1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to setup FTP/WHM/CPANEL whitelists and blacklists?

Discussion in 'Security' started by Cr(+)sshair, Jul 15, 2011.

  1. Cr(+)sshair

    Cr(+)sshair New Member

    Joined:
    Jul 15, 2011
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    May someone link me up on the information to do this?

    Yes, I have used the search function and google but I keep getting results that don't specifically apply.

    I also do have CPHULK running, but my main issue is setting up a whitelist JUST for FTP/WHM/CPANEL and individual whitelists.

    Additional questions:

    What happens if my IP changes? How will I be able to get into the whitelist to change it for my new IP? Should I do it by my local range only?

    Thanks!
    Tyler
     
  2. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    Hello Tyler,

    You cannot whitelist for cPHulk Brute Force Protection for only select services. If you are going to whitelist, it would be for anything that cPHulk Brute Force Protection checks.

    Of note, if your IP changes, it shouldn't prevent you from still being able to log into the machine to add additional whitelists unless that specific account has been locked out. I would highly suggest creating a secondary root-level account in WHM > Reseller Center area that can log in if root account were to be locked out. This way, you can still access the machine since that random username you select isn't likely to be brute force guessed like root user account would be.

    As for the range, I would suggest using the range of IPs you believe yours might end up using to avoid getting temporarily locked out.

    Thanks.
     
  3. keddie

    keddie Member

    Joined:
    Nov 17, 2007
    Messages:
    50
    Likes Received:
    0
    Trophy Points:
    6
    CSF allows IP whitelisting / blacklisting.

    I have a private proxy server setup with a static IP that is whitelisted in CSF. This way if my local broadband IP changes and gets banned, I can fall back to a proxied connection.
     
  4. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    Of note, this thread and the questions asked concern cPHulk Brute Force Protection rather than CSF (ConfigServer Security & Firewall) + LFD protection.
     

Share This Page