The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable site.com/whm and site.com/cpanel

Discussion in 'Security' started by MrAndreas, Mar 19, 2012.

  1. MrAndreas

    MrAndreas Member

    Joined:
    Oct 31, 2011
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Website Owner
    i have dedicated server with 3 ip addresses and only use one dedicated ip for my website. The main ip address is used for whm is not connected to site.

    Now the question arose since i got too many notification for people trying to crack my whm password 5-20 attempts like every day now. i need to disable site.com/whm and site.com/cpanel and only being able to login to whm from the main ip address.

    E.g.
    whm - 201.220.11.59
    site.com - 201.220.11.2
    not used - 201.220.11.101

    so i wan to only be able to access whm like this: 201.220.11.59/whm

    or it can be any other trick as far as below statement is true
    when someone goes to:

    201.220.11.2/whm
    201.220.11.2:cpanel
    201.220.11.2:2087
    201.220.11.2:2083

    201.220.11.101/whm
    201.220.11.101/whm
    201.220.11.101:2087
    201.220.11.101:2083

    should lead to NOWHERE.

    Logic's behind this is that no one know about 201.220.11.59 since it does not have any website on it.

    P.S. ip is fake obviously.
    P.P.S. i would just change port of cpanel maybee if there was no /whm and /cpanel shortcut.
     
    #1 MrAndreas, Mar 19, 2012
    Last edited: Mar 19, 2012
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,622
    Likes Received:
    24
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You could place entries into iptables to block the cPanel and WHM ports for the other IPs on the machine (please try google searches for how to block specific ports on a specific IP).

    You could use the suggestions in this thread to remove the cpanel and whm ScriptAliasMatch lines and to change the cPanel port:

    http://forums.cpanel.net/f5/ask-rename-cpanel-whm-become-newname-226501.html#post933932

    I further mention such changes at this location:

    http://forums.cpanel.net/f185/movin...id-directory-scanners-248251.html#post1037321
     
    #2 cPanelTristan, Mar 20, 2012
  3. matrix4495

    matrix4495 Member

    Joined:
    Mar 27, 2012
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    i commented those lines out with #

    still not getting disabled!
     
    #3 matrix4495, Mar 27, 2012
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,622
    Likes Received:
    24
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Did you run the following commands afterwards?

    Code:
    /usr/local/cpanel/bin/apache_conf_distiller --update
/scripts/rebuildhttpdconf
/etc/init.d/httpd restart
    Apache must be restarted in order for the urls to no longer allow the redirection. You might also want to restart cPanel (/etc/init.d/cpanel restart).

    Of note, I didn't suggest commenting out the lines in my linked replies. I suggested removing them.
     
    #4 cPanelTristan, Mar 28, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Disable site site
  1. akust0m

    Disable website hosting in package?

    akust0m, Feb 2, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    178
    Infopro
    Feb 2, 2017
  2. pkumar81

    Disable https redirection for website

    pkumar81, Jan 24, 2017, in forum: Security
    Replies:
    1
    Views:
    398
    cPanelMichael
    Jan 26, 2017
  3. PatrickVeenstra

    Disable site

    PatrickVeenstra, Nov 28, 2016, in forum: General Discussion
    Replies:
    3
    Views:
    241
    PatrickVeenstra
    Nov 29, 2016
  4. euro-space

    Disable access to compromised website

    euro-space, Nov 20, 2016, in forum: Security
    Replies:
    3
    Views:
    326
    cPanelMichael
    Nov 23, 2016
  5. Sametto Chan

    How to disable or forbidden site.com/cpanel

    Sametto Chan, Oct 31, 2016, in forum: General Discussion
    Replies:
    5
    Views:
    386
    cPanelMichael
    Oct 31, 2016

Share This Page