Security



More About TLS and SSL

This document explains the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols and how servers use them.

Read more

OWASP ModSecurity CRS

The OWASP (Open Web Application Security Project) ModSecurity™ CRS (Core Rule Set) is a set of rules that Apache's ModSecurity™ module can use to help protect your server.

Read more

PCI Compliance and Software Versions

This document discusses some of the specific software packages that contain known vulnerabilities. This document will also help you determine whether developers used the backport process to patch a software package.

Read more

PHP Security Concepts

Web applications written in PHP may contain security vulnerabilities that malicious users can exploit to gain sensitive information about your system or your users.

Read more


Security Best Practices

This document describes some security best practices that will help you protect your websites, files, and accounts from attackers.

Read more

Security Levels

This document explains the security levels for advisories that we post on our Security page.

Read more


The failurls File

If a user fails to authenticate with cPanel through a custom login form, the /var/cpanel/failurls file allows a reseller to redirect that user to a custom error page.

Read more