External Authentication Techniques Available With cPanel

The Manage External Authentications interface in WHM allows you to manage the OpenID Connect-compliant identity providers that your server’s users can use to log in to cPanel, WHM, or Webmail.

Today let see the common external authentication techniques available with cPanel and how to enable/disable these features :

1] External Authentication Via cPanelID

-> Steps for enabling and disabling WHM authentication via cPanelID as follows.

Configuring The External Authentication Via cPanelID

-> Log into WHM as root

-> Navigate to Security Center >> Manage External Authentications Continue reading…

Configuring cPHulk via WHM & command line

Now-a-days Brute force attacks to servers/websites are frequent. Brute force attack is generally a password guessing technique. It is a type of attack in which trying every possible combination of characters or data in order to find the decrypted message. A brute force guarantees finding the key – it’s trying every possible combination and does not rely on any potentially incomplete dictionaries or lists of possible keys.

cPHulk  Brute force Protection is an inbuilt protection used in WHM for preventing brute force attack. cPHulk Brute force Protection  will detect and will block continuous failed login IP address.

cPHulk is a brute force protection system developed by the cPanel team and is exclusive to cPanel / WHM control panels. It has been integrated with cPanel version 11. With cPHulk, you can set a threshold for authentication attempts on services like POP3, cPanel, WHM, FTP, etc. After a certain amount of attempts, the attacker will no longer be able to authenticate

We can enable/disable cPhulk via WHM and command line. Continue reading…

​Installation and configuration of ‘Pyxsoft Antimalware’ in cPanel servers

Pyxsoft antimalware Plugin for cPanel/WHM protects your server from attacker scripts such as c99shell, r57shell, ANIShell, and hundreds more. It is a real-time Anti Malware for cPanel/WHM. Attackers can take control of your servers or can damage your customer’s data by uploading one of these scripts.

Pyxsoft antimalware plugin works to protects your server in two ways:

  1. Protecting from the six server’s entrance
  • SQL Injection
  • Legitimate Access (SSH, cPanel etc)
  • Web Forms
  • FTP
  • Brute Force Attacks
  • Installed Trojans or shells

Continue reading…

Adding additional SMTP listenerports

By default Postfix run on port 25 and 587(TLS). However some ISPs block port 25. In that case you can configure the postfix mail server to listen on additional ports too, for example port 26 or some random 5125.

This configuration is done in the master.cf configuration file. Edit it in your editor of choice.

This file is in the following format:

# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ========================================================================== Continue reading…