could contain a warning message telling them not to attempt such an attack again; you can also choose for an email message to be sent to you informing you of the attempted security breach on your website. You can also choose for accounts to be suspended if they breach the leech policy for whatever reason; this is a good option to protect the information for which the user account has been assigned to, since the account’s owner might have posted the password openly meaning that the information is open for many to see – but if too many people try to login to the account then it will be in breach of the leech policy, meaning the account will be suspended, safeguarding the data which it has access to. You should always set your options for leech users quite loosely since you could end up blocking out a member of your staff or someone genuine who is trying to access a protected part of your website. One thing to note though is that the leech policy that you put in place for the user accounts that have access to password protected areas of your website might affect how you are able to use the protected areas since you might be limited on how many times you can log in within a specified time period.
GnuPG Keys

GnuPG is a publicly available scheme that uses the so called ‘public key’ approach; this works in the way that a message is encrypted using the public key but can only be decrypted by using the ‘private key’ which is held by the intended recipient of the message. GnuPG keys can be helpful for you if you want to send messages or store information quickly, but still want the ability to decrypt it at a later date. You can also choose the password or private key that you want to give to the recipient of the message to allow them to decrypt the message or data when they receive it. Unlike other forms of encryption where the encryption and decryption keys used are the same, both keys that are used with GnuPG keys are different – although the encryption key will always be the same for whatever message is sent using it, the decryption key will always be whatever the maker of the message wants it to be. With the cPanel interface for GnuPG keys, you are able to specify how long the decryption key is valid for; this means that after a certain date the message will not be decryptable and therefore unreadable. You are also given the option to choose the key size that you want; the higher the key size the more encrypted the message will be, meaning that it will be more secure the bigger the key size is. cPanel also gives you the option to import existing private and public keys which can be of help to you if you are transferring your website hosting over from another provider.

Conclusion

In conclusion, cPanel provides you with a number of tools that you can use to ensure that your website is as secure as it can be. Via the use of password protected directories you can ensure that information stored in certain directories of your website is only accessible via the use of a username and password which any sensible web master would retain for themselves; however, you are given to the ability to create multiple accounts meaning that you can easily allow access for others if you want or if needs be. If your website is very informative and contains a lot of images which others may find of use, then you should ensure that you put hot link protection in place; this is because that other website owners may want to include your images within their content but don’t have the sufficient knowledge to download the image and place it in their web space – in this case, if hot link protection is not enabled and the other person’s website is a very busy one then you might find yourself with either a large bandwidth overage bill or running out of bandwidth. If you feel that visitors from a certain host name or IP address may be trying to breach the security of your website in one way or another, then you can easily ban them through the IP deny manager; you should always do this since one day they might just get lucky and manage to get through all the security that you have laid in their way. If you run an online shop or a website where the information that is exchanged between client computers and your website is of the highest confidentiality, then you should deploy an SSL certificate on a dedicated IP address; you can also display a ‘sticker’ on your website that most SSl vendors supply since that could boost the confidence that customers have in your website. If you require it, then you can also use SSH access within your shared hosting environment in order to transfer files between one server and another server; you can also implement private keys in this case in scripts to enable automatic file transfer via SSH without the need for any username or password, although the information that is being exchanged is still secure. If you have implemented password protected directories within your website, then you can also put in a leech policy to ensure that if any user accounts that are used to access confidential information in your website are suspended if they are compromised in any way; if you don’t want others to see the information contained within your password protected directories then you should deploy a leech policy to protect both the user accounts that are used to access the directories as well as the information contained within the directories. Finally, you can use GnuPG keys to encrypt and decrypt messages sent between you and a friend; the messages are all encrypted using the same public key, although you have the power to specify the private key/password that may be used to decrypt the message.

Related Posts:

• No Related Posts

cPanel and Plesk are two examples of web hosting control panels utilized by many hosting providers. Currently cPanel is only available for use on Linux operating systems, but this is set to change from 2008 when cPanel releases it’s cPanel/WHM 2008 Suite for Windows 2008; Plesk has been available for both Windows and Linux for a while now.

cPanel

cPanel is seen by many as the preferred control panel for Linux operating systems because of its quick loading times which is main due to the fact that the system is based mainly on Perl scripts meaning that it requires little to no database access at most times. cPanel also has greater capabilities than those which Plesk contains, these being that cPanel gives more server side information to the end user which they may need to use at times which can be mission critical in some cases; cPanel is also able to sort add-ons, examples of these include ‘Fantastico’ and ‘RVSkins’ – this add-on functionality also allows developers to build their own custom functions and programs for use within cPanel.

cPanel provides better reseller hosting than Plesk does. This is because cPanel has a specially created control panel included with it called WebHost Manager (WHM for short) which has been designed specifically for the purpose of reselling web hosting services. Plesk is only one control panel and makes setting up reseller account remarkably hard.

cPanel has also made migrating your hosting account to another cPanel hosting provider easy by intergrating a site migration module. This allows people to transfer all their sites and settings without loosing any data. This is something which makes cPanel stand out from the rest as it is something most control panels lack.

Plesk

Plesk is a cross platform control panel which is available in versions for both Windows and Linux. It is seen as the preferred control panel in the Windows hosting industry because its closest rival, HostingController, is remarkably unreliable and has helped give Plesk a big boost in the control panel industry. Plesk is a relatively closed operating system meaning that isn’t open for developers to create their own add-ons, however, it does have intergration for many other programs in different fields such as the ability to allow customers to use SmarterMail in the Windows version of Plesk.

