Allowing cPanel updates with port 80 blocked

freedominternet

Registered
Jan 12, 2015
2
0
1
cPanel Access Level
Root Administrator
Hi!

After some not so nice Pharma hacks on a customer's site, we were advised to block port 80 in the CSF firewall. The downside to this is that it affects automatic updates from cPanel and other sources. To counter this we were told to white list the IP addresses needed for the updates but we have been unable to locate these.

Is anyone able to shed more light on this?

The error messages we get when attempting to automatically update are:
Running `/usr/local/cpanel/scripts/updatenow --upcp --log=/var/cpanel/updatelogs/update.1421063461.log` failed, exited with code 29 (signal = 0)

There is also an email for updatenow basically telling us the update failed.

Fantastico also gave an error (see below) but it tells us the IP address so we were able to add this to the firewall.

- Removed -
Connecting to 174.120.165.106:80... failed: Connection timed out.
Giving up.

Any help would be greatly appreciated.
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,222
463
Hello :)

There are several update mirrors that you will need to whitelist. You can run a command such as "host httpupdate.cpanel.net" to see these IP addresses.

Thank you.