Shared hosting is rife with attempts to break in to websites and exploit vulnerable code. In this article we look at the best cPanel Security plugins that anyone hosting a cPanel shared web hosting server should be using to protect their hosting environment from these attacks.
The plugins we recommend below are a mixture of free and paid-for plugins, either with subscription models or once-off fees. Our team has used these plugins extensively over the years and evaluated other plugins which didn’t make this list. We believe each of them can contribute to a safer, more secure environment for your clients and your shared hosting business.
ConfigServer Security & Firewall
This is the ConfigServer teams’ flagship’ free product and is perhaps the most essential security plugin for a shared cPanel server. It acts as a software firewall and login failure daemon for the entire cPanel server with an exhaustive list of options to ensure that your server blocks malicious activity. It provides brute-force detection and automatic IP Address banning for malicious behavior across a range of the servers services.
One of the best features about this plugin is the ‘Check Server Security’ option once it is installed. This will provide a list of recommendations for settings that it believes should be changed which will minimise security risks across your base cPanel installation.
Having ModSecurity installed in a shared web hosting environment is great for protecting incoming HTTP / HTTPS requests against all kinds of malicious activity. Although it can be a little advanced, the plugin allows for some very advanced rules to be setup so that you can define triggers and rules at a very granular level. There is a treasure trove of rules available for use with this plugin around the web, especially when you are looking for a rule to block a specific activity affecting a particular brand of CMS and can also be really helpful in blocking things like XSS (Cross Site Scripting) attacks and SQL Injections.
In addition to the single rules, there are whole rulesets developed for this plugin such as the OWASP rules and many SSL certificate security companies also publish rulesets for mod_security (such as Comodo and Trustwave).
CloudLinux with CageFS and LVE Limits
Although CloudLinux is whole kernel replacement for a shared web hosting server rather than a plugin. The components act like plugins and provide many enhancements for shared web hosting providers. Some of the components found in CloudLinux are paramount to running a stable and secure shared cPanel web hosting environment.
CageFS isolates each individual hosting account away from the other hosting accounts on the machine. This provides a jailed environment of which prevents an account (if compromised) from being able to potentially find other accounts and compromise them on the machine. This is integral to ensuring that each of your shared hosting accounts are isolated.
Enabling LVE Limits from within CloudLinux protect your servers and the individual accounts on there from a single account being able to consume all of the resources of the server. Up until the introduction of this technology, one site being attacked could easily crash an entire shared web hosting server. These limits allow enhanced stability and security regarding resource usage.
Cost: Starting at $14.00 USD / Month
ConfigServer eXploit Scanner
This is the second plugin from ConfigServer that makes this list. ConfigServer eXploit Scanner is the front-line defence against malicious code from being uploaded to your server when a website is being exploited. Hooking in to ModSecurity, it analyses uploaded files whilst they are being uploaded and can be set to auto-quarantine files that match it’s elaborate repository of exploit fingerprints.
If you choose to not quarantine, you can get email notifications when the service has detected a malicious file uploaded. The plugin also comes with the ability to scan entire accounts or the entire server when required and email you a detailed report of any suspicious or malicious files it detected from the result of a scan.
Cost: $60.00 USD / Once-off
Patchman is the new kid on the block when it comes to cPanel Security plugins. It works in a similar way, to ConfigServer eXploit scanner for malware scanning, but has the added ability to patch popular CMS releases vulnerabilities, without having to update the core CMS when it detects the version as vulnerable. This provides you with a handy GUI tool to evaluate the vulnerability of major CMS products on your server and provides a pro-active prevention method rather than a reactive way of increasing the security of the websites hosted on your shared hosting server.
Cost: €20.00 / Month
All of the above plugins combined make a great difference when it comes to securing your shared cPanel hosting machine and each serves a different purpose in ensuring that your environment is well protected.