Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Disable site.com/whm and site.com/cpanel

Discussion in 'Security' started by MrAndreas, Mar 19, 2012.

  1. MrAndreas

    MrAndreas Member

    Joined:
    Oct 31, 2011
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Website Owner
    i have dedicated server with 3 ip addresses and only use one dedicated ip for my website. The main ip address is used for whm is not connected to site.

    Now the question arose since i got too many notification for people trying to crack my whm password 5-20 attempts like every day now. i need to disable site.com/whm and site.com/cpanel and only being able to login to whm from the main ip address.

    E.g.
    whm - 201.220.11.59
    site.com - 201.220.11.2
    not used - 201.220.11.101

    so i wan to only be able to access whm like this: 201.220.11.59/whm

    or it can be any other trick as far as below statement is true
    when someone goes to:

    201.220.11.2/whm
    201.220.11.2:cpanel
    201.220.11.2:2087
    201.220.11.2:2083

    201.220.11.101/whm
    201.220.11.101/whm
    201.220.11.101:2087
    201.220.11.101:2083

    should lead to NOWHERE.

    Logic's behind this is that no one know about 201.220.11.59 since it does not have any website on it.

    P.S. ip is fake obviously.
    P.P.S. i would just change port of cpanel maybee if there was no /whm and /cpanel shortcut.
     
    #1 MrAndreas, Mar 19, 2012
    Last edited: Mar 19, 2012
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    33
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You could place entries into iptables to block the cPanel and WHM ports for the other IPs on the machine (please try google searches for how to block specific ports on a specific IP).

    You could use the suggestions in this thread to remove the cpanel and whm ScriptAliasMatch lines and to change the cPanel port:

    http://forums.cpanel.net/f5/ask-rename-cpanel-whm-become-newname-226501.html#post933932

    I further mention such changes at this location:

    http://forums.cpanel.net/f185/moving-default-cpanel-whm-locations-avoid-directory-scanners-248251.html#post1037321
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelTristan, Mar 20, 2012
  3. matrix4495

    matrix4495 Member

    Joined:
    Mar 27, 2012
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    i commented those lines out with #

    still not getting disabled!
     
    #3 matrix4495, Mar 27, 2012
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    33
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Did you run the following commands afterwards?

    Code:
    /usr/local/cpanel/bin/apache_conf_distiller --update
/scripts/rebuildhttpdconf
/etc/init.d/httpd restart
    Apache must be restarted in order for the urls to no longer allow the redirection. You might also want to restart cPanel (/etc/init.d/cpanel restart).

    Of note, I didn't suggest commenting out the lines in my linked replies. I suggested removing them.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelTristan, Mar 28, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Disable site site
  1. Angel Castro

    disabled autoSSL and set new certificates to access website

    Angel Castro, Sep 8, 2018, in forum: Security
    Replies:
    10
    Views:
    313
    Angel Castro
    Sep 13, 2018
  2. USA_Webmaster

    SOLVED Unhook Remove Disable Site Publisher

    USA_Webmaster, Nov 20, 2017, in forum: User Experience
    Replies:
    3
    Views:
    795
    USA_Webmaster
    Nov 21, 2017
  3. Derekn

    How to disable PHP-OPcache per user/site

    Derekn, Oct 17, 2017, in forum: EasyApache
    Replies:
    12
    Views:
    4,054
    cPanelMichael
    Oct 26, 2017
  4. Andreea

    Disable Site Publisher

    Andreea, Sep 14, 2017, in forum: User Experience
    Replies:
    5
    Views:
    1,137
    Infopro
    Sep 15, 2017
  5. Scott Galambos

    Disabled Webalizer Stats Issue

    Scott Galambos, Mar 23, 2019 at 2:05 PM, in forum: General Discussion
    Replies:
    1
    Views:
    324
    GOT
    Mar 23, 2019 at 3:44 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice