Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Allowing cPanel updates with port 80 blocked

Discussion in 'Security' started by freedominternet, Jan 12, 2015.

  1. freedominternet

    freedominternet Registered

    Jan 12, 2015
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator

    After some not so nice Pharma hacks on a customer's site, we were advised to block port 80 in the CSF firewall. The downside to this is that it affects automatic updates from cPanel and other sources. To counter this we were told to white list the IP addresses needed for the updates but we have been unable to locate these.

    Is anyone able to shed more light on this?

    The error messages we get when attempting to automatically update are:
    Running `/usr/local/cpanel/scripts/updatenow --upcp --log=/var/cpanel/updatelogs/update.1421063461.log` failed, exited with code 29 (signal = 0)

    There is also an email for updatenow basically telling us the update failed.

    Fantastico also gave an error (see below) but it tells us the IP address so we were able to add this to the firewall.

    - Removed -
    Connecting to failed: Connection timed out.
    Giving up.

    Any help would be greatly appreciated.
    #1 freedominternet, Jan 12, 2015
    Last edited by a moderator: Jan 13, 2015
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    There are several update mirrors that you will need to whitelist. You can run a command such as "host" to see these IP addresses.

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. quizknows

    quizknows Well-Known Member

    Oct 20, 2009
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    You should be able to close TCP port 80 inbound in csf conf but allow it outbound.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice