1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block ports 2082 and 2086 in cPanel/WHM ?

Discussion in 'General Discussion' started by kazimir82, Apr 28, 2011.

  1. kazimir82

    kazimir82 New Member

    Joined:
    Apr 15, 2011
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    On my VPS I have both unsecure (http) access to cPanel and WHM on ports 2082 and 2086, and secure (https) on 2083 and 2087.

    Is it possible to disable the unsecure versions, so that no login & passwords are ever being transmitted in plaintext?

    I guess blocking ports 2082 and 2086 would do the job, how/where can I do that? Or is there another way to disable the http (not https) pages?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    12,122
    Likes Received:
    33
    Trophy Points:
    48
    Location:
    Pennsylvania
    Have a close look at your preferences here:

    WHM > Tweak Settings > Redirection tab.
     
  3. kazimir82

    kazimir82 New Member

    Joined:
    Apr 15, 2011
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Thanks, but exactly where do I find this? Not sure if I'm looking in the right place, my VPS is using WHM 11.28.83 on CENTOS 5.5 and I can't find the items you mentioned in the main WHM menu?
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    12,122
    Likes Received:
    33
    Trophy Points:
    48
    Location:
    Pennsylvania
    Do you happen to have a reseller account on this VPS? If yes, your host may have disabled some features in your WHM.

    For a peek at all the default settings in WHM, you might like to check out the Demo located here:
    Demo - cPanel Inc.
     
  5. kazimir82

    kazimir82 New Member

    Joined:
    Apr 15, 2011
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    12,122
    Likes Received:
    33
    Trophy Points:
    48
    Location:
    Pennsylvania
    Lots. You have a limited access account (or Reseller) to WHM. This is why you can't find the Tweak Settings options.

    It's easy to compare, open up the WHM demo I've linked you to in one browser and open your WHM in another and take a look. ;)
     
  7. kazimir82

    kazimir82 New Member

    Joined:
    Apr 15, 2011
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Sorry if I seem blind or retarded ;) but I can't find it there either..? You are referring to the first one, right? ("Root and Reseller Admin Panel", i.e. this or this)

    If I go there and search for Tweak or Redirect it doesn't seem to be there?
     
  8. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    12,122
    Likes Received:
    33
    Trophy Points:
    48
    Location:
    Pennsylvania
    My apologies, the account in the Demo is restricted a bit as well. Attached is what the full WHM side menu looks like, for root user. A Reseller account can have access to this section you dont have, but only if root user says so. ;)
     

    Attached Files:

  9. kazimir82

    kazimir82 New Member

    Joined:
    Apr 15, 2011
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Aah OK, all clear now :)

    I will ask my host if they can enable these features for me. Thanks again!!
     
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    12,122
    Likes Received:
    33
    Trophy Points:
    48
    Location:
    Pennsylvania
    Sure thing. Only one issue there, I don't believe you can add just the Tweak Settings page for a Reseller. To give access to that area you give access to lots more at the same time.
     
  11. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    As a reseller, you won't be able to block ports 2082 and 2086 regardless as you won't have iptables access, CSF access (if installed) nor be able to change Tweak Settings. The reason for this being the case is that any changes you were to make in any interface or component would impact everyone on the machine.

    If the provider does not want to block of 2082 and 2086 for the machine itself, you could simply ask them to block those ports on your IP provided you have your reseller user on a dedicated IP that the host is not sharing with other accounts that aren't part of your reseller account. It is possible in iptables to block ports on select IPs.
     
  12. kazimir82

    kazimir82 New Member

    Joined:
    Apr 15, 2011
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Thanks again Tristan, I've been in touch with them and they fixed it some other way in the end: they enforced SSL access on cPanel & WHM (don't know how/where but apparently this was something they could configure). So if I now browse to port 2082 or 2086 I get a cPanel / WHM page saying "SSL is required", with a link to the https version (on ports 2083 and 2087 respectively). No login information is being entered anymore in any unsecure connection. Which is good :)
     

Share This Page