Firewall Exceptions For cPanel Server
Hi all
I'm kind of struggling with setting up my cPanel server due to our strict network security standards. We currently have a live website that is hosted on cPanel and we occasionally run into problems due to our network firewall blocking some of the traffic.
I have raised several tickets with cPanel Support but it looks like they are not willing to assist due to our strict requirements. Some of these requirements are as follows.
1. cPanel License and Repository IPs: We cannot grant the server full access to the internet (even though it's in our DMZ). We have to specify a range of IPs that the server has to access. This has caused us issues become the server has to access cPanel servers for license validations and downloading repositories. What we asked from cPanel, which we obviously did not get, was for them to provide the IPs that host these required services (License, Repos). If there's anyone in this forum who has faced similar issues or with information about these IPs, please assist.
2. cPanel Support IPs: Our security policy is that we only allow specific IPs access to the server via SSH.
3. IPs needed for Installation: We are also setting up a new environment and struggling with installation due to reluctance of cPanel to provide us with IPs that the server needs to connect to doe the installation to complete without errors. Currently the installation process would halt half way due to the firewall blocking some of the connections which are not exempted in the policy
-
It seems to me that you are blaming cPanel support for failing to support you with a security configuration that may in fact not be compatible with how cPanel works. I can see no other reason for cPanel being unable to assist you. How to Configure Your Firewall for cPanel Services - cPanel Knowledge Base - cPanel Documentation Grant cPanel Support Access - Documentation - cPanel Documentation 0 -
Hi all I'm kind of struggling with setting up my cPanel server due to our strict network security standards. We currently have a live website that is hosted on cPanel and we occasionally run into problems due to our network firewall blocking some of the traffic. I have raised several tickets with cPanel Support but it looks like they are not willing to assist due to our strict requirements. Some of these requirements are as follows. 1. cPanel License and Repository IPs: We cannot grant the server full access to the internet (even though it's in our DMZ). We have to specify a range of IPs that the server has to access. This has caused us issues become the server has to access cPanel servers for license validations and downloading repositories. What we asked from cPanel, which we obviously did not get, was for them to provide the IPs that host these required services (License, Repos). If there's anyone in this forum who has faced similar issues or with information about these IPs, please assist. 2. cPanel Support IPs: Our security policy is that we only allow specific IPs access to the server via SSH. 3. IPs needed for Installation: We are also setting up a new environment and struggling with installation due to reluctance of cPanel to provide us with IPs that the server needs to connect to doe the installation to complete without errors. Currently the installation process would halt half way due to the firewall blocking some of the connections which are not exempted in the policy
I cannot see why you would want to use cPanel in such a strict environment. Needless to say, simply ask cPanel which IP addresses you need to whitelist in your firewall to allow access to / from their servers.0 -
Hello @Loneweaver, The following document is available to help you to configure your firewall: How to Configure Your Firewall for cPanel Services - cPanel Knowledge Base - cPanel Documentation As far as which cPanel update server IP addresses to whitelist, you can find a recent list of mirrors by running a command like this on your system: dig +short httpupdate.cpanel.net
For the license servers, you can use a similar command:dig +short auth.cpanel.net
A list of IP addresses used by our Technical Support Department is available at: Grant cPanel Support Access - Documentation - cPanel Documentation Let us know if you have any additional questions. Thanks!0
Please sign in to leave a comment.
Comments
3 comments