сPanel is one of the most popular control panels on the web with a broad community and a large number of extensions. But as always, popularity has its price: every month Imunify web security analysts detect tens of thousands of specialized automated attacks on cPanel users’ accounts. The vast majority of such attacks are simple Brute-Force, however, there is always a portion of more sophisticated attempts like SQLi and others.
After analyzing the threats, the Imunify360 team made two significant steps forward in enhancing cPanel protection with two features - the cPanel port protection by Splash screen and the cPanel password reset. In this article, we will explore how these new features work and why they are indispensable tools in fortifying your cPanel security.
cPanel Port Protection by Splash Screen
One of the most common attack vectors exploited by cybercriminals is attempting Brute-Force attacks on cPanel login pages. These attacks involve automated scripts trying thousands of username and password combinations until they find the right one. Some attackers use bot-nets constant of thousands of IPs, each of which sends very few requests daily. To better counter this threat, Imunify360 released the cPanel port protection by Splash screen.
The Splash screen is a JS-challenge presented to all visitors on the cPanel login page. Visitors with common browsers process the challenge automatically. But it acts as a roadblock for the majority of bots and automated scripts, making it significantly harder for malicious actors to gain unauthorized access.
Key Benefits of cPanel Port Protection by Splash Screen:
- Bot Prevention: The Splash screen challenge effectively thwarts automated brute-force attacks, safeguarding your cPanel login page from malicious bots.
- Enhanced User Experience: Legitimate users are unaffected by the Splash screen challenge, ensuring a smooth login process.
- Easy to setup (described here)
cPanel Password Reset Feature
Another common tactic used by cybercriminals is gaining unauthorized access to cPanel accounts using compromised login credentials. Once they have a list of compromised accounts, they start automated scripts that spread malicious payload over a number of servers, converting them into powerful malicious assets for the next attacks. Sometimes, such automated attacks come in waves: cybercriminals could use a compromised account over and over again in different campaigns, causing considerable harm to your online presence.
Imunify360's cPanel password reset feature is designed to tackle this issue head-on. When the system detects malicious activity within a cPanel user account, it takes proactive action by forcibly resetting the account's password. This automatic response ensures that even if an unauthorized user gains access to the account, their login credentials become useless as the password changes.
Key Benefits of cPanel Password Reset Feature:
- Universality: The function works regardless of how exactly the cybercriminal gained access to the account. Any malicious actions will automatically change the password and lose illegitimate access.
- Based on broad expertise: Imunify Security Analysts are constantly analyzing the ways in which cybercriminals can exploit stolen accounts and, if necessary, supplement the list of malicious actions for triggering the feature.
- Easy to setup (described here).
The Imunify360 Advantage
As cybercriminals continue to develop new attack methods, staying one step ahead is crucial. Imunify360's commitment to providing cutting-edge security solutions helps you to keep your cPanel accounts safe and your online presence protected. Embrace these features today and take your cPanel security to the next level with Imunify360.
Protect your cPanel accounts with Imunify360 and experience the peace of mind that comes with robust and intelligent security solutions. Stay secure, stay confident!