Restrict WHM to a specific computer
Is there a way to restrict WHM, SSH, and FTP to approved computers? Not by IP, but by installing a certificate on the computer or something?
I'm using mobile internet at home, and realized that my IP changes pretty much daily. Last week the range was 172.58.0.0/16, then yesterday morning it was 207.246.66.0/32, and then last night and today it"s 162.210.0.0/16. There's just no common variable, so I can't use Host Access Control.
-
I don't think it is possible. 0 -
If you use DynDNS or a provider like that which provides a hostname (subdomain) for your ever changing IP then it might be possible to restrict access by hostname(subdomain) instead of IP. 0 -
I also don't have a good suggestion for this either. Host Access Control would be my recommendation, but if the IP address is that dynamic where it changes each day, that won't be a good option. 0 -
DynDNS sounds like maybe the right direction... it's $50 /year, though, so not exactly ideal. But if nothing else works then that might be $50 now to save myself hours of headaches down the road... 0 -
I have this same issue, where my home IP is dynamic, however, my office IP is static. So I created a VPN into the office, so now my home IP can be the same IP as the office (when I need it) Then restrict access via HAC. If you do go down the Host Access Control route, I would strongly suggest contacting your data centre and obtaining their IP addresses. In the event that you somehow find yourself locked out, they will have a back door. 0 -
Shorewall can filter by MAC address and it looks like some users have tried to get it to work with cPanel, with some success. 0 -
I'm making a poor-boy's workaround... First, for each domain, I created this at /etc/apache2/conf.d/userdata/ssl/2_4/[account]/[domain.com]: RewriteEngine on RewriteCond %{REQUEST_URI} /(?:phpMyAdmin|cpanel|frontend|3rdparty|whm|configserver)/ [NC,OR] RewriteCond %{SERVER_PORT} ^208[37]$ RewriteCond %{HTTP_COOKIE} !cookie_name=specific_value; RewriteRule ^ - [F]
Then I created a PHP script in the /www/ directory that sets a persistent cookie with the corresponding name and value. After the appropriate device has loaded the cookie, I manually delete that script. This doesn't restrict FTP, of course, and it's a little bit of work, but at least it adds another layer of security.0
Please sign in to leave a comment.
Comments
7 comments