[All] Protecting your Website Through Cpanel

**Roxy** · February 6th, 2008, 2:31 PM

Securing your Website!
On this page you will find a guide on how to keep your website secure. Everyone knows how important secruity can be to a website, so checking out these key features in Cpanel can *help* keep your website safe and trusted amongst the World Wide Web. Just a reminder though, these methods won't secure your site 100%, but they can help with that process.

Password Protecting Directories

One you are logged into your Cpanel, click on the 'Password Protect Directories' icon located under the Security category.

On that page, you'll notice a list of all the folders (directories) located under your public_html folder. If at anytime, you would like to password protect these folders, you are able to with this very useful feature.

Once you click on a specific folder/directory the next page is where you are able to create user's for the directory to view this secure directory.

Denying IP Addresses
On the home page of Cpanel, click on the 'Deny IP Manager' icon located under the Security category.

On this page, you are able to deny as many IP addresses as you like. They even show examples of the range of IPs that you may deny and how to. A useful feature to stop spam sites from seeing your website.

Hotlink Protection
On the main page of the Cpanel, locate the 'Hotlink Protection' icon located under the security category.

This feature is extremely useful for protecting your website's files from people hot-linking or "direct-linking" them. This can cause your bandwidth being eaten up very quickly if users online were to do this, so in order to save your bandwidth, enabling this feature is key. You are also able to put in websites that you do not mind hotlinking your files.

**Geoff** · February 7th, 2008, 10:35 AM

Mmm, its appreciated that you wrote this up, however i dont really see this as "securing" anything lol. even with all these methods in place, it would be trivial to compromise an insecure site. just think it might give someone new a false sense of security.

**Dan** · February 7th, 2008, 10:44 AM

I don't see how it doesn't help secure your site.

If you password protect a directory that has a script running in it. The only way someone would be able to find insecurities in the script is if they had the username/password for the directory. If not then there isn't a way for them to find out what script is even running on there much less ways to exploit it.

I see that as secure. Unless you know a way to get past the password protection that I'm missing?

Sure it should be mentioned the importance of keeping your scripts up to date and making any coding you did yourself is secure but i don't think that's necessarily in the scope of this tutorial.

From what i've read in most of these tutorials they are really just explaining the features cpanel has to offer.

**Roxy** · February 7th, 2008, 11:12 AM

Like P. Dan said, most of these tutorials are not only aimed for people who are still unsure of some the features in Cpanel, but also aimed for those starting out, who don't know all the other big time ways to secure your website. Hence the title and tagline: "Tutorial: Securing your Website Through Cpanel! An easier way to do it!"

Also, this tutorial is still in "editing" mode, since I need to add about SSH/Shell Access and the GnuPG Keys. =)

**Dan** · February 7th, 2008, 11:15 AM

Yeah, I think after we get all the features of cpanel done we can start writing up some betters ways to secure websites like Geoff suggested. If you have any ideas or tips add them here!

That's what the comments are for

anyone who reads this can read your comments too and learn even more ways. Who knows maybe they'll turn it into a completely separate tutorial

**Kayla** · February 7th, 2008, 4:43 PM

Maybe this tutorial should be renamed to... Ways to Help Protect Your Site?

**caseylee** · February 7th, 2008, 11:53 PM

Roxyyyyyy.. the hotlink protection and IP deny manager screenshots need to be swapped around

**Roxy** · February 8th, 2008, 1:07 AM

Oh man, how embarrassing. Thanks for the heads up Caseylee!

February 6th, 2008, 2:31 PM	#1 (permalink)
Roxy URB4N 5K1LLZ Super #1 Joined in Sep 2005 Lives in Orlando, FL Hosted on SH63 2,660 posts Gave thanks: 81 Thanked 128 times	[All] Protecting your Website Through Cpanel Securing your Website! On this page you will find a guide on how to keep your website secure. Everyone knows how important secruity can be to a website, so checking out these key features in Cpanel can help keep your website safe and trusted amongst the World Wide Web. Just a reminder though, these methods won't secure your site 100%, but they can help with that process. Password Protecting Directories One you are logged into your Cpanel, click on the 'Password Protect Directories' icon located under the Security category. On that page, you'll notice a list of all the folders (directories) located under your public_html folder. If at anytime, you would like to password protect these folders, you are able to with this very useful feature. Once you click on a specific folder/directory the next page is where you are able to create user's for the directory to view this secure directory. Denying IP Addresses On the home page of Cpanel, click on the 'Deny IP Manager' icon located under the Security category. On this page, you are able to deny as many IP addresses as you like. They even show examples of the range of IPs that you may deny and how to. A useful feature to stop spam sites from seeing your website. Hotlink Protection On the main page of the Cpanel, locate the 'Hotlink Protection' icon located under the security category. This feature is extremely useful for protecting your website's files from people hot-linking or "direct-linking" them. This can cause your bandwidth being eaten up very quickly if users online were to do this, so in order to save your bandwidth, enabling this feature is key. You are also able to put in websites that you do not mind hotlinking your files. __________________ Roxanne Urban Roxy -Personal Blog SH63 - the best darn shared server!

