How to disallow cPanel to use extra IPs?

Xhuljo Skendaj

• January 16, 2018 12:32

Hello, I have some extra IPs on my server, but i won't use them all for cPanel, sadly when i setup those extra IPs some ports will used automatically by cPanel (apache and other stuff) Meanwhile i just did "ifup eth1" i didn't tried ti add it from WHM After that if i try to visit port :80 i see cPanel default page, From WHM at "Show or Delete Current IP Addresses" i can see eth1 but there is no option to remove it, i think in that place i can see all NICs who are up, but i can remove them only when i add them to cPanel from WHM. So all what i want is to use one ip for a different thing i won't allow cPanel to use ports of all other IPs which i have on my server, how can i do that? cPanel does not use just port :80, but all other ports can be accessed from all extra IPs which i have Host is up (0.0000040s latency). Not shown: 986 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 53/tcp open domain 80/tcp open http 110/tcp open pop3 111/tcp open rpcbind 143/tcp open imap 443/tcp open https 465/tcp open smtps 587/tcp open submission 993/tcp open imaps 995/tcp open pop3s 3306/tcp open mysql
Thank you.

• 

  24x7server

  • January 17, 2018 04:42

  Hi, By default the bindings are like 0.0.0.0:2086 and etc, so it binds to all the IPs available on the server irrespective of what ethernet it is on.. If you want to have some IPs to not listen to these port, then it is better to use firewall to block the connection on that port for those IPs only. You can install CSF on your server and use /etc/csf.allow or /etc/csf.deny lists to disable it..

  0
• 

  Xhuljo Skendaj

  • January 17, 2018 15:51

  Hi, By default the bindings are like 0.0.0.0:2086 and etc, so it binds to all the IPs available on the server irrespective of what ethernet it is on.. If you want to have some IPs to not listen to these port, then it is better to use firewall to block the connection on that port for those IPs only. You can install CSF on your server and use /etc/csf.allow or /etc/csf.deny lists to disable it..

  
  yes i know that it binds 0.0.0.0 so i was thinking maybe there is a way to change that and set the ip not 0.0.0.0! that's the reason why i posted here because i want to use one extra ip for something else and not just blocking ports :/ !

  0
• 

  cPanelMichael

  • January 18, 2018 18:34

  Hello, The Reserved IP Address Editor interface allows you to configure Apache to ignore HTTP requests on certain IP addresses. Also, the system will not assign those IP addresses to new accounts: Reserved IP Address Editor - Documentation - cPanel Documentation For services other than Apache, consider using "WHM >> Host Access Control" to deny from all IP addresses except the ones you want to allow: Host Access Control - Documentation - cPanel Documentation Thank you.

  0

Please sign in to leave a comment.