Host access control. OK to deny all except for my static IP?

Jelf · Jan 31, 2021

I run a web server that is hosted as a VPS and admittedly I am more of a casual admin. My server hosts web pages, php scripts, and static files (pdf, csv, etc). Anyone can access those items.

I am the only user with access to SSH, cpanel, whm, email, etc.

Lately I have been learning how to improve security and as part of that process I have been reading up on Host Access Control.
I am only going to do sys admin stuff from my home office which has a static IP.

Is there any downside to allowing my static IP and my server IP and denying all other IPs for all the services listed under the Host Access Control? Any surprises waiting to jump out and bite me if go ahead and do this?

cPRex · Feb 1, 2021

Hey there! That seems like a good plan to me. If you are the only one accessing the WHM or cPanel tools you could restrict the access to those services to your local IP address. As long as that's a static IP, I wouldn't expect you to run into any odd issues.

Jelf · Feb 1, 2021

Thanks
Maybe other single-user admins like me will see this and realize this is a good way to tighten up security on their server.

Jelf · Feb 9, 2021

Here is an update.
After I set cPanel to only allow my local IP, many cPanel features did not work.
Instead I saw an error message about authorization.

The solution was to also allow a range of IPs (69.195.126.*) used by Bluehost which is my service provider.

cPRex · Feb 9, 2021

There is always the risk of making things too restricted, but I'm glad you were able to track that down and get the issue resolved.

saman1 · May 17, 2022

i allowed my current ip and blocked all now i don't have access
HTTP error 401

You do not have permission to access this page.

what should i do
with knowing that my ip is correct and no one else need access
is that right that i should allow my server ip or hosting company ip too?
now what should i do
please s o s

cPRex · May 17, 2022

@saman1 - I would start by removing that restriction and then seeing if you still experience that error. If so, then you can be sure it is a firewall configuration issue. If not, there is likely something else causing the 401.

saman1 · May 17, 2022

someone had disabled ssh so when i asked the master to give me access he started arguing that i myself have hacked the server so that i argue against them and i ran out

Thread starter	Similar threads	Forum	Replies	Date
T	SOLVED Host Access Control not working	Security	7	Jan 11, 2023
A	Adding IP to Host Access Control	Security	1	Jul 10, 2022
K	Host Access Control, rules dont load - nftables removed, iptables installed	Security	3	Feb 1, 2022
A	Questions about Host Access Control	Security	2	Jan 25, 2022
S	Host Access Control error	Security	3	Jan 21, 2021

Search

Search

Host access control. OK to deny all except for my static IP?

Jelf

Active Member

cPRex

Jurassic Moderator

Jelf

Active Member

Jelf

Active Member

cPRex

Jurassic Moderator

saman1

Registered

cPRex

Jurassic Moderator

saman1

Registered