make cpHulk ignore certain services?
Hi all,
I would like cpHulk not to block access to IMAP/POP mail services.
I only want certain PC's to be able to authenticate for cPanel, ssh, etc.., but I want to be able to check my e-mail from anywhere. At the moment, if I try to access e-mail from IP range in blackllist, I get authentication error.
Thanks,
Rudolf
-
Host Access Control, will allow you to restrict access to Cpanel, WHM, SSH etc. I find that this solution works better from me than CPHulk. Create rules in Host Access Contol to allow IP's to the services you want to give them access to, and deny everyone else. Host access control will also allow subnets, so for instance my ISP at home is dynamic IP, so I have class c's configured. Do not blacklist your IP range in CPhulk, and this may give you the features you require. I can access CPANEL, WHM, SSH, FTP from work and home, but from no where else. No one else can access these as Host Access Control has denied it. I can access email from anywhere in the world. 0 -
Hello :) It's not possible to disable or enable cPHulk on a per-service basis. You could try using other options to manage access such as CSF or the host access control option: Host Access Control - Documentation - cPanel Documentation Thank you. 0 -
I often use my mobile to access e-mails. It is not practical to white list IP ranges of mobile operators. In addition, I travel to China often. And all of China IPs' are blocked by cpHulk, as I see lots of hack attempts from there. I would still like to access my e-mails when I travel. Rudolf 0 -
Just a thought -- is there a way to "whitelist" a device rather than IP? Perhaps by exchanging security keys. I always use same PCs/phone to log in. Thanks, Rudolf 0 -
I can access my emails from anywhere in the world. However, services like WHM, SSH, FTP & Cpanel are restricted to just a handful of IP's. 0 -
New Just a thought -- is there a way to "whitelist" a device rather than IP?
There's no such feature, but you are welcome to submit a feature request for this via: Submit A Feature Request Thank you.0 -
I can access my emails from anywhere in the world. However, services like WHM, SSH, FTP & Cpanel are restricted to just a handful of IP's.
I assume you blacklisted all IPs and whitelisted the ones that are allowed in. In my case, attempt to login to check e-mails fail when done from blacklisted IP. Perhaps e-mail authentication should be configured differently? Thanks, Rudolf0 -
I have no IP blacklist for emails. However, I do have a csf rule for failed email logins which is 3 attempts and your ip is blacklisted. This works great, with my current csf blacklist file being about 5-6 weeks before rotation. In effect blacklisting for about 6 weeks before they get another go. Whilst to anyone outside of my environment might think that this is suicidal, there is method in my madness. All my email users are office based with no requirement for webmail, and no access to change anything within thier email client. So in theory, they can never get the email password wrong. Besides, if they did, our static IP is whitelisted anyway so no one else would be affected. The bosses have mobile email on thier phones/laptops/tablets, but none of them are not tech savvy enough to know that they even have a password, which just leaves little old me as the single point of failure. In Host Access Control I have the following entries (assume xxx is an ip address) All xxx.xxx.xxx.xxx Allow All xxx.xxx.0.0/255.255.0.0 Allow (this is my home isp dynamic rance of ip's) All All Deny plus a few other entries for cpanel techs and my datacentre staff 0
Please sign in to leave a comment.
Comments
8 comments