SSL Not redirect IP to hostname? (only HTTPS)

[nadav123]

Hey, what's up, guys.
I have a wired issue :/

server hostname redirects HTTP://my-ip:2087 works fine and redirects to the hostname: server.locksmithunit.cat

BUT
HTTPS://my-ip:2087 does not redirect redirects to the hostname: server.locksmithunit.cat

I found this as well:

https://support.cpanel.net/hc/en-us/articles/360052021274-Accessing-http-example-com-20xx-redirects-to-https-hostname-tld-20xx-despite-Tweak-Settings-set-to-Origin-Domain-or-Best-Match

And this too:
https://forums.cpanel.net/threads/your-connection-to-this-site-is-not-secure.629131/

but it sounds wired to me...
is a breach, if I see it like this, everybody can check my IP and gets to this insecure login page of my hostname (without SSL).

I sure cPanel aware to this and you have a way redirect that properly from the IP to the HOSTNAME with SSL.

OR I AM WRONG? AND CPANEL DID IT IN PORPOSE?
MAYBE THIS PAGE SECURE IN ANOTHER WAY?

Please help.

 

[cPanelAnthony]

Hello! Reaching the IP address via https won't work. It's not going to redirect properly since SSL certificates cannot be associated with IP addresses, but rather, domain names only.

Anyone who knows your IP address or server name can get to the WHM login. If someone has the hostname, they can simply do a DNS lookup and find the IP address it resolves to if needed. There simply isn't a practical way to completely hide your server's IP address.

You could, however, implement a solution like "host access control" to block out login attempts for WHM except for specific IP addresses.

https://support.cpanel.net/hc/en-us/articles/360057806173-What-is-Host-Access-Control-

 

[nadav123]

OK,
I got this page in WHM ( ATTACHED SCREENSHOT )
but what is the right "deamon" to block the login page?
and all other unsecured login pages.

if you can help me with the daemon name, i will put the allow and deny rules.

another question is:
it can damage something also? app running?
operation on the cloud?

(only asking just in case i will not damage something with the host access control)

 

[cPanelAnthony]

Hello! Using Host Access control won't break any services or damage your apps. The correct daemon would be,

whostmgrd

Host Access Control | cPanel & WHM Documentation

Use this interface to allow, reject, or drop access to services for specific IP addresses.

docs.cpanel.net

 

[nadav123]

Ok i think i got it, i gonna test it.
just in case i attached screenshot of what i did:


the first allow of whostmgrd is my IP
the second is deny any other one.

i see in the docs you send me the allow need to be before the deny rules.
tell me if i did it properly i gonna test it with a freind.

and thank you again,
is the second time you help me, very fast very clear answers.

Thank you

 

[nadav123]

Work like a charm.
Thanks, brother

You know what you doing, and explain it very clear. (Appreciate that)

 

[cPanelAnthony]

@nadav123 It's no problem! You have it completely right, I'm glad to hear you got this sorted out. Please don't hesitate to reach out if you ever have any questions.

 

[nadav123]

Hey whatsup, sorry i jump this post but is exactly touching my problem.

I moved apartment and now i need to change the IP in "whostmgrd" hahaha

have easy way to do it throw SSH?
i can connect throw Google Cloud easily. ( already connected via SSH need only commend or path change the old IP to the new IP )

 

[cPanelAnthony]

Hello! You can modify these rules by editing the following file.

/etc/hosts.allow

 

[nadav123]