Anyone else disappointed cPanel techs won't touch your firewall?
Just wondering if anyone else is annoyed that cPanel techs won't touch your firewall?
-
Hey there! cPanel tech here :D Yes, it can be annoying, but we really don't want to be the reason a perceived security issue happens, or get blamed for making a server unresponsive. So that's the "why" behind that rule. 0 -
It just left me paying money to get my FTP to work. I could barely get a suggestion out of them. 0 -
I read the articles and could not figure out why the ports were not opened up. But the tech said they weren't. If I were confident enough to touch my own nft tables I would have. 0 -
This sounds like a perfect case where hiring a professional isn't a bad idea. It's no different than any other service - plumbing, electrical work, auto maintenance - no everyone knows everything about everything. If you're not confident in performing the work yourself, there's zero shame in asking or hiring someone. 0 -
Nope - we don't automatically open up ports, so that change will stick. 0 -
Nope - we don't automatically open up ports, so that change will stick.
I have read reports of others who removed a port(s) from the cPanel service xml file but later it was re-added by an update. I'm almost 100% that happened on one of my servers also. (No offense, it IS cPanel's file. ;) ) My solution instead is to add a rich rule that overrides the port(s) in the cPanel service xml file. Example: # firewall-cmd --permanent --add-rich-rule='rule port port=110 protocol=tcp reject' # firewall-cmd --reload0
Please sign in to leave a comment.
Comments
9 comments