Secure your web hosting account logins
Posted on 12 May 2011 by Alan Burns
If you’re a security conscious Internet user, I’m sure you look for an https connection and padlock icon when using your on-line banking or making purchases. What about your web hosting account?
Regular http traffic can be intercepted and read by nefarious characters. If, for example, your reseller account login were stolen, someone could create dozens of web sites and mail accounts to use for spamming, virus distribution and other unethical or illegal purposes.
Your web host should use https for secure login to your control panel. On all newer and most older servers, WebHostingBuzz forces https, so that even if the user enters the insecure http, the login will occur over https. This is a good security measure.
For cPanel hosting, https uses a different port than http. The regular logins for cPanel and WHM are:
- cPanel: http://domain.com:2082
- WHM: http://domain.com:2086
For https over SSL, they are usually:
- secure cPanel: https://domain.com:2083
- secure WHM: https://domain.com:2087
If you’re on cPanel hosting, try those secure login ports. Some clients, unaware that their hosts had SSL access available, found that those URLs worked to give them secure access.
If your host does not offer control panel access over SSL, ask them why not. They should be encouraged to offer secure access, as its in the interests both of them and their clients.
If you have a reseller account, you could create secure access for yourself. I did this at a previous host that lacked shared SSL. I installed my own self-signed SSL certificate to gain secure access to cPanel, WHM and my SquirrelMail installation.
Your web hosting account is an important asset. Take steps to protect it.
What is a LAMP server?
10 May 2011 by Alan Burns
cPanel includes three webmail interfaces
22 May 2011 by Alan Burns