So I doubt I was the only one who got hit by this issue. Basically everything was fine in cPanel land until one day I was randomly getting logged out of cPanel (sometimes immediately after I’d logged in, other times after a few minutes). When I did manage to log in the cPanel interface appeared broken with missing images and occasionally missing stylesheets. In some cases I’d be blocked from even loading the login page. It wasn’t an isolated incident either as this problem cropped up on different hosting services.
Understandably frustrating when you rely on cPanel to configure your hosting.
Every so often something new is introduced designed to make things easier. But sometimes it also accidentally making things a bit harder. This is one of those times.
cPanel v58 introduced AutoSSL which automatically installs and renews SSL Certificates. All websites can use a Domain Validated SSL Certificate but AutoSSL can also be used to work with Let’s Encrypt. As a quick primer, SSL certificates allow a website to encrypt the communication between the web host and website visitors which is particularly important when you’re sending sensitive information like passwords and Credit Card details. Google also appears to be moving in the direction of recommending websites that use SSL. So if your webhost is using cPanel they can easily offer automated SSL Certificates to all their customers costing them practically nothing.
Great, right? Well, if you’re using a Content Distribution Network (CDN) or third-party Website Firewall, things may not be so great.
In this tutorial I will show you how to use DreamHosts Let’s Encrypt with CloudFlare on your website. This will encrypt the connection between CloudFlare and your website visitors as well as the connection between CloudFlare and Dreamhost. CloudFlare calls this Full SSL (Strict) and is available under their free plan. We will also set up a CloudFlare Page Rule to redirect all HTTP requests to HTTPS.
If you’re a DreamHost user you probably know that you now have access to a free SSL certificate courtesy of Let’s Encrypt. This allows you to serve your website over HTTPS (as opposed to plain old HTTP) encrypting the connection and boosting your Google page rank.
You probably also know about CloudFlare and their free plan which provides caching, optimization and security boosts. So why not use both, eh?
A while back iThemes reported they had to remove VirusTotal Malware Scanning from their iThemes Security WordPress plugin. They have just announced that the plugin will now use Sucuri’s SiteCheck Malware Scanner.
While Sucuri’s SiteCheck is available in both the free and Pro versions of iThemes Security, the Pro version allows for daily automated scanning. That’s a nice add-on, if you ask me.
This is a great addition to the iThemes Security plugin. However, my websites already use the Sucuri Security WordPress Plugin which incorporates Sucuri’s SiteCheck (albeit scans have to be done manually) so this is a bit redundant for my needs. Having a different malware scanner would help cover more bases.
For alternative malware scanners, there’s always StopTheHacker. That service was StopTheHacker was acquired by CloudFlare last year so perhaps more integration is in the works.