The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Logwatch: cpanelhttps entries

Discussion in 'Security' started by modom, Jun 12, 2013.

  1. modom

    modom Well-Known Member

    Joined:
    May 18, 2002
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Arkansas
    I see something in my logwatch and am not sure if someone called gip.com is trying to hack my server.
    Is there some way to permanently block this gip.com?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You will need to use a third-party firewall such as CSF or manual IPTables rules if you want to prevent an IP address from accessing your server. I don't see any references to the domain name mentioned in your post in the logs that you provided.

    Thank you.
     
  3. modom

    modom Well-Known Member

    Joined:
    May 18, 2002
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Arkansas
    I do use csf and can only block them when I see them. The IPs in that post are from gip.net after looking them up.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    There are no options in CSF that can be used to block a hostname instead of the individual IP addresses that I am aware of. There was a thread on their forums asking this question:

    Block/Allow Hostnames

    Thank you.
     
  5. modom

    modom Well-Known Member

    Joined:
    May 18, 2002
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Arkansas
    Thanks for the link ... I appreciate it.

    I have modsecurity on my server so will look into that one.
     

Share This Page