The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Dedicated IPs on Add-On domains?

Discussion in 'General Discussion' started by optize, Feb 18, 2009.

  1. optize

    optize Well-Known Member

    Joined:
    Apr 27, 2005
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    I have a customer, signed up for one domain, added 2 more add-on domains. He wants dedicated IPs for all 3 domains.

    Is that possible within WHM?
     
  2. JPC-Stefan

    JPC-Stefan Member

    Joined:
    Oct 29, 2008
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    It is not possible from WHM however you can do it manually from Shell as:

    If suppose your cPanel account username is "USER" and domains are:

    maindomain.tld
    addondomain1.tld
    addondomain2.tld

    Then you have to edit the following files using vim or pico editor

    /var/cpanel/userdata/USER/maindomain.tld
    /var/cpanel/userdata/USER/addondomain1.tld
    /var/cpanel/userdata/USER/addondomain2.tld

    And change the IP field to in each to your desired one.

    Rebuild apache configuration file by using:

    >/usr/local/cpanel/bin/build_apache_conf

    Restart apache service

    Edit DNS zone file of each domain and point A record to new IP.
     
  3. meeven

    meeven Well-Known Member

    Joined:
    May 8, 2007
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    This is really neat, thank you. I have been reading everywhere that add-on domains cannot have their own IP addresses.

    In your experience, does this work flawlessly? And, I guess you can now have SSL certs for add-on domains too?

    Shouldn't rebuilding apache be done by running /scripts/rebuildhttpdconf instead since EA3?
     
  4. JPC-Stefan

    JPC-Stefan Member

    Joined:
    Oct 29, 2008
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Sorry for my mistake the files for add-on domains should be:

    /var/cpanel/userdata/USER/subdomain1.maindomain.tld
    /var/cpanel/userdata/USER/subdomain2.maindomain.tld

    Also don't forget to make changes in the DNS zone files.

    As the domains will be on dedicated IP so I think there will be no problem in SSL certificate setup.
     
  5. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    I had the same problem, finally after asking a cPanel tech (I love those guys) they pointed me in the right direction with the solution above.

    Yes, for me it has worked every time (and I setup 2 or 3 dedicated IPs each day). It is a bit of a pain and I am in the process of automating it with some perl scripting when I get a chance. Aside from that it works everytime and have been doing it for about a month.


    I use /scripts/rebuildhttpdconf and it works for me.

    Also as JPC-Stefan said, make sure you edit your DNS zone else the world will not know the new IP.
     
  6. meeven

    meeven Well-Known Member

    Joined:
    May 8, 2007
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    stevenc317, thank you for pitching in with those details. Very helpful.:)
     
  7. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    no problem.

    Of course built in functionality for this in cPanel/WHM would be VERY NICE!

    A simple drop down box showing all available IP addresses when you add a new domain is very simple and easy to program.
     
  8. axishift

    axishift Member

    Joined:
    Feb 25, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Yeah, this is a great feature. Especially for customers that do domaining and SEO. How can we suggest this to CPANEL?
     
  9. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Just hope the boys back at cPanel are listening. This would be SOOOOO helpful to be able to assign a dedicated IP to a specific site.
     
  10. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    The reason you don't see dedicated IP support for addon domains is
    because of international rules and ICANN IP justification regulations ...

    I hate to bust everyone's bubble here but by modding the account that way,
    the only thing you can do is force a dedicated IP for the domain for the web
    site itself but because of various techical details involved you would not
    be able to setup certificates, anonymous FTP, a proper SSL secure session,
    or email on it's own IP address by doing that without further extensive
    modification and that is a very serious problem for you and your customers.

    Why?

    ICANN justification regulations require that dedicated IP addresses
    cannot be issued on accounts unless there is a justifiable reason where
    a shared IP address cannot be used.

    Presently only 2 modes of operation legitimately fulfill the terms and
    requirement of that regulation:

    1) Merchant Use / SSL Encryption

    2) Anonymous FTP Server

    Almost anything and everything else could be fulfilled using a shared IP
    address and therefore MUST be done with a shared IP address.

    Items such as "DNS servers" don't even meet the justification requirements!

    Just "wanting a dedicated IP address" is not good enough either!

    If you assign your client dedicated IP addresses and they are NOT explicitly
    and actively using at least one of the above listed justifiable services
    regularly on their account or some other service which can legitimately
    meet the justification rules and only be accomplished by means of dedicated
    IP address then you cannot issue dedicated IP addresses to the client
    and you would be in violation of regulation to do so.

    As a server owner and there by a host, you have a little flexibility via rules
    for allowing hosts to maintain a pool of potential IPs to be used but that
    doesn't extend down to your clients if you want to operate within the rules.

    Are you properly querying your clients as to their reasons for requesting IPs?

    Are you monitoring your clients to make sure their activities on their site
    continue to require the necessity for a dedicated IP and that they are
    actually actively using those service(s) requiring a dedicated IP?

    If you answer 'no' to either of these then you need to do some serious
    rethinking, re-working, and cleanup of your current allocated IP pool.
     
    #10 Spiral, Jul 12, 2009
    Last edited: Jul 12, 2009
  11. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Spiral,

    Yes you are right on ICANN, but that does not mean cPanel cannot support this. In my case I have 56 dedicated IP addresses on my cPanel box due to 52 of my customers have their own SSL certificates, the other IPs are for nameservers, etc. My hosting provider (Rackspace) allows me to have unlimited IPs on the condition that I fill out an affidavit for ICANN when I request my IP blocks. Currently it is a real pain to have to manually reconfigure cPanel for each site having a specific IP address.

