Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Protecting website issue

Discussion in 'Security' started by Cameron Worts, Sep 5, 2017.

  1. Cameron Worts

    Cameron Worts Member

    Joined:
    Apr 22, 2015
    Messages:
    10
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    One of our sites we look after is currently being targeted by a DOSS attack and we have moved to a different IP and the DOSS followed to the new IP so we changed to another network.

    We decided to change the nameserver records on the account to cloudflare to try stopping the DOSS attacks. We also moved the dns records such as whm.<domainname> and cpanel.<domainname> dns records so the people who are attacking the site do no know where the site is hosted.

    I know you can use tools such as a cloudflare resolver to pick up the end IP however, those tools are slowly disappearing however, if I type <domainname>/cpanel or <domainname>/whm, that will redirect me to the server hostname.

    How can I stop this so it is harder for people to try and gain access. The only other way is to isolate the website and put it on a simple LAMP server.
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,445
    Likes Received:
    56
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    What level of firewall protection you have on your server i.e, have you configured firewall on your server? Did you look for hardware firewall option from your DC?
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,127
    Likes Received:
    1,366
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You can update the settings under the "Redirection" tab in "WHM >> Tweak Settings" to control the destination when accessing those URLs. If you want to disable the /cpanel or /whm aliases completely, there's a thread on that topic at:

    SOLVED - Remove domain.com/cPanel & WHM URL

    You may also find this thread helpful:

    Solutions for handling ddos attacks?

    Thank you.
     
  4. Cameron Worts

    Cameron Worts Member

    Joined:
    Apr 22, 2015
    Messages:
    10
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Yep, We had CSF enabled and the host has got DOSS protection but they found that the attack was coming via a different upstream provider so we had to move it to another provider that specialize in DDOS attacks for now they've stopped but paying a lot more for the service.
     
Loading...

Share This Page