Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Protecting website issue

Discussion in 'Security' started by Cameron Worts, Sep 5, 2017.

  1. Cameron Worts

    Cameron Worts Member

    Joined:
    Apr 22, 2015
    Messages:
    11
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    One of our sites we look after is currently being targeted by a DOSS attack and we have moved to a different IP and the DOSS followed to the new IP so we changed to another network.

    We decided to change the nameserver records on the account to cloudflare to try stopping the DOSS attacks. We also moved the dns records such as whm.<domainname> and cpanel.<domainname> dns records so the people who are attacking the site do no know where the site is hosted.

    I know you can use tools such as a cloudflare resolver to pick up the end IP however, those tools are slowly disappearing however, if I type <domainname>/cpanel or <domainname>/whm, that will redirect me to the server hostname.

    How can I stop this so it is harder for people to try and gain access. The only other way is to isolate the website and put it on a simple LAMP server.
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,834
    Likes Received:
    85
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    What level of firewall protection you have on your server i.e, have you configured firewall on your server? Did you look for hardware firewall option from your DC?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,396
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You can update the settings under the "Redirection" tab in "WHM >> Tweak Settings" to control the destination when accessing those URLs. If you want to disable the /cpanel or /whm aliases completely, there's a thread on that topic at:

    SOLVED - Remove domain.com/cPanel & WHM URL

    You may also find this thread helpful:

    Solutions for handling ddos attacks?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Cameron Worts

    Cameron Worts Member

    Joined:
    Apr 22, 2015
    Messages:
    11
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Yep, We had CSF enabled and the host has got DOSS protection but they found that the attack was coming via a different upstream provider so we had to move it to another provider that specialize in DDOS attacks for now they've stopped but paying a lot more for the service.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice