The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Question about IPs

Discussion in 'General Discussion' started by SunDanceKid, Nov 2, 2006.

  1. SunDanceKid

    SunDanceKid Member

    Joined:
    Dec 26, 2005
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    I have 5 usable IP's on my server. WHM puts all my sites on one shared IP and then lets me give out the other 4 to only single sites. Is there a way I can change this default behavior so that I can put say 5 sites on each IP?
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Login to WHM >> IP Functions >> Change Site's IP Address
     
  3. SunDanceKid

    SunDanceKid Member

    Joined:
    Dec 26, 2005
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Ok - let me clarify. This is the way my installation of WHM works:


    xxx.xxx.xxx.001 <<-- shared
    xxx.xxx.xxx.002
    xxx.xxx.xxx.003
    xxx.xxx.xxx.004


    If 002-004 already have one site each WHM will not let me move another site from shared to 002-004 (the pull down IP list just appears blank). I have to first move one of the non-shared sites to the shared IP first.

    I'd like to be able to mix and match however I like. So that I cold have multiple sites on each IP.
     
  4. cpanelinfoseeker

    cpanelinfoseeker Well-Known Member

    Joined:
    Oct 25, 2002
    Messages:
    324
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    NE Illinois
    cPanel Access Level:
    Root Administrator
    Setup "reseller accounts" and assign a different "Main shared IP" to each reseller account. You can then setup your domains under the appropriate reseller IP to have several accounts on each IP.

    Ron
     
  5. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    There shouldnt be any reason to have multiple shared ips but if you wanted to do it the only way i know how to do it is the way cpanelinfoseeker said.
     
  6. SunDanceKid

    SunDanceKid Member

    Joined:
    Dec 26, 2005
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Oh - there is a VERY good reason. :cool:
     
  7. kistler

    kistler Well-Known Member

    Joined:
    Jan 27, 2005
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    only good reason i can think of is to track spam/abuse issues with an account...
     
  8. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    Can you tell us why then? I would be interested in knowing :)

    As for tracking abuse/spam, it wont help, exim send mail out the primary ip regardless of what you tell apache to do, even if a account is ip based, mail goes out the base ip. Even if the site is exploited and the "script kiddie" starts a flooder or somthing, unless in his code he specifically changes the source ip/interface all that traffic is going to go out the base ip.
     
  9. SunDanceKid

    SunDanceKid Member

    Joined:
    Dec 26, 2005
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Sure - with domaintools.com (whois.sc) you can see every site on a given IP. I've have good business reason to separate some sites from other ones. The IPs are on seperate 24/s as well so the competition can't just guess the next IP number.
     
  10. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    ok, i can see some reasoning behind this, i guess it could be useful the case were you have a site that is aimed at children and a adult website on the same ip, it would be useful to not put those two types of sites on the same ip... but then again adult content related sites should be on a separate server IMO.

    As for the competition grabbing a list of sites on your server, moving them around isn't going to help, heck i can pull a list of all domains using your name servers quiet easily. Also competition isnt going to just scan you, if somebody is doing this type of scan they are going to be running through ip after ip after ip... sooner or later they are going to get to that next /24.

    If you really want to see this feature added you can open a feature request at http://bugzilla.cpanel.net but i dont really think they are going to add this feature.
     
  11. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Actually there is another reason for putting sites on another IP. I do this for many of my sites so I can have all of a reseller's sites running under one IP. This is useful to lower DDOS risk for instance, if baddies DDOS that IP and we have to null-route it only that reseller is affected. It is actually also possible to setup exim so that email for a particular domain, or group of domains, goes out on a different IP, although you'd have to do so manually. It can also be used to facilitate transfer to another server.

    For a related reason you should never make your main shared IP be the same as your server base IP. The reason for this is that if your shared IP is DDOSed and subsequently null routed the server won't be accessible via WHM, and possibly not available at all due to the way some datacenters handle their VLANs. Also cpanel licencing won't be able to call home so your cpanel installation won't work at all. Makes it really hard to fix things/determine the DDOS target!

    If nameservers are secured correctly, this isn't possible via zone transfer (that is, if an access list is used, as should be.) Regardless, Shaun's point still stands, as there are multiple providers out there who can tell you how many domains are hosted on a site/particular IP based on access to domain registration data and analysis against nameservers (whois.sc is one I think).
     
    #11 brianoz, Nov 6, 2006
    Last edited: Nov 6, 2006
  12. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    Right but this feature is already supported and was mentioned above

    Sure but were talking about the default exim configuration, if we wanted to customize things by hand you could easily do this to make multiple shared ips for accounts owned by root by editing the httpd.conf and manually changing things per site.


    I will agree with this to a extent because it would eliminate a few steps in the move process but were talking about changes that take minutes, regarless if your shared or primary ip is being DOS'd you still have quiet a bit of a headache moving customers around. Also, the whm/cpanel is accessible on any ip bound to the server.

    Well thats true except i wasnt talking about doing zone transfers, you havnt been able to steel domain lists using zone transfers in forever (unless of course somebody enabled this by default in their named.conf), i cant even remember when that feature was enabled by default. The method i was talking about using i wouldnt even have to touch your server.
     
  13. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Like Shaun said, it's quite easy to get a list of all domains using your nameservers, or any variations of them. Also, I agree that anyone offering any adult material should definitely keep that on a separate server.

    As far as multiple shared IP's, I have done that by using reseller accounts for things I want separated.
     
  14. SunDanceKid

    SunDanceKid Member

    Joined:
    Dec 26, 2005
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    That's whay I don't run name serves on my box and use various 3rd party name servers like enom that have a major load of clients.

    Anyhow - my projects aren't vital to national security or anything. But if I can obfuscate things without too much trouble then it's worth it in my calculus.
     
  15. SunDanceKid

    SunDanceKid Member

    Joined:
    Dec 26, 2005
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Why? What good would that do?
     
  16. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    One good reason is because you wouldnt want a screw up in the apache config to show a adult website on a domain that targets children.. There are many other reasons... it's just a better idea to keep the stuff seperate.
     
  17. SunDanceKid

    SunDanceKid Member

    Joined:
    Dec 26, 2005
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    That would be bad.
    I agree. But I was just wondering because quite a few big hosts (Dreamhost) allow adult on their shared accounts.
     
  18. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    Some hosts dont care, some hosts dont notice, it's not requried that a host keep adult content seperate it's just a good idea in my opinion.. :)
     
Loading...

Share This Page