10 Steps to Secure Your Hosting Website

1. Use Strong Protocols:

web hosting services use secure connections wherever possible. It includes SSL connections for email and using SFTP instead of the common FTP protocol.

2.Use Firewall & SSL:

Using an SSL certificate assures that any data transmitted into your website is encrypted which helps you to keep your website data secure.

3.Third Party Application Updates:

Whenever the new CMS update comes out, don’t wait for Softaculous or some other auto installers scripts to update with the latest upgrade.

4.Enable ModSecurity:

ModSecurity is an open-source web application firewall that’s supported by most web servers, including Apache, Nginx, and IIS. It protects websites against a

range of attacks, including cross website scripting, bad user agents, SQL injection, trojans, session hijacking, and other common exploits.

5. Strong Password:

Use the strong password for your servers, Use to change the password right after receiving a cPanel hosting welcome e-mail from your hosting provider.

6. Secure SSH:

Secure Shell (SSH) gives you remote access to the server running cPanel. The command line interface is basic, but sometimes that’s the best way to fix, update,

or reconfigure.

7..Disable Anonymous FTP:

The risk in leaving Anonymous FTP open is that a hacker will be able to upload content to gain access to your account. By disabling Anonymous FTP and

specifying SSL for access (see #1 above), you move two steps closer to proper security.

8.Install CloudLinux:

Control panels offer a lot of capabilities that make running a hosting reseller business easier. One thing they lack, however, is a way of ensuring that customers

only get what they pay for when it comes to server resources.

9.Security Scans:

There are a growing number of security scanning solutions available to help hosting resellers identify security vulnerabilities.

10.Securing Apache and PHP:

Building and compiling of new versions of the Apache server and PHP scripting language, cPanel includes a utility called, “EasyApache.” Besides practicing proper security by ensuring the latest you can also contain any potentially malicious PHP scripts within their home directory to prevent them from opening files elsewhere.