Security – Email shop Community

How do you disable two-factor authentications on cPanel?

Shamleed — Wed, 04 Dec 2019 07:27:42 +0000

Sign in to your cPanel account.
Click the “Two-Factor Authentication” option in the security section

Click to remove ‘two-factor authentication’

For confirmation, choose ‘remove’

’

You will get a message, ‘congrats, the system has successfully removed the two-factor authentication from your account.

How do you enable two-factor authentications on cPanel?

Shamleed — Wed, 04 Dec 2019 07:21:35 +0000

Security is the most important thing for our data safety and that’s the reason we suggest you enable the Two-Factor Authentication (2FA) on the cPanel account so that attackers can never be able to get access to your cPanel even if they have obtained your user name and password details.

Requirements:
You would need a smartphone along with the time-based one-time password app. It would support mobile phone operating systems like iOS, Windows, Android or Blackberry that may have an app for 2FA.

Steps to enable your Two-Factor Authentication on cPanel Account:

Click the “Two-Factor Authentication” option in the security section

After the step, you need to scan QR code by using Google Authenticator or 2FA Authenticator APP. If your app doesn’t have the QR Code reader, then it’s possible to manually enter your Account name as well as Key number.

Choose the “Security Code” option in the text box, enter the Two-Factor Authentication code and then click “Configure Two-Factor Authentication”.

You will see a message, such as “Success: Two-factor authentication is now configured on your account“.

How can you enable or Disable Mod Security in cPanel?

Shamleed — Wed, 04 Dec 2019 06:51:08 +0000

Are you seeing a frequently blocked IP address while accessing the word press admin area or any script type with your browser? Are you feeling that your IP is blocked or your server is not working or down?

If “Yes, then it might have happened because of Mod Security.

Mod Security
ModSecurity is basically an efficient module that can protect your site from different kinds of vulnerable attacks. Mod Security can easily protect your site from attackers, hackers, external forces, and different threats. It may create different problems sometimes; so we won’t recommend you to disable it, but just fix this software vulnerability. The reason might be is, ModSecurity can only block the website if the security of your software is inefficient.

Disabling ModSecurity would help you analyze whether your IP address or your client’s IP has been blocked by ModSecurity. If this is not the case, then it means that your IP has been blocked due to other reasons. However, if it’s confirmed that Mod security is the reason behind your blocked IP, then you can approach us and we will help you figure out the reason so that you don’t require to disable the Mod security.

Steps to Enable or Disable Mod Security in cPanel

Sign in to your cPanel account.
Click on ‘mod security’ in the security section

If your ModSecurity is enabled, it would simply show you a “Disable” option, select the option and ModSecurity would be easily disabled on every domain. And in case, if you to enable it, you would be required to click on “Enable” icon. This would automatically be enabled in all domains.

Steps to disable Mod security on only selected domains and not every domain:

Sometimes users have multiple domains and they want to disable or enable ModSecurity only on some selected domains.

Sign in to cPanel and click on ‘mod security’ on the security section
Scroll down to the end of your page.
Click on ‘on’ and ‘off’ under the status option present next to the domain.

How would you restrict the directory access by IP address?

Shamleed — Wed, 04 Dec 2019 06:42:51 +0000

If you want to make your admin areas secure from hackers, it’s better to allow access only from the selected IP address to the admin directory. You can just make .htaccess file in your directory where you need to restrict access by IP Address.

For instance, if your WordPress blog has installed on the main directory such as example.com/wp-admin, it’s better to build .htaccess file in /wp-admin/.htaccess and you need to place this code, and do not forget to replace the allowed IP with your own IP address.

order deny, allow
deny from all
allow from YOUR-IP-ADDRESS-HERE

(Replace “Your-IP-Address-Here” with the IP Address)

You need to check this out by accessing your /wp-admin IP address from some other IP address that is not allowed by your .htaccess file.

How to carefully protect your .htaccess file?

Shamleed — Wed, 04 Dec 2019 06:39:45 +0000

To maintain the highest security, our professionals recommend you preventing access to .htaccess file from any unauthorized access.

Add this code to your .htaccess file:

# .htaccess protection

order allow, deny
deny from all
satisfy all

How would you disable your directory browsing using .htacess?

Shamleed — Wed, 04 Dec 2019 06:37:06 +0000

For maintaining security, our professionals will recommend you to disable directory browsing on the site so nobody can see the files or folders of your site.
It’s possible to disable your directory Browsing entering the specific line to .htaccess file.

Options –Indexes

How to ban the IP address via .HTAccess?

Shamleed — Wed, 04 Dec 2019 06:34:31 +0000

If any person is trying to hack the website and you want to block their IP Address, then you should simply add this line to your .htaccess file.

order allow, deny
deny from IP-ADDRESS
allow from all

Replace “IP address” with that address you need to block.

How to protect the images of your website from any external site?

Shamleed — Wed, 04 Dec 2019 06:31:56 +0000

External Website may use the < img /> tag that will display the image from your site somewhere else on the internet and in the end, you may find that some other website has been stealing your bandwidth.

Click on ‘hotlink protection’ in the security section

If you see “Hotlink protection is currently disabled”, then simply click on the ‘enable’ button

How would you blacklist an IP address to deny its access to your website?

Shamleed — Wed, 04 Dec 2019 06:27:30 +0000

A user can lock their directory with a password via the cPanel “Password Protected Directories” icon.

Sign in to your cPanel account.
Click ‘IP blocker’ in the security section

Find ‘Add an IP or range’, and enter the IP address you want to block
Press the ‘Add’ button

Check out the example:

Single IP Address: 192.168.0.1
Range: 192.168.0.1-192.168.0.40
Implied Range: 192.168.0.1-40
CIDR Format: 192.168.0.1/32
Implies 10.*.*.* — 192.

What is the process to protect a folder with username and password in cPanel?

Shamleed — Wed, 04 Dec 2019 06:22:19 +0000

A user can lock their directory with a password via the cPanel “Password Protected Directories” icon.

Sign in to your cPanel account.
Click ‘directory privacy’ in the files section.

Choose the option to open your folder.

Choose the name of the directory you want password protected.

Find the option “Security Settings“, and check the box present next to “Password protect this directory” after that enter the name for protected directory like “Password Protected Area“. Press the save button at the end.

Choose the ‘go back’ button.

Scroll down further and choose “Create User”, then fill in the username and password areas, generate your new password, copy the user name and password to a notepad. You may need that when you need to open the password-protected directory and then choose the “Save” option.

Also, try to open the password-protected directory in the browser through your URL www.example.com/myfolder that is password protected already, your browser may prompt you to enter the user details.