The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AWS ifcfg-eth0 settings

Discussion in 'Bind / DNS / Nameserver Issues' started by Mister9, Oct 6, 2015.

  1. Mister9

    Mister9 Member

    Joined:
    Apr 28, 2010
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi, I have AWS set up with CPanel. I been securing my server using CSF and I am down to the final score I'm looking to achieve. To get there I am looking fix this issue:

    Check for dhclient
    dhclient appears to be running which suggests that the server is obtaining an IP address via DHCP. This can pose a security risk. You should configure static IP addresses for all ethernet controllers


    I read that I need to edit this file, ifcfg-eth0. I am looking into this file and see that the contents in this file is in fact set to dhcp.

    Currently it looks like:
    DEVICE="eth0"
    BOOTPROTO="dhcp"
    ONBOOT="yes"
    TYPE="Ethernet"
    USERCTL="yes"
    PEERDNS="yes"
    IPV6INIT="no"
    PERSISTENT_DHCLIENT="1"

    So I'm assuming I should be looking to change this to a static IP.
    What would be the correct setting for this file?

    What will be the IPADDR / NETMASK?
    Local IP and subnet for the VPC or Public IP (Elastic IP) / what netmask?
     
  2. Mister9

    Mister9 Member

    Joined:
    Apr 28, 2010
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I just wanted to update this issue has been a scary place to fix.
    Since nobody has been able to assist me on this, I tried experimenting with the setting hoping it would fix the issue.

    After reading this answer, I set the settings to:

    DEVICE="eth0"
    BOOTPROTO="none"
    ONBOOT="yes"
    TYPE="Ethernet"
    USERCTL="yes"
    PEERDNS="yes"
    IPV6INIT="no"
    PERSISTENT_DHCLIENT="1"
    NETMASK="255.255.255.0"
    IPADDR ="10.0.0.11"​

    I figured my Netmask was 255.255.255.0 through /sbin/ifconfig -a
    and set my IPADDR to my private IP 10.0.0.11, saved, reboot, and crossed my fingers.

    The server was no longer accessible. No WHM access, No ssh access, I was petrified.
    Luckily I was working on the second DNSONLY server and all the domains were still up.
    I had to stop the server, detach and attach the volume to a new instance and revert these setting. I then detached and remounted to the original server and it all came back alive again.

    Anyway, if anybody knows the correct setting for this, please let me know.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    667
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I suggest consulting with your data center or a system administrator with physical access to the server for help modifying your network configuration. As you mentioned, any slight error can result in a lack of access to the system.

    Thank you.
     
Loading...

Share This Page