Knowledge Base

Search our articles, guides, and tutorials.

Security & SSL

SSL certificates, firewalls, malware scanning, and safety.

Back

How to Install Free SSL (AutoSSL)

We provide free SSL certificates powered by Let's Encrypt. Log in to cPanel. Go to SSL/TLS Status. Click the checkbox next to your domain. Click Run AutoSSL. The process takes 5-10 minutes. Once done, the lock icon will turn green.

Forcing HTTPS Redirect

Even with SSL installed, visitors might visit the insecure HTTP version. To fix this: Go to cPanel > Domains. Find your domain in the list. Toggle the switch Force HTTPS Redirect to "On".

Cleaning a Hacked Website

If your site is compromised: Go to cPanel > Imunify360. Click "Start Scan". Once finished, select infected files and click "Cleanup". Crucial: Immediately change your cPanel password, FTP password, and WordPress admin password.

Fixing "Your Connection is Not Private"

This browser error means your SSL is invalid. Causes: Expired SSL: Run AutoSSL to renew. Wrong Domain: The certificate doesn't match the URL. Mixed Content: Your site is loading images via HTTP instead of HTTPS. Use a plugin like "Really Simple SSL" to fix this.

What is Imunify360?

Imunify360 is our AI-driven security guardian. It provides: WAF (Web Application Firewall): Blocks attacks before they reach your site. Malware Scanning: Automatically detects and cleans infected files. Proactive Defense: Stops PHP scripts from executing malicious commands.

Restoring from JetBackup

We take daily offsite backups. To restore: Go to cPanel > JetBackup 5. Click Full Account Backups. Choose a date and click Restore. Warning: This will overwrite current data.

Enable Two-Factor Authentication (2FA)

Protect your cPanel account from hackers by requiring a code from your phone. Go to cPanel > Two-Factor Authentication. Click "Set Up Two-Factor Authentication". Scan the QR code with an app like Google Authenticator. Enter the code to confirm.

Updating WordPress Safely

Outdated plugins are the #1 cause of hacks. Go to Softaculous or your WP Dashboard. Always update: WordPress Core Plugins Themes Tip: Enable "Auto Upgrade" in Softaculous for peace of mind.

SSH Key Management

Using SSH keys is more secure than using a password for SFTP/SSH access. Go to cPanel > SSH Access > Manage SSH Keys. Generate a new key pair. Authorize the public key. Download the Private Key (PPK format for PuTTY) to your computer.

Git Version Control

Developers can use Git to deploy code securely. Go to cPanel > Git™ Version Control. Click Create. Toggle "Clone Repository" to pull code from GitHub/GitLab.

Password Protect a Directory

Restrict access to specific folders (like /admin) with a secondary password. Go to cPanel > Directory Privacy. Click the folder name. Check "Password protect this directory". Create a Username and Password below. Click Save.

Disable Directory Browsing

If a folder has no index file, the server lists all files inside it. This is a security risk. Go to Indexes in cPanel, click a folder, and select No Indexing.

ModSecurity WAF

ModSecurity is an open-source firewall installed on your server. Note: It should always be ON. Only disable it temporarily if you are troubleshooting a specific "403 Forbidden" error while saving legitimate work in WordPress.

Blocking IP Addresses

If you notice malicious traffic from a specific IP, you can block it permanently. Go to cPanel > IP Blocker. Enter the IP address (e.g., 1.2.3.4) or a range. Click Add.

Virus Scanner

cPanel includes a ClamAV Virus Scanner. Use this to manually scan your Home Directory, Mail, or Public FTP Space if you suspect malicious files.

What is a CSR?

A Certificate Signing Request (CSR) is required if you buy a premium SSL. Generate it in cPanel > SSL/TLS > Certificate Signing Requests (CSR). It contains your encoded company details.

Understanding SSL Types

DV (Domain Validation): Free. Verifies domain ownership only. Good for blogs. OV (Organization Validation): Verifies business legitimacy. EV (Extended Validation): Green bar (in older browsers). Highest trust level.

Hotlink Protection

Prevents other websites from stealing your bandwidth by linking directly to your images. Go to cPanel > Hotlink Protection. Click Enable. Ensure your own domains are listed in the "URLs to allow access" box.

Checking Login History

Suspect unauthorized access? Check the "Last Login IP" displayed at the top of your cPanel dashboard. You can also view Raw Access Logs to see who is hitting your site.

Leech Protection

Prevents users from giving out their password to a restricted area of your site. If an account logs in more than X times in 2 hours, cPanel can redirect or suspend them. Configure this in cPanel > Leech Protection.