What should iptables config be?
Since a week ago I have not been able to access WHM and cPanel via the usual ports from any location (not ISP blocked). I can access via the whm. and cpanel. urls and via ssh.
It looks like iptables is turned on with a default configuration that does not allow the cPanel ports.
I originally installed cPanel on CentOS with chkconfig iptables off and service iptables stop as recommended and has been working ok for years.
Does the standard cPanel install leave iptables turned off or configure it to allow access?
How have I now got a default iptables configuration active without having made any changes via shell or WHM?
-
Hello, There is no default iptables rules for cPanel server. You will have to enable following port in your server firewall so that you will not get any issues when iptables is started on your server 2082 cPanel TCP inbound 2083 cPanel SSL TCP inbound 2086 WHM TCP inbound 2087 WHM SSL TCP inbound 2089 cPanel license TCP outbound 2095 Webmail TCP inbound 2096 Webmail SSL TCP inbound
0 -
[QUOTE]There is no default iptables rules for cPanel server.
After a standard cPanel install, is iptables left switched off? If so how has it switched back on? Would an automatic software update have caused that?0 -
Hello, cPanel does NOTHING with a firewall. We do absolutely zero configuration for that. So what ever firewall you have installed at the time of the OS install is what you're using. Please type the following: iptables -L -n --line-numbers | grep :208
That should list all rules with ports in the 208x range (2082-2087... etc...) And their current status: ACCEPT or DROP0 -
[QUOTE]what ever firewall you have installed at the time of the OS install is what you're using
I originally installed cPanel on CentOS with chkconfig iptables off, as per the installation instructions, so have I been using the server for years with it off? Is that recommended? If it was off, how has it switched back on? No one has done that manually.0 -
Most likely you were running bare.. You should try to install csf firewall. 0 -
Given that I can access WHM and cPanel using the whm. and cpanel. https urls, is there any problem with not having the custom ports open? My iptables now appears to be the original CentOS default which allows all the standard ports. I suspect a recent automatic reboot reinstalled that. 0 -
[quote="marklewis, post: 1705232">Given that I can access WHM and cPanel using the whm. and cpanel. https urls, is there any problem with not having the custom ports open?
The cPanel ports are open for traffic if you are able to access them without the use of the proxy subdomains feature. I suggest using a firewall management utility such as CSF to help manage your firewall rules. Thank you.0
Please sign in to leave a comment.
Comments
7 comments