Change cPanel default ports (2082-3 & 2086-7)

[awlaQ]

Hello people.

I need to change the default ports of cPanel, user ports (secure & insecure) and of course root ones too.

I search on Google + on this forum, I could find any accurate response.

Any tutorial ?

 

[storminternet]

I am afraid you can not change default ports for cPanel and WHM. Using access hosts control from WHM you can restrict access to all and allow only specific IPs for cPanel /WHM access.

 

[PlotHost]

Indeed, I don't think you can change the default port numbers.
http://forums.cpanel.net/f5/how-change-port-2086-2087-whm-109033.html

You can change the SSH port in etc/ssh/sshd_config

 

[awlaQ]

Already did change SSH default port, but there is a new exploit to root an updated server (Cpanel & OS).

This is why I need to edit Cpanel login ports.
is there any solution for a 2 fact authentification ? like SMS or something like this ?

 

[PlotHost]

You can restrict access to you server, as storminternet said.

As for the 2 factor auth , there is a feature request at Two-factor Authentication | cPanel Feature Requests
Also take a look here ... /https://rvglobalsoft.com/resources/

 

[JaredR.]

If you are aware of an exploit that could be used on cPanel servers, please send an e-mail to [email protected], as soon as possible. That goes directly to our security team, and they want to hear about any suspected security problem.

You can change the cPanel port by editing this line in /var/cpanel/cpanel.config:

port=2082

Then restart the cPanel service:

# /usr/local/cpanel/startup

The port= directive in /var/cpanel/cpanel.config sets the non-SSL port. The SSL port will be one higher than that (2083 instead of 2082, by default).

There is no way to change the WebHost Manager ports. No ability to change them exists in the product.

 

[awlaQ]

About security exploit, there are 3 I am aware of, one of them allow a hacker to root the server via bandmin service, browse your website this way : /http://website.com/bandwidth and if it ask for htaccess login, you can get hacked easily.

about the Two-factor, then can do it very easily, a simple Twilio/Nexmo api and will be solved.

how about restricting access to some IPs only ? I will use a vpn to login to my accounts, do you have any tutorial please ?

 

[JaredR.]

Again, please e-mail [email protected] if you think you have discovered any security problem in our product. That is the appropriate channel for reporting security concerns.

You can restrict access by IP address to the WebHost Manager, cPanel, Webmail, and other services by using Home » Security Center » Host Access Control. This is documented here:

http://documentation.cpanel.net/display/ALD/Host+Access+Control

It is not noted in the documentation, but you can also use Host Access Control to restrict access to SSH (daemon name sshd) and FTP (daemon name ftp), but only if you use ProFTPd. Pure-FTPd does not respect tcpwrappers so Host Access Control has no effect on Pure-FTPd.

 

[awlaQ]

Thank you Jared for the support,

I will forward the exploit to cpanel team, and will try your solution about IP restrictions.

Thank you and have a good day.