How to use reserved IP in new account creation

[PeterN123]

Hey guys,

I recently bought a new reserved IP for my VPS, have added that to my WHM.

But when I create new account, this IP is not being used? Still the primary IP being provisioned.

Would it be possible to use this IP from now on for new account setup and keep the old accounts IP intact?

Thanks everyone.

 

[ankeshanand]

Provisining a New IP Address across Many Users is only possible when you are a reseller. Create a Reseller account, Go to its Privileges and Assign its new Shared IP Address. All New accounts created by that Reseller Account would get the Second IP.

If you want all to get each dedicated IP, You have to go to Packages and select Dedicated IP. This would give each account, a New IP from the Pool available.

 

[PeterN123]

Provisining a New IP Address across Many Users is only possible when you are a reseller. Create a Reseller account, Go to its Privileges and Assign its new Shared IP Address. All New accounts created by that Reseller Account would get the Second IP.

If you want all to get each dedicated IP, You have to go to Packages and select Dedicated IP. This would give each account, a New IP from the Pool available.

I figured, if you change the main IP, that would also work? Old account with old IPs seems to be working fine on my end.

Is that a safe/ good practice overall?

 

[ankeshanand]

I figured, if you change the main IP, that would also work? Old account with old IPs seems to be working fine on my end.

Is that a safe/ good practice overall?

Prefer not changing the Main Shared IP. It would trigger Licensing Error...

 

[PeterN123]

Prefer not changing the Main Shared IP. It would trigger Licensing Error...

You are right, I have reverted it back.

My main concern is my customer knowing the main IP of WHM or my server, is there anyway you can hide your IP? I have already set up hostname, but IP could be easily looked up from using "dig".

 

[cPRex]

There isn't really a way to prevent the main IP from being known. The main IP is normally what gets shared between multiple users anyway, so in a typical system many domains would be using that IP address.

 

[ankeshanand]

You are right, I have reverted it back.

My main concern is my customer knowing the main IP of WHM or my server, is there anyway you can hide your IP? I have already set up hostname, but IP could be easily looked up from using "dig".

You cannot hide Shared IP Address! May I know why you are trying to hide the IP? because IP Visiblity is necessary for end user also in order to Setup his website on his end!

 

[PeterN123]

You cannot hide Shared IP Address! May I know why you are trying to hide the IP? because IP Visiblity is necessary for end user also in order to Setup his website on his end!

I am trying to hide my IP to avoid DDOS attack, wouldn't you be prone to DDOS when you expose your IP?

I have always used Cloudflare for all my sites to cloak IP. Can't convince all my customers to use Cloudflare unfortunately.

 

[ankeshanand]

I am trying to hide my IP to avoid DDOS attack, wouldn't you be prone to DDOS when you expose your IP?

I have always used Cloudflare for all my sites to cloak IP. Can't convince all my customers to use Cloudflare unfortunately.

Never worry about DDOS.... Those are preety small things Nowadays! and Hiding your IP Address won't cause a Difference because Attackers search Subnets and as per now, You can login to your SSH and See that how many failed login attempts have been on your SSH. After Seeing that, You can see how many attackers know your IP already... . The Term you are Searching for is Server Hardening.

Its maybe in cPanel Forums Rules that I am not allowed to share my Details but I'll be sure to give you some tips to prevent DDOS Attacks...
1. Don't fight with Others and Make enemies(LOL... Kidding!)
2. Install CSF Firewall Plugin in cPanel/WHM and Setup the Rules.
3. Use Datacenter's Native Firewall. Most Good Providers will offer you Datacenter-side Firewall which is preety effective in handling DDOS.
4. Use Cloud Firewalls like Imunify360... It blocks most of the bad requests, hacking,shell scripts upload and DDOS pretty hard.
5. Provision mod_evasive in Apache....(Not recommend in Some cases but you can temprorarily enable in case of a DDOS Detection)

 

[cPRex]

Those details that @ankeshanand shared are great. I'd add, that if you do get a DoS that's big enough where those steps can't handle it, you need a custom solution like an external hardware firewall or Cloudflare to absorb the traffic.

