How to Secure cPanel Service Daemons (cpsrvd) in WHM

by InMotion Hosting Contributor

1 Minutes, 45 Seconds to Read

How to Secure cPanel Service Daemons (cpsrvd) in WHM Hero Image

WebHost Manager (WHM) grants access to powerful server functions that can affect all cPanel users. A root user may go between configuring ConfigServer Security & Firewall (CSF) rules, resetting a cPanel user password, backing up data, and ImunifyAV file scans in one session.

This power, combined with the fact that cPanel is one of the most popular Linux server management applications, makes an enticing target for malicious users to learn how to hack cPanel websites and servers.

For websites, you can add security HTTP headers in your .htaccess file to protect viewers from malware and spyware if your server is infected. You can do the same in WHM to protect important cPanel service deamons (cpsrvd) for applications such as cPHulk, PHP-FPM, and ClamAV. [A daemon is a program that runs as a background process.]

Below we will cover how to secure cPanel Service Daemons in WHM via:

How to Secure cPanel with Content-Security-Policy (CSP)

Content Security Policy (CSP) can prevent cross-site scripting (XSS) attacks with cpsrvd by only allowing whitelisted sources to load and disallowing JavaScript from external sites.

  1. Log into WHM
  2. Select Tweak Settings
  3. Search for “header” and select On beside Enable Content-Security-Policy on some interfaces
  4. At the bottom, select Save
How to secure cPanel with security HTTP headers

Secure VPS HostingEnjoy high-performance, lightning-fast servers with increased security and maximum up-time with our Secure VPS Hosting!

check markLinux VPS check markcPanel or Control Web Panel check markScalable check markWebsite Migration Assistance

Linux VPS Hosting

How to Secure cPanel with X-Frame-Options and X-Content-Type-Options

X-Frame-Options, with the SAMEORIGIN directive, forces the browser to only allow elements from your cPanel instance to be embedded within itself using the <frame>, <iframe>, or <object> tags to prevent clickjacking attacks.

X-Content-Type-Options, with the NOSNIFF directive, forces the browser to only use the indicated MIME type for files on the server to prevent MIME sniffing.

  1. Log into WHM
  2. Select Tweak Settings
  3. Search for “header” and select On beside Use X-Frame-Options and X-Content-Type-Options headers with cpsrvd
  4. At the bottom, select Save

Now you’ve learned how to secure cPanel Service Daemons in WHM, but Is cPanel secure? Audit your VPS with our article on how to harden Managed VPS Hosting. Learn even more from our Managed VPS Hosting Product Guide.

InMotion Hosting Contributor
InMotion Hosting Contributor Content Writer

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting
Related Articles
VPS Snapshots and the Best 5 Ways to Use Them
Upgrade to VPS NVMe SSD Hosting
Check Your Server Information on a VPS or Dedicated Hosting account
VPS Hosting Technical Support Options
How to Install PHP Versions in EasyApache 4
Getting Started with Managed VPS Hosting
Configure Antivirus in Mattermost with ClamAV
Enable cPanel Disk Usage Notifications for your VPS
Fix for AutoSSL Not Running on a VPS (3 Easy Options)
Getting Started With the ImunifyAV cPanel Plugin

Was this article helpful? Join the conversation!

Need More Help?

Current Customers

Chat: Chat with Sales
Call: 757-416-6575 x2
Ticket: Submit a Support Ticket

Get Reliable Web Hosting

Chat: Chat with Sales
Email: [email protected]
Call: 757-416-6575 x1

Get web hosting that grows with your business. Our all-in-one hosting platform gives you everything your website needs to scale - so you can focus on the next big thing for you and your business.