February 7th, 2008, 10:35 AM	#2 (permalink)
Geoff Yabadabadoo Super #1 Joined in Nov 2004 Lives in B.C., Canada Hosted on Dedicated 1,013 posts Gave thanks: 7 Thanked 28 times	Mmm, its appreciated that you wrote this up, however i dont really see this as "securing" anything lol. even with all these methods in place, it would be trivial to compromise an insecure site. just think it might give someone new a false sense of security. __________________ Geoff Ellis - Surpass Dedicated Server Customer www.adepttechs.net

February 7th, 2008, 10:44 AM	#3 (permalink)
Dan Staff of Surpass Super #1 Joined in Apr 2007 2,744 posts Gave thanks: 152 Thanked 184 times	I don't see how it doesn't help secure your site. If you password protect a directory that has a script running in it. The only way someone would be able to find insecurities in the script is if they had the username/password for the directory. If not then there isn't a way for them to find out what script is even running on there much less ways to exploit it. I see that as secure. Unless you know a way to get past the password protection that I'm missing? Sure it should be mentioned the importance of keeping your scripts up to date and making any coding you did yourself is secure but i don't think that's necessarily in the scope of this tutorial. From what i've read in most of these tutorials they are really just explaining the features cpanel has to offer. __________________ D4nz Net - Surpass Help Desk - NES Forever Use the thanks button. It works! AIM: dansorl

February 7th, 2008, 11:12 AM	#4 (permalink)
Roxy URB4N 5K1LLZ Super #1 Joined in Sep 2005 Lives in Orlando, FL Hosted on SH63 2,660 posts Gave thanks: 81 Thanked 128 times	Like P. Dan said, most of these tutorials are not only aimed for people who are still unsure of some the features in Cpanel, but also aimed for those starting out, who don't know all the other big time ways to secure your website. Hence the title and tagline: "Tutorial: Securing your Website Through Cpanel! An easier way to do it!" Also, this tutorial is still in "editing" mode, since I need to add about SSH/Shell Access and the GnuPG Keys. =) __________________ Roxanne Urban Roxy -Personal Blog SH63 - the best darn shared server!

February 7th, 2008, 11:15 AM	#5 (permalink)
Dan Staff of Surpass Super #1 Joined in Apr 2007 2,744 posts Gave thanks: 152 Thanked 184 times	Yeah, I think after we get all the features of cpanel done we can start writing up some betters ways to secure websites like Geoff suggested. If you have any ideas or tips add them here! That's what the comments are for anyone who reads this can read your comments too and learn even more ways. Who knows maybe they'll turn it into a completely separate tutorial __________________ D4nz Net - Surpass Help Desk - NES Forever Use the thanks button. It works! AIM: dansorl

February 7th, 2008, 4:43 PM	#6 (permalink)
Kayla Marketing Maven Surpass Staff Joined in May 2003 Lives in Orlando 24,749 posts Gave thanks: 946 Thanked 806 times	Maybe this tutorial should be renamed to... Ways to Help Protect Your Site?

February 7th, 2008, 11:53 PM	#7 (permalink)
caseylee 4-8-15-16-23-42 Excelling Contributor Joined in Jul 2007 Lives in Australia, turn left at America Hosted on Luna & Nexus (dedicated) 779 posts Gave thanks: 37 Thanked 29 times	Roxyyyyyy.. the hotlink protection and IP deny manager screenshots need to be swapped around __________________ www.casey-lee.com

February 8th, 2008, 1:07 AM	#8 (permalink)
Roxy URB4N 5K1LLZ Super #1 Joined in Sep 2005 Lives in Orlando, FL Hosted on SH63 2,660 posts Gave thanks: 81 Thanked 128 times	Oh man, how embarrassing. Thanks for the heads up Caseylee! __________________ Roxanne Urban Roxy -Personal Blog SH63 - the best darn shared server!

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread: