host access control with almalinux
Just migrated from centos to almalinux. I want to setup host access control same as I had before, but notice the interface is completely different. I found mention at https://docs.cpanel.net/whm/security-center/host-access-control/ that with almalinux you use ports and it references the ports section at https://docs.cpanel.net/knowledge-base/general-systems-administration/how-to-configure-your-firewall-for-cpanel-services/#ports to set this up. Problem is... this is still not clear to me based on my previous settings using centos.
What would be the conversion for host access control going from centos to almalinux for the following services?
sshd
whostmgrd
cpaneld
For example, there are multiple entries listed in the ports section mentioned above for 'cpanel'... so what is the conversion for each of the services I mentioned above from my old settings?
-
Hey there! I'm not sure there is going to be a direct conversion from the old settings. Can you provide me with a specific service and setting you're trying to adjust and then I can get you an example?
0 -
Thanks for the reply... I listed them in my post :
sshd, whostmgrd, cpaneld
is what they were labled as when using centos in whm... I'm not sure what ports, tcp/upd, etc those correlate to when using almalinux to set it back up the same way.
0 -
Oooh, got it!
The defaults for those are 22, 2087, and 2083, respectively.
0 -
Thank you! TCP only for them I assume right?
0 -
Yes, you wouldn't need any other traffic than TCP on those ports. For more specifics about the ports required for cPanel you can check our guide here:
0 -
Also, I'm getting an error message saying 'IP addresses must be a valid v4 or v6 address' when entering comma-separated ips in the field. https://docs.cpanel.net/whm/security-center/host-access-control/ says it accepts comma-separated ips.
0 -
Could you post a screenshot of the error from your interface?
0 -
0
-
Do you have a space between the comma and the one? If so, try it without the space.
0 -
I've tried both ways (with and without space) and both give the same error.
0 -
It seems like this is a known issue - I'm reaching out to our team to see if I can get a status update on an existing case.
0 -
That would be great - thank you!
0 -
I never did hear back on this issue today so I'm hopeful that I'll have more news tomorrow for you!
0 -
We are tracking this issue through case CPANEL-41527 with our team, and hope to have a resolution on that soon!
0 -
Thank you. I'll be keeping an eye on this thread.
0 -
Just came across this which I had not seen before originally posting - https://support.cpanel.net/hc/en-us/articles/8872855901591-Host-Access-Control-on-Alma8-CL8-does-not-accept-comma-separated-lists-of-IPs
That is from ~2 years ago so looks like listing each individually is the way to go for now since this doesn't seem to be a priority.
0 -
Update - it looks like we're going to be updating the docs and interface to say that this doesn't work properly.
0 -
cPRex - Thanks for the update!
0 -
Sure thing!
0
Please sign in to leave a comment.
Comments
19 comments