Logging into cPanel. That’s pretty much it.
When you sign up or install an account, we issue you a cPanel login – this login is essentially the “root” of your account with full administrative powers to do very nearly anything that it gosh darn well pleases, and since it has shell access to the server, it’s a pretty powerful little login. It’s one of the reasons that we force you to login to the servers using SSL, and we’re so adamant about keeping your site from obvious risks we also firewall your ability to get into cPanel from any other way other than in an encrypted manner.
Much to our chagrin, it can also work for FTP or logging into mail – and though you can use it that way, you shouldn’t, because those logins are not encrypted and you are sending a plain text password through the internet and through multiple networks in such a way that anyone can pluck it out of the air. This is extremely unsafe, and we highly recommend that you not do it at all.
All cPanel email accounts should be created in your cPanel – sending those passwords through the air in plain text isn’t really any better, either, but at least you are limiting the access that they can get to that email account only. (We will have an article regarding encrypting your logins, but that’s beyond the overview scope of this article).
All FTP accounts should be created in your cPanel – sending those passwords through the air in plain text isn’t really any better, either, but at least you are limiting the access that they can get to that FTP account only. The only exception to this would be if you use SFTP, which is actually run over shell and not over “FTP” – in that case, you are required to use your cPanel login as that login is the only true Unix login and hence the only way that you can have SFTP access.
You cannot simply login to SFTP on port 22, either – we hide all shell ports and we do not publish those ports anywhere. You’ll need to email the support department and request the port for your server as they are all different. This allows us to know exactly who has shell access, and to monitor its security with a little extra glance every now and then.
We do recommend SFTP for everyone on a Junior account or above (as Intros don’t have shell). It is a more secure way to get files back and forth between the server, and if you are on an ISP that throttles FTP upload speeds you can sometimes dramatically speed up your FTP sessions when uploading to your site by using SFTP as it’s not a (currently) commonly throttled port when ISPs are throttling ports common to file sharing to limit their end users ability to share files.
It addition, by creating your FTP and Email accounts yourself, you put the ability to reset passwords when you forget in your own hands, and you don’t have to wait for support to do it for you, which is a handy little thing to be able to do.