I have of course created a hostname for my WMH/cPanel server in the form something.mydomain.com and only access WMH and cPanel through the ports 2087 and 2083. All of my sites also are proxied through a firewall so that no traffic needs to ever hit ports 80 and 443 directly to the hostname. Does it make sense for me to block access to the server for ports 80 and 443 except to the the CIDR ranges for those firewalls (which can send traffic through either of those ports)? I ask because I see traffic being blocked by Modsecurity rules coming directly into the hostname.
Hey there! This might cause some issues with the free SSL that is provided for the hostname as the verification checks for that certificate do happen over a web connection. However, we do have a list of IPs for that particular traffic you could allow through the firewall if you can configure that:
Those IPs could change in the future, but you'd get a notification from the server if the hostname SSL failed to renew for some reason.
Those IPs could change in the future, but you'd get a notification from the server if the hostname SSL failed to renew for some reason.
The site is already behind Sucuri, but would it make sense to just lock down the countries using CSF country code blocks and my Maxminds API license? It is easy to lock down the most frequent offenders.
Sure - you could try that instead - as long as everything connects properly for AutoSSL that will still work.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| W | Basic Auth results in "ERR_TOO_MANY_RETRIES" | Security | 9 | |
| D | AutoSSL Renewal and Basic Authentication | Security | 1 | |
| D | Basic (probably invalid) question: what is the order for updating WHM, etc. ... | Security | 1 | |
| D | Cpanel / WHM Best Practices for Security Basics | Security | 9 | |
| H | Security Basics | Security | 3 |