Deploy cPanel on AWS behind ALB and CloudFront / AdvancedShield
Hello,
Is it possible to deploy a cPanel solution on AWS behind services like AdvancedShield / CloudFront and ALB to improve security during access from internet to the application.
Are there blueprint architectures that we can follow for AWS deployments?
-
Hey there! This might be a better question for AWS as I'm not personally familiar with all of their offerings. We do have ready-made images available on the AWS platform that you can see here: https://aws.amazon.com/marketplace/seller-profile?id=0cd0aa0a-daa0-4b57-9bc5-dfffec41e1da
0 -
Hi, that does not map to my requirement, but good to know we have something in AWS marketplace.
I have an architecture which prevents me enable direct access from internet to web servers and static IP addresses for web servers. I rely on DNS names instead of a direct static IP
I am also a bit surprised to hear from some colleagues that I have to open DNS related ports as well to public internet.
0 -
I have the same question. One issue is that cPanel requires a static IP for licensing purposes.
If that's the only issue maybe the solution is to register the ALB behind a Network Load Balancer. The static IP address that's assigned to a Network Load Balancer doesn't change.
As the local IP of the server doesn't change, the NAT should still work - although I'm not sure if the change in the ALB's IP - which sits between the cPanel server and the NLB - could cause problems.
This seems to be unchartered territory.
0
Please sign in to leave a comment.
Comments
3 comments