Knowledgebase: Security
Secure Logins for Your VPS
Posted by on 14 June 2012 04:55 PM

By default, all cPanel URLs use un-ecrypted, plain text password authentication. This includes WHM, cPanel and Webmail. To use the secure ports, you can use https with the secure port number. However, this requires a little bit of preliminary set up in WHM.

SSL Certificate

First, you're going to need an SSL Certificate. You can purchase an SSL certificate from a Trusted Issuer anywhere from $30 - $300. But for simply encrypting your logins, you can use a self-signed certificate:

  1. Log in to WHM

  2. Click on SSL/TLS (not Web SSL/TLS)

  3. Click Reset Server Certificates

  4. Click cPanel/WHM Server

  5. Click the Generate a New Certificate button

You now have a self-signed certificate, and you can use the following URLS:

Note: if use the domain name (yourdomain.com) or the IP address (1.2.3.4) rather than the actual hostname (vps.yourdomain.com) in the URL, you will receive a warning about the certificate referring to another site. This is normal, since the certificate was generated for vps.example.com, not example.com. Also, since this is a self-signed certificate and not issued by a "trusted root certificate server", it will not be trusted by your browser. You'll need to add it to your browser in order to make the error go away.

Force SSL Redirection

The steps above only enable the SSL logins. To redirect an unsecure login to a secure login:

  1. On the WHM main screen, click Server Configuration and then Tweak Settings

  2. Scroll down to the System section

  3. Look for these two options and check the box to enable the first option and optionally the second:

    • Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc

    • When visiting /cpanel or /whm or /webmail with ssl redirect to the servers hostname

The first option takes this URL: http://yourdomain.com/cpaneland redirects to:https://yourdomain.com:2083.

The second option takes this URL: http://yourdomain.com/cpaneland redirects it to:https://vps.yourdomain.com:2083.

Each option will perform a similar redirect for '/whm' and '/webmail'. 
Note: this does not redirect the URLs using the port number. You can still type http://yourdomain.com:2082 and no redirection will take place.

(2 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
Help Desk Software by Kayako fusion
ERROR: This domain name (kb.asmallorange.com), does not match the domain name in the license key file help.asmallorange.com.

For assistance with your license, please contact the Kayako support team: https://support.kayako.com