Disallow accessing sites via server IP?

postcd · Sep 17, 2019

How to disallow accessing cpanel hosted files via server IP, like for example:
http://mywhmserverIP/~lwogjdkug/ABC/cgi-bin/something/123/
and require access via domain names assigned to particular cpanel?

I would like to set this for all future accounts and preferably also for all existing.

Thank you in advance for help.

cPanelMichael · Sep 17, 2019

Hello

The Apache mod_userdir module allows for visitors to access a user's website via a URL that contains that user's username. You can read about how this feature works (including how to disable it) at:

Apache mod_userdir Tweak - Version 82 Documentation - cPanel Documentation

documentation.cpanel.net

Let me know if this helps.

Thank you.

postcd · Sep 17, 2019

Thank you for help, it was helpful.
Though note that yours mentioned article mentioned non existing path in my case (WHM76):
"If you attempt to provide protection on a dedicated IP address, the site's contents will still display when protection is enabled. To disable this behavior, open the /etc/apache2/conf.d/includes/post_virtualhost_global.conf file..."
The path that exist in my case is:
/usr/local/apache/conf/includes/post_virtualhost_global.conf
After i added "UserDir disabled" into it and restarting apache, even directory listing become impossible showing 404 error: http://mywhmserverIP/~username/
Before the modification, directory listing was possible and file opening was 404. Now all are 404. Thank you

cPanelMichael · Sep 17, 2019

Hello @postcd,

The documented paths are intended for servers using EasyApache 4. Since you're using cPanel & WHM version 76 (and I presume EasyApache 3), I recommend reverting the changes you made to /usr/local/apache/conf/includes/post_virtualhost_global.conf and then rebuilding the Apache configuration file using the command below:

/scripts/rebuildhttpdconf

Note that cPanel & WHM version 76 is at EOL status:

Reminder: cPanel & WHM Version 76 now EOL | cPanel Newsroom

As of cPanel & WHM Version 78’s move to STABLE on April 8th, cPanel & WHM Version 76 has reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 76 will continue...

news.cpanel.com

From a security perspective, it's imperative that you update cPanel & WHM to a supported version as soon as possible.

Let us know if there's anything we can do to help with the upgrade process.

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
C	DNSOnly VPS - Default webpage when accessing host	Web Servers and Applications	1	Jun 6, 2022
J	Accessing the server using the IP address goes to the 1st account we added	Web Servers and Applications	1	Apr 27, 2020
	How to disallow some crawler globally in httpd conf?	Web Servers and Applications	1	May 27, 2014
T	How to disallow php.ini overriding?	Web Servers and Applications	3	Jun 16, 2007
A	Disallowed PHP scripts in xx7 Directories	Web Servers and Applications	0	Apr 13, 2005

Search

Search

Disallow accessing sites via server IP?

postcd

Well-Known Member

cPanelMichael

Administrator