Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable site.com/whm and site.com/cpanel

Discussion in 'Security' started by MrAndreas, Mar 19, 2012.

  1. MrAndreas

    MrAndreas Member

    Joined:
    Oct 31, 2011
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Website Owner
    i have dedicated server with 3 ip addresses and only use one dedicated ip for my website. The main ip address is used for whm is not connected to site.

    Now the question arose since i got too many notification for people trying to crack my whm password 5-20 attempts like every day now. i need to disable site.com/whm and site.com/cpanel and only being able to login to whm from the main ip address.

    E.g.
    whm - 201.220.11.59
    site.com - 201.220.11.2
    not used - 201.220.11.101

    so i wan to only be able to access whm like this: 201.220.11.59/whm

    or it can be any other trick as far as below statement is true
    when someone goes to:

    201.220.11.2/whm
    201.220.11.2:cpanel
    201.220.11.2:2087
    201.220.11.2:2083

    201.220.11.101/whm
    201.220.11.101/whm
    201.220.11.101:2087
    201.220.11.101:2083

    should lead to NOWHERE.

    Logic's behind this is that no one know about 201.220.11.59 since it does not have any website on it.

    P.S. ip is fake obviously.
    P.P.S. i would just change port of cpanel maybee if there was no /whm and /cpanel shortcut.
     
    #1 MrAndreas, Mar 19, 2012
    Last edited: Mar 19, 2012
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,609
    Likes Received:
    31
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You could place entries into iptables to block the cPanel and WHM ports for the other IPs on the machine (please try google searches for how to block specific ports on a specific IP).

    You could use the suggestions in this thread to remove the cpanel and whm ScriptAliasMatch lines and to change the cPanel port:

    http://forums.cpanel.net/f5/ask-rename-cpanel-whm-become-newname-226501.html#post933932

    I further mention such changes at this location:

    http://forums.cpanel.net/f185/moving-default-cpanel-whm-locations-avoid-directory-scanners-248251.html#post1037321
     
    #2 cPanelTristan, Mar 20, 2012
  3. matrix4495

    matrix4495 Member

    Joined:
    Mar 27, 2012
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    i commented those lines out with #

    still not getting disabled!
     
    #3 matrix4495, Mar 27, 2012
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,609
    Likes Received:
    31
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Did you run the following commands afterwards?

    Code:
    /usr/local/cpanel/bin/apache_conf_distiller --update
/scripts/rebuildhttpdconf
/etc/init.d/httpd restart
    Apache must be restarted in order for the urls to no longer allow the redirection. You might also want to restart cPanel (/etc/init.d/cpanel restart).

    Of note, I didn't suggest commenting out the lines in my linked replies. I suggested removing them.
     
    #4 cPanelTristan, Mar 28, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Disable site site
  1. USA_Webmaster

    SOLVED Unhook Remove Disable Site Publisher

    USA_Webmaster, Nov 20, 2017, in forum: User Experience
    Replies:
    3
    Views:
    336
    USA_Webmaster
    Nov 21, 2017
  2. Derekn

    How to disable PHP-OPcache per user/site

    Derekn, Oct 17, 2017, in forum: EasyApache
    Replies:
    12
    Views:
    1,050
    cPanelMichael
    Oct 26, 2017
  3. Andreea

    Disable Site Publisher

    Andreea, Sep 14, 2017, in forum: User Experience
    Replies:
    5
    Views:
    511
    Infopro
    Sep 15, 2017
  4. akust0m

    Disable website hosting in package?

    akust0m, Feb 2, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    604
    Infopro
    Feb 2, 2017
  5. pkumar81

    Disable https redirection for website

    pkumar81, Jan 24, 2017, in forum: Security
    Replies:
    1
    Views:
    1,456
    cPanelMichael
    Jan 26, 2017

Share This Page