Secure Logins for Your VPS
Posted by on 14 June 2012 04:55 PM
|
|
By default, all cPanel URLs use un-ecrypted, plain text password authentication. This includes WHM, cPanel and Webmail. To use the secure ports, you can use https with the secure port number. However, this requires a little bit of preliminary set up in WHM. SSL CertificateFirst, you're going to need an SSL Certificate. You can purchase an SSL certificate from a Trusted Issuer anywhere from $30 - $300. But for simply encrypting your logins, you can use a self-signed certificate:
You now have a self-signed certificate, and you can use the following URLS:
Note: if use the domain name (yourdomain.com) or the IP address (1.2.3.4) rather than the actual hostname (vps.yourdomain.com) in the URL, you will receive a warning about the certificate referring to another site. This is normal, since the certificate was generated for vps.example.com, not example.com. Also, since this is a self-signed certificate and not issued by a "trusted root certificate server", it will not be trusted by your browser. You'll need to add it to your browser in order to make the error go away. Force SSL RedirectionThe steps above only enable the SSL logins. To redirect an unsecure login to a secure login:
The first option takes this URL: http://yourdomain.com/cpaneland redirects to:https://yourdomain.com:2083. The second option takes this URL: http://yourdomain.com/cpaneland redirects it to:https://vps.yourdomain.com:2083. Each option will perform a similar redirect for '/whm' and '/webmail'. | |
|