The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Change cPanel default ports (2082-3 & 2086-7)

Discussion in 'Security' started by awlaQ, Sep 21, 2014.

  1. awlaQ

    awlaQ Member

    Joined:
    Sep 21, 2014
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello people.

    I need to change the default ports of cPanel, user ports (secure & insecure) and of course root ones too.

    I search on Google + on this forum, I could find any accurate response.

    Any tutorial ?
     
  2. storminternet

    storminternet Well-Known Member

    Joined:
    Nov 2, 2011
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I am afraid you can not change default ports for cPanel and WHM. Using access hosts control from WHM you can restrict access to all and allow only specific IPs for cPanel /WHM access.
     
  3. PlotHost

    PlotHost Well-Known Member

    Joined:
    Apr 29, 2011
    Messages:
    253
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Twitter:
  4. awlaQ

    awlaQ Member

    Joined:
    Sep 21, 2014
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Already did change SSH default port, but there is a new exploit to root an updated server (Cpanel & OS).

    This is why I need to edit Cpanel login ports.
    is there any solution for a 2 fact authentification ? like SMS or something like this ?
     
  5. PlotHost

    PlotHost Well-Known Member

    Joined:
    Apr 29, 2011
    Messages:
    253
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Twitter:
  6. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    If you are aware of an exploit that could be used on cPanel servers, please send an e-mail to security@cpanel.net, as soon as possible. That goes directly to our security team, and they want to hear about any suspected security problem.

    You can change the cPanel port by editing this line in /var/cpanel/cpanel.config:

    Code:
    port=2082
    Then restart the cPanel service:

    Code:
    # /usr/local/cpanel/startup
    The port= directive in /var/cpanel/cpanel.config sets the non-SSL port. The SSL port will be one higher than that (2083 instead of 2082, by default).

    There is no way to change the WebHost Manager ports. No ability to change them exists in the product.
     
  7. awlaQ

    awlaQ Member

    Joined:
    Sep 21, 2014
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    About security exploit, there are 3 I am aware of, one of them allow a hacker to root the server via bandmin service, browse your website this way : /http://website.com/bandwidth and if it ask for htaccess login, you can get hacked easily.

    about the Two-factor, then can do it very easily, a simple Twilio/Nexmo api and will be solved.

    how about restricting access to some IPs only ? I will use a vpn to login to my accounts, do you have any tutorial please ?
     
  8. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Again, please e-mail security@cpanel.net if you think you have discovered any security problem in our product. That is the appropriate channel for reporting security concerns.

    You can restrict access by IP address to the WebHost Manager, cPanel, Webmail, and other services by using Home » Security Center » Host Access Control. This is documented here:

    http://documentation.cpanel.net/display/ALD/Host+Access+Control

    It is not noted in the documentation, but you can also use Host Access Control to restrict access to SSH (daemon name sshd) and FTP (daemon name ftp), but only if you use ProFTPd. Pure-FTPd does not respect tcpwrappers so Host Access Control has no effect on Pure-FTPd.
     
  9. awlaQ

    awlaQ Member

    Joined:
    Sep 21, 2014
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you Jared for the support,

    I will forward the exploit to cpanel team, and will try your solution about IP restrictions.

    Thank you and have a good day.
     
Loading...

Share This Page