Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

KISS / Cpanel ports

Discussion in 'General Discussion' started by jamesbond, Nov 16, 2002.

  1. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    168
    I'm thinking of installing the KISS iptables script.
    http://www.geocities.com/steve93138/

    Has anyone else used that script in combination with CPanel?


    I compiled this list of ports that need to be open (from posts on this forum)
    Looks complete to me, but suggestions are always welcome :p

    21 ---& FTP ---& TCP
    22 ---& SSH ---& TCP
    25 ---& SMTP ---& TCP
    53 ---& DNS ---& TCP & UDP
    80 ---& HTTP ---& TCP
    110 ---& POP3 ---& TCP
    143 ---& IMAP ---& TCP
    443 ---& HTTPs ---& TCP
    465 ---& sSMTP ---& TCP
    993 ---& sIMAP ---& TCP
    995 ---& sPOP3 ---& TCP
    2082 ---& Cpanel ---& TCP
    2083 ---& secure Cpanel
    2086 ---& WHM ---& TCP
    2087 ---& secure WHM
    2095 ---& WebMail ---& TCP
    2096 ---& secure WebMail
    3306 ---& MySQL ---& TCP
    6666 ---& Melange ---& TCP
    7786 ---& Ichange ---& TCP
     
  2. netarus

    netarus Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    105
    Likes Received:
    0
    Trophy Points:
    166
    Any recommendations on installing iptables and removing ipchains. I've found ipchains useful, however, iptables seem to be a lot more solid app.

    We're using RH 7.3
     
  3. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    168
    I noticed Portsentry is running on my CPanel server by default and monitoring only port 1 and 111 (TCP)

    # Use these if you just want to be aware:
    TCP_PORTS=&1,111&
    UDP_PORTS=&&
    #

    Is there any reason why only 2 ports are being monitored by default?
     
  4. auyongtc

    auyongtc Member

    Joined:
    Aug 13, 2001
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    301
    I tried the script (added the ports that a cpanel box would need to survive) and guess what?

    I completely locked myself out... had to get the techs in the DC to reboot for me - then I could login again...

    Any idea what happened?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    168
    [quote:8300e6f900][i:8300e6f900]Originally posted by auyongtc[/i:8300e6f900]

    I tried the script (added the ports that a cpanel box would need to survive) and guess what?

    I completely locked myself out... had to get the techs in the DC to reboot for me - then I could login again...

    Any idea what happened?[/quote:8300e6f900]

    You probably forgot to configure some parts of the script, did you read through it all and added your ip's and additional ports to be open ?

    # There are only 5 variables that need configuring.

    They are:
    # 1. SERVER_IPS
    # 2. SUBNET_BASE
    # 3. SUBNET_BROADCAST
    # 4. BLOCK_LIST
    # 5. ADDITIONAL_PORTS
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice