The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Allow cPanel, whm, webmail, ftp login from single LAN

Discussion in 'Security' started by crazyaboutlinux, Dec 7, 2011.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    One of our client wants Allow cPanel, whm, webmail, ftp login from single LAN from client's Office.
    And can not from other ISP
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    The following option in Web Host Manager would be useful for this:

    "WHM>> Security Center >> Host Access Control"

    Per the description, Host Access Control allows you to set up specific rules to allow or deny access to your server and services on it based on the IP address that is attempting to connect. It is general practice that denying all connections and only allowing connections that you wish to proceed is the most secure way to use Host Access Control.

    Thank you.
     
  3. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Hello Michael,

    GM... :)

    That works fine except ftp sever (means ftp service) i have set the rules as below
    Daemon Access List Action
    ftp (FtpServer) 65.98.xx.xxx deny
    whostmgrd 65.98.xx.xxx deny
    cpaneld 65.98.xx.xxx deny

    when we trying to open WHM & cPanel I got the message like acces denied but still that IP can access FTP service
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    This feature relies upon TCP Wrapper support in the service being blocked. The version of PureFTPd available with cPanel is not compatible with TCP Wrappers at this time. Please try switching to ProFTPd and let us know if the issue persists.

    Thank you.
     
  5. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    but mostly PureFTPd is recommended, So it would be good if you implement this
     
  6. storminternet

    storminternet Well-Known Member

    Joined:
    Nov 2, 2011
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I don't think even proftpd would be compatible with tcpwappers. Better you disable port 21 in csf firewall and allow the user's IP in csf allow list for the ftp
     
  7. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    if I disable port 21 how FTP can connect to FTP server ???
     
Loading...

Share This Page