Being a cross platform control panel, Plesk has the advantage over cPanel meaning that companies can run the same control panel on both panels meaning that minimum training is required for technicians as they only have to work out the operations of one control panel – this can save a business both time and money. However, on the security side of things Plesk for Windows doesn’t fair as well as it’s Linux counterpart or competitor do; there have been several holes found within the Plesk software allowing hackers to take control of a Windows server through the Plesk control panel, and the hacker can still gain access a second time after the administrator password on the server has been changed.

Conclusion

If you are after one control panel that suites all then go with Plesk – it can save you both time and money as a business and what you learn can be applied to both systems. However, if you prefer to go with the market leader and are willing to spend some time studying both options (cPanel for Linux, Plesk for Windows) then fo with cPanel as you will be able to customize it more to suite the environment in which you want your customers to control their websites.

Related Posts:

• No Related Posts

The debate over deciding which is better, Windows or Linux, has been one which has been ongoing since the early days of the internet. However, the debate is more or less based on their factors in relation to the web hosting business and what customers want, but factors such as security and usability do come into consideration. Linux is rarely used as a desktop operating system, as its main use is as a server OS; however, Microsoft has released many different versions of Windows meaning that it can be used in almost any scenario.

Linux

Linux is a free, open source operating system which comes in many different versions – these are known as ‘distributions’, ‘distros’ for short. Each distribution has been made for a different use in most cases, but all can be used for similar things; an example of this would be Ubuntu Linux – it was produced mainly for the home user but can be used as a server operating system as well. Linux also has the advantage over Windows that it is less resource intensive meaning that it can be used on older machines or lower specification machines. Security wise, Linux also comes out better than Windows; although viruses do exist for Linux, the number is far less than the number of viruses which can have an affect on the Windows operating system. In most cases viruses can sit in a Linux environment and not have any negative effect, in other words they can sit there in harmony doing nothing.

From a web developer’s point of view, Linux is much easier to work with than Windows is; this is because there is a greater range of free resources and scripting languages that will work within a Linux environment. Also, Linux web hosting is considered to be an affordable web hosting solution than Windows web hosting because the cost of the server software is little or nothing when compared to Windows software.

Windows

Windows is a premium operating system which comes in many different versions, that you can only buy. It is the world’s most commonly used computer operating system and is what has made Bill Gates the richest man in the world. At this moment in time, the current main versions of Microsoft’s operating system are: Vista and Server 2003; Windows Vista is Microsoft’s latest desktop operating system and Windows Server is run on servers. As Windows is widely popular, it is a virus magnet meaning that there is thousands of viruses at the current time capable of causing damage to someone’s computer; this means that people have to fork out more money for anti-virus and internet security software to ensure that their computer is safe.

Windows was the first main-stream computer operating system which gave it a head start within the market; however, Unix based systems like Linux and Mac OSX are starting to eat their way into Microsoft’s market share. If you are a web developer Windows isn’t a very versatile system to work with; you are limited to the languages which will run on Windows, the main ones being Microsoft’s classic ASP and ASP.NET – however, you can get RoR and PHP to run on Windows.

Conclusion

If you are looking for a robust system then you can go with either Windows or Linux, but if you don’t have any experience with Linux then you shouldn’t go with it as the only support that you will receive is community support which may not always give you the answer you need. With Windows you are paying a price, but you are guaranteed support from Microsoft – there is also enough websites on the internet to help you along with both. If you want better security then go with Linux, but if you have the ability to fork the extra money out for Windows’ security software then go with Windows.

Related Posts:

• No Related Posts

Apache, MySql and PHP; these three products are open source programs available for use on most well known operating systems. In this article I will explain how you can install Apache, MySql and PHP on a Linux box using yum in under 10 minutes.

1 – Checking and Removing Any Existing Installations of the 3 of Them

Run the following command to make sure that any existing installations of Apache, MySql or PHP are removed:

yum -y remove httpd mysqld mysql-server php

2 – Installing Apache

Run the following to install the Apache web server:

yum -y install httpd

3 – Installing MySql Server

Run the following command to install MySql Server:

yum -y install mysqld mysql-server

4 – Install PHP

Run the following command to install PHP:

yum -y install php php-mysql

5 – Installing PHP Libraries

PHP has many different libraries and add-ons which you want or need to utilize; in your case we want to install the PHP GD image library and the PHP IMAP library, to do this we’ll be using the following command:

yum -y install php-gd php-imap

Thats it – you have now AMP’d a server! All you need to do now is start the individual services, to do this run the following commands (individually):

service httpd start

service mysqld start

PHP will be seen by Apache as a library and so does not need to be started.

Related Posts:

• No Related Posts

This problem is probably happening because the wrong POP3 server is running. To fix this, follow these instructions:

1) Login to your Linux box via SSH as root.

2) Run the following command:

vi /etc/xinetd.d/popa3d
3) Locate the line ‘disable = no’.

4) Change the line to read ‘disable = yes’.

5) Save and close the file by pressing ‘esc’ and typing ‘:wq’.

6) Now restart the xinetd service: ‘service xinetd restart’.

7) Login to WHM and navigate to: WHM > Restart Services > Select the Link ‘POP3 Server (cppop)’.

When prompted to restart the service, select ‘Yes’.

You should now be able to access your cPanel email via POP3.

Related Posts:

• No Related Posts