Re: How can resellers w dynamic IPs access WHM without constant firewall wh
My current host [URL removed] have written a simple WHM Add on that allows me to enter a dynamic hostname (e.g. from DynDNS) and then enter the IP address for this as an Allow in the firewall. It runs every 5 mins or so and checks if the hostname IP has changed and if it has then update the firewall again. DynDNS is a service to update your hostname IP to your current dynamic IP.
This works very well, unfortunately they wont release it to use on other servers, so mny non-Clook servers do not have this protection.
Instead I have to open up SSH, cPanel, WHEN to the world just so a few customers on dynamic IP addesses can access them.
MANY people are on dynamic IP addresses, and I am amazed that cPanel does not support this yet, via hostnames that can update to the dynamic IP like the script Clook wrote.
Lately there has been a massive increased of hacking, and this is a very serious issue I believe cPanel should address more.
There are so many other things cPanel could do, for example, the next best thing after the above would be to also disallow upload scripts except from IP addresses on an ALLOW list.
This way, with SSH, cPanel, FTP and WHM all blocked, and then the software itself not allowing any upload, the server would be so much more secure. Without preventing upload of files from disallowed IP addresses every host in the world constantly has to keep updating and securing their scripts and we will always be one step behind hackers. So much time spent which could prevented if cPanel disallowed such certain PHP functions from all but an allowed list of IP addresses, which are updated from dynamic hostnames. Instead we have to open up SSH, FTP, cPanel, and WHM so user with dynanic IP addresses can access them, and host unsecure software scripts.
So I believe host software like cPanel could do so much more to help us secure our servers. Introducing this dynamic Ip update in the firewall from a DynDNS service is for one a massive increase in my server security, but I can only use it on [URL removed]