The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Question On Locking Down SSL Listening Port to specific IP addresses

Discussion in 'EasyApache' started by biggjoe, Nov 8, 2015.

  1. biggjoe

    biggjoe Member

    Joined:
    Aug 31, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hey Everyone,

    I have sort of a weird question for you all:

    I currently have a Dedicated Server running WHM & cPanel. For this particular server, I'm not reselling Web Hosting, but rather I'm running a variety of web applications on their own cPanel account.

    For each of these, I use Softaculous to install them and each has their own dedicated IP address.

    Since Apache is running on this Server and is being controlled by WHM, by default whatever port I set SSL connections to, will impact all of my cPanel accounts.

    One particular application that does not rely on Apache ended up having to be installed at the root level due to its design and therefore, I couldn't jail it to its own cPanel account. So now, it listens for connections on the Dedicated Server's Main IP address.

    So here lies the issue that I'm having. I need to be able to have all of my web applications listen for SSL connections on Port 443.

    Like I said ALL of my web applications rely on Apache EXCEPT for one.

    If I go into here: WHM ===>> Server Configuration ===>> Tweak Settings ===>> System ===>> Apache SSL Port ... here is where the port is set to Port 443.

    The issue is that if I leave Apache's SSL listening port at port 443, my other specialized web application won't start because it will detect that port 443 is already in use.

    Now, I see that I can easily lock-down Apache to only listen on 1 IP address.

    So here's my question:

    Is there a way that instead of locking down Apache to only listen on 1 ip address on port 443, is there a way that I can lock it down to listen to more than one ip address? Say 2, 3 or 4 ip addresses?

    If this cannot be done via WHM, can it be done through SSH?

    Or is there a way that it can listen for SSL connections on port 443 on all ip addresses, and just EXCLUDE 1 ip address?

    Thank you in advance for your help.

    BJ
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Is the Apache Reserved IP option helpful? It's found at:

    "WHM Home » Service Configuration » Apache Configuration » Reserved IPs Editor"

    Thank you.
     
  3. biggjoe

    biggjoe Member

    Joined:
    Aug 31, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanelMichael,

    That's it, it worked!!!! Thank you!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    BJ
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. clusters

    clusters Registered

    Joined:
    Nov 20, 2015
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Los Angeles
    cPanel Access Level:
    Root Administrator
    Ok, pardon me for hijacking this thread. I tried that but it reserved for both the non-SSL and SSL port. How do I go about doing it for just the SSL port?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You could modify the "Listen" entries in the httpd.conf file directly per the instructions at:

    Advanced Apache Configuration - EasyApache - cPanel Documentation

    Thank you.
     
Loading...

Share This Page