Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Logwatch: cpanelhttps entries

Discussion in 'Security' started by modom, Jun 12, 2013.

  1. modom

    modom Well-Known Member

    Joined:
    May 18, 2002
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    306
    Location:
    Arkansas
    I see something in my logwatch and am not sure if someone called gip.com is trying to hack my server.
    Is there some way to permanently block this gip.com?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,396
    Likes Received:
    1,951
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    You will need to use a third-party firewall such as CSF or manual IPTables rules if you want to prevent an IP address from accessing your server. I don't see any references to the domain name mentioned in your post in the logs that you provided.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. modom

    modom Well-Known Member

    Joined:
    May 18, 2002
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    306
    Location:
    Arkansas
    I do use csf and can only block them when I see them. The IPs in that post are from gip.net after looking them up.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,396
    Likes Received:
    1,951
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    There are no options in CSF that can be used to block a hostname instead of the individual IP addresses that I am aware of. There was a thread on their forums asking this question:

    Block/Allow Hostnames

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. modom

    modom Well-Known Member

    Joined:
    May 18, 2002
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    306
    Location:
    Arkansas
    Thanks for the link ... I appreciate it.

    I have modsecurity on my server so will look into that one.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice