Disabling some of cpsrvd instances

thobarn

Well-Known Member
Apr 25, 2008
152
1
68
sanctum sanctorum
Is there a way to stop cpsrvd instances listening on ports 2082, 2086, 2095 and 2096? I have these blocked in fw already. What I would like to do is stop them from starting permenantly. Thanks
 

thobarn

Well-Known Member
Apr 25, 2008
152
1
68
sanctum sanctorum
hi
CPanel/WHM are reachable over HTTPS on port 2083/2087 respectively. Don't have any requirement for Webmail, hence I want to stop instances listening on HTTP. Is there a way to disable those? Thanks
 

Amit Deshmukh

Well-Known Member
Jul 1, 2007
83
0
56
Which Os ?

Disabling services that are started in inetd.conf
The first place to check for services that are started is in inetd.conf. This file is almost always located in /etc, so the full path to the file would be /etc/inetd.conf

Any line that starts with a '#' character is a comment line and can be ignored. One good way to see which services have not yet been disabled is to issue the command:

grep -v ^# /etc/inetd.conf

This command lists all of the lines in /etc/inetd.conf that do not begin with a comment character.

To disable a service, you need to edit the inetd.conf file (with your favorite editor) and insert a '#' at the beginning of each line for the services that you wish to disable. It's always a good idea to make a backup copy of the file before you make any changes, just in case something goes wrong while you're editing.

NOTE: If you are running Red Hat 7.2 or higher, a new version of inetd is running (called xinetd) and services are enabled/disabled using chkconfig as described in the following section.

Regards,
 

thobarn

Well-Known Member
Apr 25, 2008
152
1
68
sanctum sanctorum
CentOS 4.7

Many thanks for taking time to reply. I am running CentOS 4.7
Disabling services that are started in inetd.conf
I do not have this.
NOTE: If you are running Red Hat 7.2 or higher, a new version of inetd is running (called xinetd) and services are enabled/disabled using chkconfig
This looked like what I might need, however it does not give me a way to stop *some* instances of cpsrvd selectively (or I am missing something). Below is the output from this command.
Code:
[email protected] [~]# chkconfig --list
sysstat         0:off   1:on    2:on    3:on    4:on    5:on    6:off
snmpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
courier-authlib 0:off   1:off   2:on    3:on    4:on    5:on    6:off
portsentry      0:off   1:off   2:off   3:on    4:on    5:on    6:off
netplugd        0:off   1:off   2:off   3:off   4:off   5:off   6:off
lfd             0:off   1:off   2:on    3:on    4:on    5:on    6:off
yum             0:off   1:off   2:off   3:off   4:off   5:off   6:off
saslauthd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
netfs           0:off   1:off   2:off   3:off   4:on    5:on    6:off
httpd           0:off   1:off   2:off   3:on    4:off   5:on    6:off
ipaliases       0:off   1:off   2:on    3:on    4:on    5:on    6:off
xinetd          0:off   1:off   2:off   3:on    4:on    5:on    6:off
auditd          0:off   1:off   2:off   3:off   4:off   5:off   6:off
exim            0:off   1:off   2:on    3:on    4:on    5:on    6:off
named           0:off   1:off   2:on    3:on    4:on    5:on    6:off
dc_server       0:off   1:off   2:off   3:off   4:off   5:off   6:off
securetmp       0:off   1:off   2:on    3:on    4:on    5:on    6:off
nscd            0:off   1:off   2:off   3:off   4:off   5:off   6:off
mysql           0:off   1:off   2:on    3:on    4:on    5:on    6:off
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
courier-imap    0:off   1:off   2:on    3:on    4:on    5:on    6:off
syslog          0:off   1:off   2:on    3:on    4:on    5:on    6:off
rawdevices      0:off   1:off   2:off   3:off   4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
bandmin         0:off   1:off   2:on    3:on    4:on    5:on    6:off
sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
snmptrapd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
lm_sensors      0:off   1:off   2:on    3:off   4:on    5:on    6:off
pure-ftpd       0:off   1:off   2:off   3:on    4:off   5:on    6:off
winbind         0:off   1:off   2:off   3:off   4:off   5:off   6:off
dc_client       0:off   1:off   2:off   3:off   4:off   5:off   6:off
rdisc           0:off   1:off   2:off   3:off   4:off   5:off   6:off
filelimits      0:off   1:off   2:on    3:on    4:on    5:on    6:off
cpanel          0:off   1:off   2:off   3:on    4:on    5:on    6:off
csf             0:off   1:off   2:on    3:on    4:on    5:on    6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
xinetd based services:
        chargen:        off
        time-udp:       off
        daytime-udp:    off
        finger: off
        daytime:        off
        ntalk:  off
        echo-udp:       off
        talk:   off
        echo:   off
        swat:   off
        rsync:  off
        time:   off
        chargen-udp:    off
So it is not what I need. Still, good to know about this tool for future reference. Thanks :)

Currently I have these instances of cpsrvd running
Code:
[email protected] [~]# netstat -nlp | grep cpsrvd
tcp  0  0 0.0.0.0:2082        0.0.0.0:*           LISTEN    21940/cpsrvd - wait
tcp  0  0 0.0.0.0:2083        0.0.0.0:*           LISTEN    21940/cpsrvd - wait
tcp  0  0 0.0.0.0:2086        0.0.0.0:*           LISTEN    21940/cpsrvd - wait
tcp  0  0 0.0.0.0:2087        0.0.0.0:*           LISTEN    21940/cpsrvd - wait
tcp  0  0 0.0.0.0:2095        0.0.0.0:*           LISTEN    21940/cpsrvd - wait
tcp  0  0 0.0.0.0:2096        0.0.0.0:*           LISTEN    21940/cpsrvd - wait
I would like to stop the ones listening on ports 2082, 2086, 2095 and 2096 so they do not start at all. I reckon CPanel is spawning these at some point but I cannot figure out how to stop them :confused:
 

bvierra

Well-Known Member
Jul 28, 2006
55
1
158
Southern California
This is not possible to do as it is part of the cpsrvd binary. To disable this would also disable the other ports as well.
 

thobarn

Well-Known Member
Apr 25, 2008
152
1
68
sanctum sanctorum
Thanks for taking time to reply.
This is not possible to do...
In that case, blocking those at fw will have to do. IMHO though, there should be a way to turn instances of cpsrvd at will :( At least I can stop searching for an answer now.
 

acenetgeorge

Well-Known Member
PartnerNOC
Mar 6, 2008
68
4
58
Southfield, MI
cPanel Access Level
DataCenter Provider
You may be able to jury-rig this by blocking those ports in your firewall. That would prevent any connections to those ports.

It is probably not a good idea to disable or block these ports. If you have any clients whose corporate firewall blocks any of the SSL ports, you may need the non-SSL ports to connect.
 

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,608
77
308
cPanel Access Level
Root Administrator
There is only one instance of cpsrvd, listening on multiple ports. When a request comes on one of the ports, cpsrvd forks to handle the request. There is no mechanism for preventing cpsrvd from listening on the various ports. You will need to block access via the firewall.