Forum

buecker · 09-04-2014, 11:19 AM

As of today I have now had 3 sites on my cpanel server compromised. All 3 sites where compromised in different ways.

1. too easy of an email password
2. setup email through cpanel even though client was using google apps
3. logged into cpanel with client password and added addon sites that were phishing attempts that pointed to google drive pages.

These are just three examples that happened to my clients in just the past 4 weeks. I'm a bit stressed out over it too. No one wants to be losing clients.

How do I or is there a way to add 2-factor authentication to zpanel/sentora logins? Changing passwords does me no good if the client's email account is compromised and the passwords are sitting in it.

I didn't post this under support because to my knowledge this is not a built in option.

motters · 09-04-2014, 06:07 PM

The simplest way would be to notes the IP addresses. So if the user tries to login with an IP address they have not used before then it sends a text message to their phone with a second compulsory password.

Do able but i cant see us doing that for this current version. Deferentially in the next version though Smile

If you really want it you could hire some one i guess :p

Me.B · 09-04-2014, 10:00 PM

Another solution would be to lock access only for one IP you have on another server.

Then setup on this server OPEN VPN or such VPN services ( you can use a cheap VPS ). Any customer need to login to VPN so he can access control panel.

That would offer 2 security layers BUT it's not 2 factor authentification like with phones. Easier to implement and may work with many services and stop bots.

M B

buecker · 09-05-2014, 05:33 AM

Thanks for the replies and while the ideas could help I have a list of reasons why locking down by IP or using a VPN wouldn't work for my situation.

buecker · 09-15-2014, 06:55 AM

(09-04-2014, 10:00 PM)Me.B Wrote: Another solution would be to lock access only for one IP you have on another server.

Then setup on this server OPEN VPN or such VPN services ( you can use a cheap VPS ). Any customer need to login to VPN so he can access control panel.

That would offer 2 security layers BUT it's not 2 factor authentification like with phones. Easier to implement and may work with many services and stop bots.

M B

I got to add another hacked client to my list this past Thursday. Cpanel password compromised and then used to send spam. Needless to say I reset all passwords for everyone.

Me.B · 09-15-2014, 07:32 AM

One of the future improvement we might add here is limiting SMTP sending per user. That would render any hacking to spam contained and would raise alerts quickly. But require some changes in mail stack and a lot of time.

M B