How to disallow cPanel to use extra IPs?

Oct 27, 2017
9
1
3
Albania
cPanel Access Level
Root Administrator
Hello,

I have some extra IPs on my server, but i won't use them all for cPanel, sadly when i setup those extra IPs some ports will used automatically by cPanel (apache and other stuff)

Meanwhile i just did "ifup eth1" i didn't tried ti add it from WHM
After that if i try to visit port :80 i see cPanel default page, From WHM at "Show or Delete Current IP Addresses" i can see eth1 but there is no option to remove it, i think in that place i can see all NICs who are up, but i can remove them only when i add them to cPanel from WHM.

So all what i want is to use one ip for a different thing i won't allow cPanel to use ports of all other IPs which i have on my server, how can i do that? cPanel does not use just port :80, but all other ports can be accessed from all extra IPs which i have
Code:
Host is up (0.0000040s latency).
Not shown: 986 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
111/tcp  open  rpcbind
143/tcp  open  imap
443/tcp  open  https
465/tcp  open  smtps
587/tcp  open  submission
993/tcp  open  imaps
995/tcp  open  pop3s
3306/tcp open  mysql
Thank you.
 

24x7server

Well-Known Member
Apr 17, 2013
1,911
96
78
India
cPanel Access Level
Root Administrator
Twitter
Hi,

By default the bindings are like 0.0.0.0:2086 and etc, so it binds to all the IPs available on the server irrespective of what ethernet it is on..

If you want to have some IPs to not listen to these port, then it is better to use firewall to block the connection on that port for those IPs only. You can install CSF on your server and use /etc/csf.allow or /etc/csf.deny lists to disable it..
 
  • Like
Reactions: Xhuljo Skendaj
Oct 27, 2017
9
1
3
Albania
cPanel Access Level
Root Administrator
Hi,

By default the bindings are like 0.0.0.0:2086 and etc, so it binds to all the IPs available on the server irrespective of what ethernet it is on..

If you want to have some IPs to not listen to these port, then it is better to use firewall to block the connection on that port for those IPs only. You can install CSF on your server and use /etc/csf.allow or /etc/csf.deny lists to disable it..
yes i know that it binds 0.0.0.0 so i was thinking maybe there is a way to change that and set the ip not 0.0.0.0!
that's the reason why i posted here because i want to use one extra ip for something else and not just blocking ports :/ !
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,203
363
  • Like
Reactions: Xhuljo Skendaj