Question On Locking Down SSL Listening Port to specific IP addresses

biggjoe

• November 08, 2015 00:00

Hey Everyone, I have sort of a weird question for you all: I currently have a Dedicated Server running WHM & cPanel. For this particular server, I'm not reselling Web Hosting, but rather I'm running a variety of web applications on their own cPanel account. For each of these, I use Softaculous to install them and each has their own dedicated IP address. Since Apache is running on this Server and is being controlled by WHM, by default whatever port I set SSL connections to, will impact all of my cPanel accounts. One particular application that does not rely on Apache ended up having to be installed at the root level due to its design and therefore, I couldn't jail it to its own cPanel account. So now, it listens for connections on the Dedicated Server's Main IP address. So here lies the issue that I'm having. I need to be able to have all of my web applications listen for SSL connections on Port 443. Like I said ALL of my web applications rely on Apache EXCEPT for one. If I go into here: WHM ===>> Server Configuration ===>> Tweak Settings ===>> System ===>> Apache SSL Port ... here is where the port is set to Port 443. The issue is that if I leave Apache's SSL listening port at port 443, my other specialized web application won't start because it will detect that port 443 is already in use. Now, I see that I can easily lock-down Apache to only listen on 1 IP address. So here's my question: Is there a way that instead of locking down Apache to only listen on 1 ip address on port 443, is there a way that I can lock it down to listen to more than one ip address? Say 2, 3 or 4 ip addresses? If this cannot be done via WHM, can it be done through SSH? Or is there a way that it can listen for SSL connections on port 443 on all ip addresses, and just EXCLUDE 1 ip address? Thank you in advance for your help. BJ

• 

  cPanelMichael

  • November 09, 2015 01:51

  Is there a way that instead of locking down Apache to only listen on 1 ip address on port 443, is there a way that I can lock it down to listen to more than one ip address? Say 2, 3 or 4 ip addresses?

  
  Hello :) Is the Apache Reserved IP option helpful? It's found at: "WHM Home " Service Configuration " Apache Configuration " Reserved IPs Editor" Thank you.

  0
• 

  biggjoe

  • November 09, 2015 02:50

  cPanelMichael, That's it, it worked!!!! Thank you!!!!!!!!!!!!!!!!!!!!!!!!!!!! BJ

  0
• 

  cPanelMichael

  • November 09, 2015 03:02

  I'm happy to see that option helped. Thank you for updating us with the outcome.

  0
• 

  clusters

  • November 20, 2015 07:18

  Ok, pardon me for hijacking this thread. I tried that but it reserved for both the non-SSL and SSL port. How do I go about doing it for just the SSL port?

  0
• 

  cPanelMichael

  • January 18, 2016 01:57

  Ok, pardon me for hijacking this thread. I tried that but it reserved for both the non-SSL and SSL port. How do I go about doing it for just the SSL port?

  
  You could modify the "Listen" entries in the httpd.conf file directly per the instructions at: Advanced Apache Configuration - EasyApache - cPanel Documentation Thank you.

  0

Please sign in to leave a comment.