The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

LDAP authentication or WHM behind a VPN

Discussion in 'Security' started by Vliegtuig, Feb 8, 2010.

  1. Vliegtuig

    Vliegtuig Well-Known Member

    Jan 21, 2010
    Likes Received:
    Trophy Points:
    Hi everyone,

    I am currently in the process of figuring out a secure, but convienent way to protect the WHM interface of our server. We do not permit any clients to access WHM; Cpanel is also not a requirement although some clients could benefit from Cpanel access.

    (FYI: we are webdevelopment company and we are not keen on giving access to our clients due to security concerns).

    The actual question:

    I want to restrict access to the WHM interface (and possibly SSH as well) withouth using IP-restrictions. Although IP-restrictions can add an extra layer of security, I do not believe it to be very failsafe.

    I am currently thinking of 2 possible solutions:

    1. Connect the entire server to our company VPN and make WHM available on a local IP only
    2. Authenticate to VPN using LDAP

    The first solution seems to be the most secure, but I am wondering if any of you have done this before and if there are certain things to keep in mind.

    I'd love to hear your thoughts on the subject.
  2. d_t

    d_t Well-Known Member

    Sep 20, 2003
    Likes Received:
    Trophy Points:
    [buy &] Install a SSL certificate in cPanel/WHM and configure redirection to https. Use cPHulk or a firewall like csf to block IPs that try to break password.

    This is not the best way because password can be stolen - but I think is secure enough. cPanel does not accept certificate based authentication.

Share This Page