 

[PeterN123]

You cannot hide Shared IP Address! May I know why you are trying to hide the IP? because IP Visiblity is necessary for end user also in order to Setup his website on his end!

Never worry about DDOS.... Those are preety small things Nowadays! and Hiding your IP Address won't cause a Difference because Attackers search Subnets and as per now, You can login to your SSH and See that how many failed login attempts have been on your SSH. After Seeing that, You can see how many attackers know your IP already... . The Term you are Searching for is Server Hardening.

Its maybe in cPanel Forums Rules that I am not allowed to share my Details but I'll be sure to give you some tips to prevent DDOS Attacks...
1. Don't fight with Others and Make enemies(LOL... Kidding!)
2. Install CSF Firewall Plugin in cPanel/WHM and Setup the Rules.
3. Use Datacenter's Native Firewall. Most Good Providers will offer you Datacenter-side Firewall which is preety effective in handling DDOS.
4. Use Cloud Firewalls like Imunify360... It blocks most of the bad requests, hacking,shell scripts upload and DDOS pretty hard.
5. Provision mod_evasive in Apache....(Not recommend in Some cases but you can temprorarily enable in case of a DDOS Detection)

Oh wow that is some great tips. I am running a Litespeed server would mod_evasive compatible?

I am in the process of moving VPS to bare metal, bare metal would be a lot harder to move things around so I am trying to be as precautious as possible.

I talked to Vultr, their Bare Metal would not provide any DDOS protection, so I am thinking of moving to OVH Cloud.

Those details that @ankeshanand shared are great. I'd add, that if you do get a DoS that's big enough where those steps can't handle it, you need a custom solution like an external hardware firewall or Cloudflare to absorb the traffic.

Thanks man I will check out how external hardware firewall works :D

 

[ankeshanand]

Oh wow that is some great tips. I am running a Litespeed server would mod_evasive compatible?

I am in the process of moving VPS to bare metal, bare metal would be a lot harder to move things around so I am trying to be as precautious as possible.

I talked to Vultr, their Bare Metal would not provide any DDOS protection, so I am thinking of moving to OVH Cloud.



Thanks man I will check out how external hardware firewall works :D

You have Litespeed.... Then You got the Whole Package Already. First Login to Webconsole and Setup Per Client Throttling. Secondly, Add Google Recaptcha keys, so in case litespeed thinks some User is Performing a DOS, It will ask for Human Verification. More can be found on Litespeed Docs I guess... and mod_evasive is not Compaitable and Thats the "some cases" I was talking about!!

 

[ankeshanand]

I am in the process of moving VPS to bare metal, bare metal would be a lot harder to move things around so I am trying to be as precautious as possible.

Its easy, Not hard.... Just Install Centos79-minimal, Use cPanel Install Script, Install Plugins and Then Then Use Transfer Tool. It will copy everything from User Accounts to System Configuration and you just have to sit back and Relax!!

 

[PeterN123]

Its easy, Not hard.... Just Install Centos79-minimal, Use cPanel Install Script, Install Plugins and Then Then Use Transfer Tool. It will copy everything from User Accounts to System Configuration and you just have to sit back and Relax!!

Thanks so much for your tips! Quick question, what tool do you use to restore WHM setting? My server also have some config on memcache and MySQL. I am jusing Jetbackup.

 

[ankeshanand]

Thanks so much for your tips! Quick question, what tool do you use to restore WHM setting? My server also have some config on memcache and MySQL. I am jusing Jetbackup.

I also use Jetbackup but its primarily for storing User Backups. What do you mean by Restore WHM Settings? If you want to Migrate settings Across Servers, you can still use Transfer Tool for System Configuration. Rest, You have to manage the settings!

 

[cPRex]

@PeterN123 - you can use the "Backup System Files" option in the WHM >> Backup Configuration page to backup many of the server's configuration files. For a full list, you can check out documentation here:

System Backups | cPanel & WHM Documentation

This document explains configuration settings, contents, and logs of system backups.

docs.cpanel.net