Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable access to compromised website

Discussion in 'Security' started by euro-space, Nov 20, 2016.

  1. euro-space

    euro-space Member

    Joined:
    Mar 24, 2014
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    Please share your methods, what are the best and easiest way to disable world access to the spamming website hosted on a shared server, and allow only certain IP's of the website owner to investigate and fix the issue.

    Website is based on Joomla and adding "Require all denied" in .htaccess is not working for some reason, neither appending following:

    <Directory "/home2/cpuser/public_html/" >
    Require all denied
    </Directory>

    to the Post VirtualHost Include editor in WHM is working... Running Apache 2.4.

    Thank you.
     
  2. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    335
    Likes Received:
    95
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    You could try this in the .htaccess file for the directory that you are trying to protect
    Code:
    <RequireAny>
    Require ip x.x.x.x y.y.y.y z.z.z.z
    </RequireAny>
    Add as many IPs separated by a space that you want to allow - the rule has to validate to any one of the IPs to let you in, anything else will be blocked

    See mod_authz_core - Apache HTTP Server Version 2.4 for more information
     
    #2 rpvw, Nov 20, 2016
    Last edited: Nov 20, 2016
  3. danielpmc

    danielpmc Well-Known Member

    Joined:
    Nov 3, 2016
    Messages:
    64
    Likes Received:
    28
    Trophy Points:
    18
    Location:
    Gainesville, Florida
    cPanel Access Level:
    Reseller Owner
    Hello euro-space,

    I am currently using this in my cPanels public_html .htaccess. This blocks all traffic except my IP. I have used this on and off for years as i build or test sites.

    Order Deny,Allow
    Deny from all
    Allow from xxx.xxx.xxx.xxx

    Replace xxx.xxx.xxx.xxx with your IP.

    (Also if you need to allow others to access you can add as many Allow from xxx.xxx.xxx.xxx as needed.)

    Hope this helps you out.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @euro-space,

    The previous posts should help.

    Let us know if you have any questions.

    Thank you.
     
Loading...

Share This Page