Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

LDAP authentication or WHM behind a VPN

Discussion in 'Security' started by Vliegtuig, Feb 8, 2010.

  1. Vliegtuig

    Vliegtuig Well-Known Member

    Joined:
    Jan 21, 2010
    Messages:
    74
    Likes Received:
    2
    Trophy Points:
    58
    Hi everyone,

    I am currently in the process of figuring out a secure, but convienent way to protect the WHM interface of our server. We do not permit any clients to access WHM; Cpanel is also not a requirement although some clients could benefit from Cpanel access.

    (FYI: we are webdevelopment company and we are not keen on giving access to our clients due to security concerns).

    The actual question:

    I want to restrict access to the WHM interface (and possibly SSH as well) withouth using IP-restrictions. Although IP-restrictions can add an extra layer of security, I do not believe it to be very failsafe.

    I am currently thinking of 2 possible solutions:

    1. Connect the entire server to our company VPN and make WHM available on a local IP only
    2. Authenticate to VPN using LDAP

    The first solution seems to be the most secure, but I am wondering if any of you have done this before and if there are certain things to keep in mind.

    I'd love to hear your thoughts on the subject.
     
  2. d_t

    d_t Well-Known Member

    Joined:
    Sep 20, 2003
    Messages:
    242
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Bucharest
    [buy &] Install a SSL certificate in cPanel/WHM and configure redirection to https. Use cPHulk or a firewall like csf to block IPs that try to break password.

    This is not the best way because password can be stolen - but I think is secure enough. cPanel does not accept certificate based authentication.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice