We are always recommending to clients that they take small steps towards a more secure online life and with shared hosting there is a very simply way you can ensure all login...
I wanted to write this blog post to let you know about our efforts to give back in the past few months. The reason I am writing this blog post is due to the increasing number of...
Coming over the next Ten Weeks Stephen K from BWF Management gives ten reasons why we are different. It’s our mission to prove to you, why our way of providing web hosting may be...
For the past few months you may have seen we have been encouraging our clients to make a switch from Paypal and 2Checkout to Direct Debit. We wanted to tell you why we are making...
After becoming fed up of hauling my bulky 15” laptop around in my bag all the time for my A Level coursework, I started looking into alternative ways of keeping all my files with...
As I’m sure many of you are aware we have a live chat feature available on our website. We urge you to read this post before using the live chat as we may require you to...
Step 1 : Update WordPress WordPress is updated at regular intervals to resolve security issues as they occur. So you should always keep it up to date with the latest version...
We are pleased to present the first of our guest blog posts from Richard Howell. Richard is a BWF client who currently works for the NHS in the UK as an IT Engineer at an...
We are always recommending to clients that they take small steps towards a more secure online life and with shared hosting there is a very simply way you can ensure all login credentials and data sent from your home computer to our servers is encrypted – through the use of our Shared SSL Certificates.
The Problem…
We have our servers set up to redirect all cPanel and Webmail logins to the https:// secure version of the page to ensure data sent is encrypted. This is highly recommended as otherwise all passwords would be sent in plain text across the internet and this is not secure.
The problem is where a client has just bought shared hosting but has not invested in an SSL Certificate for their domain name – you will perhaps get a warning like this when trying to access secure cPanel services such as cPanel and Webmail:
If you try to access secure cPanel services without purchasing an SSL certificate for your domain name you may get this warning which can be scary
Of course you could simply keep accessing the insecure version of the page like this and although the below will work it is not an ideal solution as it sends your login credentials via an unencrypted connection in plain text – not a very secure way of working.
“As you can see from this example we have tried to access cpanel using: http://www.smallwhitebear.com/cpanel which works BUT is not a secure connection. This means your cPanel password is sent from your computer to the server in plain text which is absolutely not secure and potentially means a hacker could get your password especially if you were on an open Wifi network
In the case of the example website used in the screen shot above the user simply needs hosting space to keep his University Project online and he does not need an SSL Security Certificate installed on his domain name which comes at additional expense.
The Solution…
We realise that not all clients want to spend £20 per year on a private SSL Certificate for their domain name although we will happily sell you one if you wish. For this reason we have invested in ‘Shared SSL Certificates’ for all our Shared Servers. This means any user on our shared servers can use our SSL Certificate to access cPanel services securely and can sleep at night safe in the knowledge the password they sent to the server earlier that day has been encrypted!
The key thing to understand when accessing secure cPanel services is to make sure you use the correct Port Number and also to look out for the Green https:// in your web browser. This will give you confidence that the connection you are using is secure and the data that is transmitted from your computer to your shared hosting account is not sent in plain text.
cPanel Secure Port: 2083
Webmail Secure Port: 2096
WHM Secure Port: 2087
Here at Bigwetfish Hosting we have installed our Shared SSL Certificates on the ‘Shared Server Hostname’ so you need to use the Hostname to access secure services. Take the example above – smallwhitebear.com is on Shared Server 6 and the Hostname is: server6.bigwetfish.co.uk
Therefore to access Secure cPanel Services the following links are used:
cPanel: https://server6.bigwetfish.co.uk:2083/
Web Host Manager: https://server6.bigwetfish.co.uk:2087/
Webmail: https://server6.bigwetfish.co.uk:2096/
Look at the screen shots below that will show you the connection is secure. Notice the Secure Port is being used as well as https:// in the address bar being green indicating a secure connection. There is also a little padlock in the address bar to give you further confidence.
Moving forward how do I use this?
I want this to work on my Domain and not the Hostname:
All you need is to purchase a private SSL certificate for your domain name and have us install it. A Comodo Essential SSL Certificate costs just £20 per year and a Dedicated IP address costs just £12 per year. This is a small price to pay for secure access to cPanel services on your domain. Of course if you buy a Private SSL you can access your entire website via https:// in a secure manner so a private SSL certificate has many more advantages to a user than simply allowing that user to access cPanel, Webmail and WHM securely.
I am a VPS Client how can I secure my server in the same manner
If you are a VPS client we can secure your cPanel server in exactly the same way. Just open a support ticket and ask our sales department to supply and install an SSL Certificate for your server hostname. Then all your accounts on your server can use your server hostname in exactly the same way as described above to have Secure cPanel Services.