    Why not create each as their own 'Account'? The reason is I do not host your typical $9.95/month for 100mb, rather we design turn key web solutions for targeted industries (EX: Auto Corner Dealership Website System for Automotive Dealers). Since this system is run on centralized scripts I must have them all in the same 'account' so that Apache will allow for them to read and write their files as needed. If they where each in their own account it would be a nightmare of permission issues trying to access files across users.

    Now if someone is looking to do SEO they are out of luck as that is a violation of ICANN (and Google/MSN/etc). Even if you were able to get past those undetected, you better have one heck of a big ISP because Google only counts cross-links from different 'C Blocks', if it is the same (which most smaller hosts have) it will not make a difference. In my case a few are from a different C Block -- which is a bonus I guess -- but that wasn't the reason for it.
     
  12. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    That's a lot of domains but by what you just said qualifies because
    SSL does require a dedicated IP be in place.

    That affidavit is you asserting that you will adhere to the regulations
    and enforce those policies on your server and your clients.

    Absolutely WRONG! Setting them all up on their own accounts
    and reading and writing to files across accounts is ridiculously simple,
    has really nothing to worry about in terms of permissions, and is
    not even close to resembling any "nightmare" as you put it.

    It sounds to me more of a case of you don't know how apparently. ;)

    I know something you don't know about that! :p

    Google and most of the others no longer care about IP address or
    domain name as that is unknown to most not how things are indexed
    and the way it is really being done is very sophisticated and very cool!

    Setting up multiple domains and multiple IP addresses and cross linking
    each of your sites won't do you any good whatsoever and in fact will
    actually heavily REDUCE your rankings and REDUCE your indexed levels.

    I wrote the new engine and crawler to one of the major search engines
    and I was consulted for several others on this very topic and though I
    am not at liberty to discuss how it's been done now, I can tell you that
    all the SEO dabblers out there are in for a very rude awakening!
     
    #12 Spiral, Jul 12, 2009
    Last edited: Jul 12, 2009
  13. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    I overly simplified my statements here for the sake of saving time, but let me assure you I have exhausted the techs at cPanel to come up with a solution that would work.

    EX:
    'System cgi' located - /home/mysystem/cgi-bin/thesystem/myCoolScript.pl
    'Customer 1' located /home/mysystem/public_html/thesystem/www.CoolCustomer1.com
    'Customer 2' located /home/mysystem/public_html/thesystem/www.CoolCustomer2.com

    I need the cgi scripts in 'system cgi' to read and write to Customer 1 & Customer 2.

    This works perfectly fine, but if you move it out into their own Accounts....
    'System cgi' located - /home/mysystem/cgi-bin/myCoolScript.pl
    'Customer 1' located /home/customer1/public_html/
    'Customer 2' located /home/customer2/public_html/

    Then you have permissions issues writing from 'mysystem' to 'customer1' or 'customer2'. This issues is easily fixed in Linux (or in the case of my other servers which are Solaris based) using FACLs and assigning those users to the same group and giving group rwx access. Simple. Well not with cPanel, it has a hissy-fit when you enable FACLs. As I said above cPanel techs went around and around with myself and my techs at Rackspace. No solutions worked.

    If you have any ideas, I would honestly appreciate you input.


    Not worth debating, because we are actually in agreement (for the most part), you just elaborated more than I did. Now if you read (or listen) to what Matt Cutts (Google) tells you that they do look at an IP address within the same C Block as spamming. While they never say (nor do I care) that an IP from a different C Block will help you, but he does say multiple links from within the same block will hurt you. Anyone that spends there day trying to spoof Google into get a few more PR points in an idiot and will get nowhere. Google tells you what they want you to do, make a good site with good content -- that is it. Anything else is a waste of time.

    Now back to the point of this whole thread. Dedicated IPs for an addon website is a useful feature. But there are so many other things that cPanel needs to improve first.
     
  14. S-Combs

    S-Combs Well-Known Member

    Joined:
    Jun 10, 2004
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    [Original Topic]

    The ability to modify the IP address of Add-On domains would be a very benificial addition for us and our clients as well.

    Many of our commerce clients have multiple domains/stores that each require dedicated SSL.

    Some of these additional domains/stores started out using only PayPal without the SSL requirement but later moved to more advanced payment gateways that do and this is where headaches begin.

    [/end]
     
  15. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Thank you for bringing this thread back to its original concept. I agree with you that a dedicated IP on an 'add-on' domain basis is needed for users of SSLs.
     
  16. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    What do you mean "bring it back" as it never left the original topic!

    Incidentally, I already said SSL was a reason for a dedicated IP:
    I don't argue with having dedicated IPs for addon domains, I am just simply pointing out that customers cannot have dedicated IPs for all their domains simply because "they want one". If they have a legitimate reason such as using each for e-commerce on their own SSL certificates then that would be perfectly fine to do that and there should be a setup to allow for that.

    Where things become an issue and I have seen it myself is where clients ask to have a dedicated IP for all their add-on domains on their accounts and they have no legitimate purpose for allocating that under IP regulations.
     
  17. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Damn you love to argue.

    Simple solution: cPanel... Offer the ability to assign a dedicate IP address to an addon domain WHEN & ONLY WHEN you are installing an SSL cert.
     
  18. D-Litz

    D-Litz Active Member

    Joined:
    Feb 4, 2009
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Now does this effect cPanel updates? Will these settings stay put?

    Did you happen to develop the script yet?
     
  19. stevenc317

    stevenc317 Well-Known Member

    Joined:
    Jan 27, 2009
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    When cPanel does an update, you will be fine.
     
Loading...

Share This Page