Change ssh port withoud APF or CSF

Jul 24, 2018
14
3
3
Romania
cPanel Access Level
Website Owner
I wannt to change the ssh default port from 22 to something else because of 2 reasons:
1. for security reasons
2. because I'm using Cloudflare and it blocks port 22 anyway

I know there are some old posts/tutorials of doing this, and I even did it about 2 years ago using CSF.
The problem is that I saw that on my WHM CSF or APF (not maintained any more?) is not installed by default and since I need only to change my ssh port, I don't think it's the only way.

I have followed this cPanel official docs: How to Secure SSH | cPanel & WHM Documentation
I made the first step of updating the `/etc/ssh/sshd_config` file to the port i want, restarted the ssh service but in documentation it also says that the Firewall needs to be updated as well to allow traffic on the new ssh port.

In the second documentation page (How to Configure Your Firewall for cPanel & WHM Services | cPanel & WHM Documentation) I can see there are 3 ways of doing this? APF, CSF and iptables. If I understood correctly, the only buildin method is the `iptables` way, but there are only examples of blocking ip, but nothing for what I want.

Can anyone recommand the easiest/secure way ?

Thanks
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,519
1,027
313
cPanel Access Level
Root Administrator
Hey there! The only thing you'd need to do is open the port with IPTables. If you're more comfortable installing and using CSF as you've done in the past, it's a free download from ConfigServer, although it's never been something we have maintained on our end.
 
Jul 24, 2018
14
3
3
Romania
cPanel Access Level
Website Owner
Hey there! The only thing you'd need to do is open the port with IPTables. If you're more comfortable installing and using CSF as you've done in the past, it's a free download from ConfigServer, although it's never been something we have maintained on our end.
Thanks for your reply.
Last time when I did it, it was already installed within the WHM, now looks like I need to install it manually and I'm just thinking that there must a reason why cPanel choose to not install it anymore by default.
So hence I need only to open this new port, do you think it is worthy ? Can be any conflict between the cPanel build-in security and the CSF? What whould you do?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,519
1,027
313
cPanel Access Level
Root Administrator
It's important to note that cPanel has never included CSF with any of our installations. If you saw that installed in a previous instance, it was likely added to the system by your hosting provider.

There is no conflict at all with CSF and other built-in tools, so I would just install CSF if that is what you are used to using.
 
  • Like
Reactions: Spidey Catalin
Jul 24, 2018
14
3
3
Romania
cPanel Access Level
Website Owner
It's important to note that cPanel has never included CSF with any of our installations. If you saw that installed in a previous instance, it was likely added to the system by your hosting provider.

There is no conflict at all with CSF and other built-in tools, so I would just install CSF if that is what you are used to using.
OK, I`ll go on with CSF then.. Thanks for your help