The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM Proxy Domain

Discussion in 'Security' started by cryptotheslow, Feb 28, 2010.

  1. cryptotheslow

    cryptotheslow Registered

    Joined:
    Feb 28, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi

    Following a recent security breach I decided I'd like to firewall WHM to just my own IP.

    So to be able to do that I have to disable the port 80 http://whm.somedomain.com access.

    I used...
    /scripts/proxydomains remove --subdomain=whm

    Which removed the A record from the DNS zone for whm, but the proxy still works i.e. http://whm.somedomain.com still functions fine.

    I can understand the DNS being cached downstream for some time, but shouldn't the internal proxy from port 80 to 2086 also now be disabled?

    If not, even without the A record being present wouldn't this be exploitable with a not so hard to craft http request?

    Basically I want WHM to only be available using http://somedomain.com:2086 so I can access list that port. As it is it seems that even without the DNS A record for whm.somedomain.com access could still be gained via port 80 - albeit not entirely trivial to do with just a browser of course.

    Have I simply missed a simple setting somewhere?

    Thanks
     
  2. cryptotheslow

    cryptotheslow Registered

    Joined:
    Feb 28, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    All sorted - the answer was in front of my nose.

    Just had to uncheck the:

    Add proxy VirtualHost to httpd.conf to automatically redirect unconfigured cpanel, webmail, webdisk and whm subdomains to the correct port (requires mod_rewrite and mod_proxy)

    option in WHM Tweak Settings.


    Now http://whm.somedomain.com just redirects to the vanilla "Apache is working on your cPanel® and WHM™ Server" page.

    Happy days :)
     
  3. cryptotheslow

    cryptotheslow Registered

    Joined:
    Feb 28, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    OK - I spoke too soon.

    Unless I have both of these options checked in WHM, none of the subdomains work on either the main server domain or the hosted account domains:

    Add proxy VirtualHost to httpd.conf to automatically redirect unconfigured cpanel, webmail, webdisk and whm subdomains to the correct port (requires mod_rewrite and mod_proxy)

    Automatically create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for new accounts. When this is initially enabled it will add appropriate proxy subdomain DNS entries to all existing accounts. (Use /scripts/proxydomains to reconfigure the DNS entries manually)



    All I am trying to achieve is remove the subdomain for whm.mainserverdomain.com so I can access list port 2086, whilst leaving all the other sub domains functional.

    As soon as I uncheck the "unconfigured" option all subdomains for all domains hosted stop working. When I check it, whm.mainserverdomain.com comes back to life and I cannot disable it with either /scripts/proxydomains remove --domain=mainserverdomain.com or /scripts/proxydomains remove --subdomain=whm

    Do I need to manually edit the apache vhosts config to achieve this?

    Thanks
     
Loading...

Share This Page