Safe Practices for Managing Your Hosting Account

Keeping your hosting account secure starts with proactive habits and smart account management. This article outlines practical tips you can follow to protect your website, data, and account access from common threats.

Use a Strong, Unique Password

Your client area and cPanel passwords should:

  • Be at least 12 characters long

  • Use a mix of upper/lowercase letters, numbers, and symbols

  • Avoid using common words or predictable patterns

Do not reuse the same password across multiple services. Use a trusted password manager if needed.

Enable Two-Factor Authentication (2FA)

Two-Factor Authentication adds a second layer of security by requiring a one-time code in addition to your password.

  • Go to My Profile > Security Settings in your client area

  • Set up 2FA using an authenticator app like Google Authenticator or Authy

This is one of the most effective ways to prevent unauthorized access.

Review Login Activity Regularly

Check for any unfamiliar IP addresses or locations accessing your account.

  • Navigate to My Profile > Login History

  • Review recent login attempts and report anything unusual

Protect Your Email Accounts

If you host email through cPanel:

  • Use strong passwords for all email accounts

  • Avoid forwarding email to untrusted third-party addresses

  • Set up SPF, DKIM, and DMARC records for domain email authentication

Compromised email accounts are a common source of phishing and spam.

Keep Your Website Software Updated

Whether you’re running WordPress, Joomla, or a custom site, always keep:

  • Core software versions up to date

  • Plugins, themes, and extensions updated regularly

  • Backups created before updates, just in case

Outdated software is one of the most common ways sites get hacked.

Restrict File Permissions and Directory Access

Use File Manager or FTP to review and adjust permissions:

  • Files: 644

  • Folders: 755

  • Avoid 777 unless absolutely necessary

You can also use Directory Privacy in cPanel to password-protect sensitive areas of your site.

Backup Your Data Regularly

Even with strong security, accidents or compromises can happen. We recommend:

  • Downloading full backups from cPanel regularly

  • Storing backups in a secure, off-server location

  • Verifying backups before relying on them

Some plans include automatic daily backups — check with support if you're unsure.

Be Cautious with Plugins and Uploads

  • Only use trusted plugins or scripts from reputable sources

  • Avoid installing nulled or pirated software — they often contain malware

  • Scan uploads before placing them in public directories

If You Suspect a Compromise

If anything seems suspicious, act fast:

  1. Change your password(s)

  2. Enable or reset 2FA

  3. Scan your website for malware

  4. Open a support ticket marked Security Concern

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Our Commitment to Trust & Security

We take your trust seriously. Our platform is built on a foundation of security, transparency,...

How We Protect Your Account

Your hosting account contains valuable data, services, and personal information — and we take...

Reporting Abuse or Suspicious Activity

We take abuse and malicious activity seriously. If you encounter something suspicious — whether...

What to Do If You Suspect a Compromise

If you think your hosting account, website, or email has been compromised, it’s critical to act...

How We Handle DMCA Complaints and Legal Requests

We take copyright, trademark, and legal obligations seriously. This article explains how we...

Powered by WHMCompleteSolution