Skip to main content

Help with locking WHM URL access visibility to the (hostname) domain

Comments

3 comments

  • cPanelLauren
    There's no native way to do this, and it isn't done normally because resellers will typically access their WHM with their domain name. Either way a hacker finding the login screen wouldn't grant access automatically and with just the minimal protection of brute force protection you are relatively secure, though this is why most people choose to lock WHM down to 1 IP or a group of IP's - removing their ability to even reach WHM to begin with.
    0
  • keat63
    As per @cPanelLauren locking WHM down to a handful of IP's is probably the way to go. I think this should work Using Host access control, allow your own IP (and any trusted others) against the WHM service. Then as a final entry, deny all against WHM You need to ensure that your allow entries are before the deny entry
    0
  • philsward
    Thanks for the feedback. I didn't think about the reseller aspect as I am the sole user of the server, so it makes sense to keep it open from a reseller perspective. That said, since I am the only one managing the server, I hoped to lock out unnecessary ways to access the server. I probably won't go the IP whitelist route simply because the overhead of maintaining dynamic IPs (rotating ISP IPs) is too great.
    0

Please sign in to leave a comment.