Skip to main content

Country Level Blocking

Harlequin
I've been using Security & Firewall - csf v10.05 to block users and it's working well but it's also blocking genuine users from accessing the websites. Is it possible somehow to ONLY block access to the WHM login but allow users to browse the sites on the server...?

Comments

5 comments

Date Votes
  • SysSachin
    Hello, You have to set allow/deny WHM access through Host Access Control area Login to WHM >> Host Access Control area whostmgrd YourIP allow whostmgrd all deny The allow line(s) must be above the deny ones or else you will block yourself out of WHM on the machine and need to edit /etc/hosts.allow in root SSH to unlock WHM Please refer documents for more information. Host Access Control - Documentation - cPanel Documentation
    0
  • Harlequin
    Thanks Given that my IP can change that doesn't sound like the best solution as I could in theory end up locking myself out of my own server. Will it allow for wildcards...? "1.2.%" for example...?
    0
  • cPanelMichael
    Hello, If you prefer to use the Host Access Control option in Web Host Manager, then you could add a netmask to allow from specific IP ranges. For example, 192.168.0.0/255.255.255.0, where 255.255.255.0 is the desired network mask you want to use. This is documented at: Host Access Control - Documentation - cPanel Documentation Thank you.
    0
  • Harlequin
    I've added 2 step authentication and it's working perfectly fine. However, I still get the LFD failures. For example: Time: Tue Apr 11 18:46:34 2017 +0100 IP: 81.199.16.113 (UG/Uganda/81.199.16.113.satcom-systems.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block Log entries: Apr 11 18:46:23 serv sshd[23741]: Invalid user admin from 81.199.16.113 Apr 11 18:46:23 serv sshd[23741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.199.16.113 Apr 11 18:46:25 serv sshd[23741]: Failed password for invalid user admin from 81.199.16.113 port 3561 ssh2 Apr 11 18:46:28 serv sshd[23741]: Failed password for invalid user admin from 81.199.16.113 port 3561 ssh2 Apr 11 18:46:30 serv sshd[23741]: Failed password for invalid user admin from 81.199.16.113 port 3561 ssh2
    0
  • cPanelMichael
    Hello @Harlequin, The output you provided shows failed SSH access attempts. Two-Factor authentication does not apply to SSH. You may want to consider modifying your SSH configuration settings (e.g. changing the default SSH port) per the instructions at: [Tutorial] Interested in increasing the security of your server? Read this. (sshd hardening) Thank you.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post