Skip to main content

Change cPanel default ports (2082-3 & 2086-7)

Comments

8 comments

  • storminternet
    I am afraid you can not change default ports for cPanel and WHM. Using access hosts control from WHM you can restrict access to all and allow only specific IPs for cPanel /WHM access.
    0
  • PlotHost
    Indeed, I don't think you can change the default port numbers.
    0
  • awlaQ
    Already did change SSH default port, but there is a new exploit to root an updated server (Cpanel & OS). This is why I need to edit Cpanel login ports. is there any solution for a 2 fact authentification ? like SMS or something like this ?
    0
  • PlotHost
    You can restrict access to you server, as storminternet said. As for the 2 factor auth, there is a feature request at [url=http://features.cpanel.net/responses/two-factor-authentication-is-a-must]Two-factor Authentication | cPanel Feature Requests Also take a look here ... /https://rvglobalsoft.com/resources/
    0
  • JaredR.
    If you are aware of an exploit that could be used on cPanel servers, please send an e-mail to security@cpanel.net, as soon as possible. That goes directly to our security team, and they want to hear about any suspected security problem. You can change the cPanel port by editing this line in /var/cpanel/cpanel.config: port=2082
    Then restart the cPanel service: # /usr/local/cpanel/startup
    The port= directive in /var/cpanel/cpanel.config sets the non-SSL port. The SSL port will be one higher than that (2083 instead of 2082, by default). There is no way to change the WebHost Manager ports. No ability to change them exists in the product.
    0
  • awlaQ
    About security exploit, there are 3 I am aware of, one of them allow a hacker to root the server via bandmin service, browse your website this way : /http://website.com/bandwidth and if it ask for htaccess login, you can get hacked easily. about the Two-factor, then can do it very easily, a simple Twilio/Nexmo api and will be solved. how about restricting access to some IPs only ? I will use a vpn to login to my accounts, do you have any tutorial please ?
    0
  • JaredR.
    Again, please e-mail security@cpanel.net if you think you have discovered any security problem in our product. That is the appropriate channel for reporting security concerns. You can restrict access by IP address to the WebHost Manager, cPanel, Webmail, and other services by using Home " Security Center " Host Access Control. This is documented here:
    0
  • awlaQ
    Thank you Jared for the support, I will forward the exploit to cpanel team, and will try your solution about IP restrictions. Thank you and have a good day.
    0

Please sign in to leave a comment.