The cPanel on my website is being hacked, and I am not sure that the setup my host provides is totally secure. The hack works by intercepting my login. Will an SSL certificate prevent this? If it will, then it would be a lot cheaper than either the host or myself trying to fix a security bug.
Addendum: SSL did indeed stop the hacking.
If the problem is that somebody intercepts your password by sniffing the unencrypted network traffic then using SSL will help. This means not just installing a SSL certificate but actually using https:// instead of http:// to access the site.
If the problem is instead a security issue of cPanel or that the attacker grabs your login credentials on your own machine (malware, malicious browser plugin or similar) then SSL will not help since it only protects the transport of the data between browser and server.
By default, logins can be intercepted at any point, on your computer, in between the computer and server, or on the server.
Using an SSL connection protects the traffic from your computer to the server, but it does not protect from malware at either end of the connection, and if you use a service like Cloudflare you may not be protected from the service to the origin server.
It depends how the credentials are being captured, if your host or machine are compromised then it might not help, but it will reduce the attack surface of your site, this is why chrome now shows warning for insecure logins, because the extra risk of using HTTPS has near to no advantage.
Are you sure the hack is happening by your login being intercepted?
If so, SSL would help, but you do not need to purchase an SSL certificate for your website. The SSL that covers cPanel is separate from the one for your website - the SSL for cPanel will usually be a self-signed certificate generated by the server, that you access by logging into cPanel on port 2083 instead of port 2082.
That said, unless someone has access to your home internet connection, the likelihood that the hack is coming from someone intercepting your login is pretty low.
If you have confirmation that the attacker is logging into your cPanel, then they may be brute-forcing your password, or you may be re-using a password from some other service that has had their login/password database compromised. (See haveibeenpwned.com to see if your email address is in any known data breaches from major companies.) So your best bet here would be to use a STRONG password, that you do not use anywhere else.
There are also other ways an attacker can get in without ever logging into your cPanel. If your website has been defaced or had malicious content uploaded, it is fairly likely that you fell victim to this type of attack. If you use a content management system like Wordpress or Joomla, older versions of these (and sometimes their plugins) can have known vulnerabilities that attackers can exploit to upload malicious files without ever having to figure out your password. So keeping your website software up-to-date is important. If you have been hacked, it is also important to change the password for the MySQL user that your software package uses, since this is often stored in plain text (eg in wp-config.php) so if they have access to your files, that password should be considered compromised.
Last, look under "FTP accounts" in cPanel, and delete any old FTP accounts that you're not using, this is another easy way for attackers to get in and upload bad things.
