BLOGS ON AWS RESOURCES

How to Secure WHM with CSF Firewall & Two-Factor Authentication

Written by

wpuser

in

When you manage multiple cPanel accounts and websites through WHM, security should be your top priority. Since WHM has root-level access to your server, any compromise could affect all your clients, sites, and data.

Two of the most effective ways to secure WHM are:

  1. CSF (ConfigServer Security & Firewall) — A robust server firewall and security tool.

  2. Two-Factor Authentication (2FA) — An extra login layer that requires both your password and a time-based security code.

In this guide, we’ll walk you through setting up CSF and enabling 2FA for WHM.

Why Security is Critical for WHM

WHM isn’t just another web app — it’s the control center for your entire hosting environment. With it, you can:

  • Create and delete cPanel accounts

  • Manage DNS and email

  • Change system configurations

  • Restart services like Apache or MySQL

If attackers gain access to WHM, they gain access to everything. That’s why hardening WHM with multiple security layers is essential.

1. Install and Configure CSF Firewall

What is CSF?
ConfigServer Security & Firewall (CSF) is a free and powerful Linux firewall with a WHM plugin. It provides:

  • IP-based allow/deny lists

  • Brute-force protection

  • Login failure detection

  • Port scanning alerts

Step 1: Install CSF

Login to your server via SSH as root:

  • cd /usr/src
  • rm -fv csf.tgz
  • wget https://download.configserver.com/csf.tgz
  • tar -xzf csf.tgz
  • cd csf
  • sh install.sh

Step 2: Enable CSF in WHM

  1. Log in to WHM at https://your-server-ip:2087

  2. In the search bar, type ConfigServer Security & Firewall

  3. Open the interface and click Enable Firewall

  4. Click Restart csf+lfd to apply settings

Step 3: Configure Basic Firewall Rules

Inside CSF in WHM:

  • Allow your IP under “Quick Allow” to prevent accidental lockouts

  • Close unused ports (keep only necessary ones like 2087, 2083, 22, 80, 443)

  • Enable Login Failure Detection (lfd) to block repeated failed login attempts

2. Enable Two-Factor Authentication in WHM

What is 2FA?
Two-Factor Authentication adds an extra login step. Even if someone guesses your password, they cannot log in without the code generated by your phone.

Step 1: Access 2FA Settings

  1. Log in to WHM

  2. In the search bar, type Two-Factor Authentication

  3. Click Manage My Account (for your user)

Step 2: Set Up Your Authenticator App

  1. Click Set Up Two-Factor Authentication

  2. WHM will display a QR code

  3. Open your Google Authenticator or Authy app

  4. Scan the QR code and enter the generated code into WHM

Step 3: Enforce 2FA for All Users

  1. In WHM’s Two-Factor Authentication menu, select Manage Users

  2. Enable “Require 2FA” for all root/reseller accounts

3. Extra Tips for WHM Security

  • Change WHM’s default port from 2087 to a custom port in CSF

  • Use strong, unique passwords for WHM and SSH

  • Restrict WHM access to specific IPs in CSF

  • Enable automatic system updates to patch vulnerabilities

Conclusion

By combining CSF Firewall and Two-Factor Authentication, you add two strong layers of security to WHM. CSF blocks unwanted traffic and brute-force attempts, while 2FA ensures that even if your password leaks, hackers can’t get in.

A secure WHM means secure cPanel accounts — and happy clients.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts