Page tree
Skip to end of metadata
Go to start of metadata

This document is for a previous release of cPanel & WHM. To view our latest documentation, visit our Home page.

For cPanel & WHM 11.44

(Home >> Security Center >> Configure Security Policies)

Overview

The Configure Security Policies interface allows you to configure your security policy options and security policy extensions.

Notes:

  • When you attempt to log in from an unverified IP address and successfully answer your security questions, WHM automatically adds that IP address to the list of verified IP addresses.
  • If you configure your own security questions, and then immediately enable the Limit logins to verified IP addresses setting in WHM's  Configure Security Policies interface (Home >> Security Center >> Configure Security Policies), WHM automatically adds your IP address to the list of verified IP addresses.

Security Policy Items

Enable the following options to help secure your server:

OptionDescription
Password Age

This option allows you to specify the number of days to allow cPanel, Webmail, and WHM users to use the same password.

When you select the Password Age checkbox, the Maximum password age (in days) text box appears. Enter the maximum number of days to allow users to use the same password.

Password Strength

This option enforces a minimum password strength for cPanel, Webmail, and WHM users.

Note:

To modify the minimum password strength, use the Password Strength Configuration  interface (Home >> Security Center >> Password Strength Configuration).

Limit logins to verified IP addresses

This option allows you to determine whether to require users to answer security questions when they log in to their cPanel, Webmail, and WHM accounts from unverified IP addresses.

Notes:

  • When a user successfully answers the required security questions, the system automatically adds the user's current IP address to the list of verified IP addresses.
  • WHM users can add verified IP addresses and configure security questions in WHM's Security Questions interface ( Home >> Security Center >> Security Questions ).
  • After you enable this option, cPanel users can add verified IP addresses and configure security questions in cPanel's Security Policy interface (Home >> Preferences >> Security Policy).

Security policy extensions

The Security Policy Extensions options allow you to apply your security policy to XML API requests and DNS cluster requests.

Enable the following options to help secure your server:

OptionDescription
XML-API and JSON-API requestsSelect this checkbox to apply the Security Policy Items settings to WHM API requests. If you enable this option, the policies that you set apply to any user who attempts to make a WHM API call.
DNS Cluster requestsSelect this checkbox to apply the Security Policy Items settings to DNS cluster requests. If you enable this option, the policies that you set apply to any user who attempts to make a DNS cluster request.

Disable security questions via SSH

To disable security questions via the command line, perform the following steps:

  1. Use SSH to log in to your server as the root user.
  2. Open the /var/cpanel/cpanel.config file in your preferred text editor.
  3. Change the value of the SecurityPolicy::SourceIPCheck option to 0
  4. Save and exit the file.
  5. Run the /etc/init.d/cpanel restart command to restart cPanel & WHM.