Change cPanel default ports (2082-3 & 2086-7)
Hello people.
I need to change the default ports of cPanel, user ports (secure & insecure) and of course root ones too.
I search on Google + on this forum, I could find any accurate response.
Any tutorial ?
-
I am afraid you can not change default ports for cPanel and WHM. Using access hosts control from WHM you can restrict access to all and allow only specific IPs for cPanel /WHM access. 0 -
Already did change SSH default port, but there is a new exploit to root an updated server (Cpanel & OS). This is why I need to edit Cpanel login ports. is there any solution for a 2 fact authentification ? like SMS or something like this ? 0 -
You can restrict access to you server, as storminternet said. As for the 2 factor auth, there is a feature request at [url=http://features.cpanel.net/responses/two-factor-authentication-is-a-must]Two-factor Authentication | cPanel Feature Requests Also take a look here ... /https://rvglobalsoft.com/resources/ 0 -
If you are aware of an exploit that could be used on cPanel servers, please send an e-mail to security@cpanel.net, as soon as possible. That goes directly to our security team, and they want to hear about any suspected security problem. You can change the cPanel port by editing this line in /var/cpanel/cpanel.config: port=2082
Then restart the cPanel service:# /usr/local/cpanel/startup
The port= directive in /var/cpanel/cpanel.config sets the non-SSL port. The SSL port will be one higher than that (2083 instead of 2082, by default). There is no way to change the WebHost Manager ports. No ability to change them exists in the product.0 -
About security exploit, there are 3 I am aware of, one of them allow a hacker to root the server via bandmin service, browse your website this way : /http://website.com/bandwidth and if it ask for htaccess login, you can get hacked easily. about the Two-factor, then can do it very easily, a simple Twilio/Nexmo api and will be solved. how about restricting access to some IPs only ? I will use a vpn to login to my accounts, do you have any tutorial please ? 0 -
Again, please e-mail security@cpanel.net if you think you have discovered any security problem in our product. That is the appropriate channel for reporting security concerns. You can restrict access by IP address to the WebHost Manager, cPanel, Webmail, and other services by using Home " Security Center " Host Access Control. This is documented here: 0 -
Thank you Jared for the support, I will forward the exploit to cpanel team, and will try your solution about IP restrictions. Thank you and have a good day. 0
Please sign in to leave a comment.
Comments
8 comments