Using cPGuard (Included Security)
cPGuard comes free with every GoZen cPanel plan. Here’s what it protects, how to check scan results, and how to manage it.
cPGuard is a server-level security suite that’s included with every GoZen Host cPanel plan - shared hosting, WordPress hosting, and managed VPS. See our full security overview. You don’t need to install it, configure it, or pay extra for it. It runs automatically in the background.
What cPGuard Does
Think of it as a security layer between the internet and your website. It handles threats that most WordPress security plugins can’t touch because it operates at the server level, not the application level.
| Feature | What It Does |
|---|---|
| Malware Scanner | Scans files on upload and modification. Quarantines known malicious files |
| Web Application Firewall (WAF) | Blocks SQL injection, cross-site scripting (XSS), remote file inclusion |
| Brute Force Protection | Rate-limits failed login attempts on cPanel, WordPress wp-login, and other app login pages |
| Outgoing Spam Detection | Monitors outgoing email and catches compromised accounts before they damage server IP reputation |
| CMS Vulnerability Scanner | Checks installed CMS applications (WordPress, Joomla, Drupal) for known vulnerabilities |
| IP Reputation Monitoring | Watches server IP against blacklists and alerts if something gets listed |
Checking Your Security Status
In cPanel
- Log into cPanel
- Look for the cPGuard section (usually under Security or as its own section)
- Click cPGuard to open the dashboard
The dashboard shows:
- Overview - summary of recent scans, blocked attacks, and current status
- Malware scan results - list of files scanned, any detections, and quarantine status
- WAF logs - recent blocked requests with details (IP, attack type, URL targeted)
- Brute force logs - login attempts blocked per service (cPanel, WordPress, FTP)
Understanding Scan Results
When cPGuard finds something, it either quarantines the file or flags it for review:
- Quarantined - the file has been moved to a safe location and can no longer execute. Your site may show errors if it was an active file.
- Flagged - the file is suspicious but not confirmed malicious. Review it manually.
False positives happen. Some WordPress plugins use obfuscated code that triggers malware scanners. If a legitimate plugin file gets quarantined, you can restore it from the cPGuard dashboard and whitelist the file.
Managing cPGuard
Restoring a Quarantined File
If cPGuard quarantined a file that you know is safe:
- Open the cPGuard dashboard in cPanel
- Go to Malware → Quarantine
- Find the file in the list
- Click Restore to put it back in its original location
Only do this if you’re sure the file is legitimate. If you’re not sure, open a support ticket and our team will review it.
Whitelisting Files or Paths
If you have a legitimate application that keeps getting flagged:
- In the cPGuard dashboard, go to Settings or Whitelist
- Add the specific file path (e.g.,
/home/username/public_html/wp-content/plugins/some-plugin/file.php) - Save
Whitelist specific files, not entire directories. Whitelisting /public_html/ would disable protection for your whole site.
cPGuard vs WordPress Security Plugins
You might wonder if you still need Wordfence or Solid Security. Here’s how they compare:
| Feature | cPGuard | WordPress Security Plugin |
|---|---|---|
| Operates at | Server level | Application level (PHP) |
| Protects | All sites on your account | Only the WordPress install it’s on |
| WAF | Blocks before request hits PHP | Blocks during PHP execution |
| Malware scanning | All file types, server-wide | WordPress files only |
| Performance impact | None (runs outside your resource limits) | Uses your PHP processes and memory |
| Brute force protection | cPanel, WordPress, FTP, email | WordPress login only |
| Requires configuration | No | Yes |
The short answer: cPGuard handles server-level protection. A WordPress plugin adds application-level features like login URL changes, file integrity monitoring, and two-factor auth. They complement each other.
If you want the simplest setup: rely on cPGuard for scanning and WAF, and add two-factor authentication to your WordPress admin. That covers the vast majority of attacks.
Common Questions
“Is cPGuard really free?”
Yes. It’s included with every GoZen Host cPanel plan. No add-on purchase, no trial period, no feature gating.
“Can I disable it?”
The server-level WAF and malware scanner run automatically and can’t be disabled per-account (they protect the entire server). The cPanel dashboard gives you visibility into what it’s doing and the ability to manage quarantined files.
“Does it slow down my site?”
No. cPGuard operates at the server level, outside your CloudLinux resource limits. It doesn’t consume your CPU or memory allocation.
“I got hacked despite cPGuard. What happened?”
cPGuard blocks known threats. If an attacker used a zero-day vulnerability or gained access through a leaked password, cPGuard may not catch the initial entry. But it will detect the malware they drop and quarantine it. If you suspect a compromise, contact support immediately.
What to Do Next
- Securing WordPress - application-level hardening on top of cPGuard
- Enabling Two-Factor Authentication - protect your cPanel and WordPress logins
- Understanding Your GoZen Hosting Stack - how cPGuard fits into the bigger picture
Last updated 07 Apr 2026, 00:00 +0200.