.htaccess to restrict Cpanel/WHM access


Aug 13, 2003

After having my server hacked last week or so, I;ve been paranoid when it comes to closing all possible access points to the server.

Anyone know how to setup a .htaccess file so that only certain IPs or subnets are allowed to access the panels?



Well-Known Member
Feb 25, 2010
Houston, TX
cPanel Access Level
Root Administrator
This thread is almost seven (7) years old, so it is unlikely that the original poster still needs help with this question, but there is no need to create a .htaccess file to restrict access to the WebHost Manager or cPanel. Instead, you can use Main >> Security Center >> Host Access Control in the WebHost Manager.

cpsrvd is the daemon that provides access to cPanel and the WHM, and webmaild is the daemon that provides access to Webmail, so you can use these settings to restrict access to certain portions of the interface, as well as to SSH.

Please use caution with this configuration. If you access the Internet through a service that uses dynamic IP addresses, your IP address could change without warning and leave you without access to your server. It is best to allow access to more than one IP address or range of IP addresses, to leave you at least one other option to access the server should your normal workstation's IP address change.

You may find the following section in our documentation to be helpful:

Host Access Control