Introduction

This guide provides a basic example for blocking access to WHM for all IP addresses except the specific IPs that you allow from the "Host Access Control" interface in WHM.

Before making changes in this interface, you must ensure that you know how to access your server via the console. If this interface is configured incorrectly, you can completely block yourself from accessing the server. In the event that you have completely blocked yourself from accessing the server, you would need to regain access by using console access. Obtaining and using console access is not supported by cPanel because it is configured and provided by your hosting provider or systems administrator.

 

Procedure

  1. Log into WHM as the ‘root’ user.
  2. Navigate to "Home / Security Center / Host Access Control."
  3. Remove all existing rules unless you know exactly how they will interact with the rules outlined in this guide.
  4. Enter 2087 in the "Port" textbox.
  5. Enter your IP address or subnet in the "IP Address/CIDR" textbox.
  6. Ensure that TCP is selected in the "Protocol" dropdown menu.
  7. Select ACCEPT from the "Action" dropdown menu.
  8. Click the "Add Rule" button.
  9. Enter 2087 in the "Port" textbox.
  10. Enter ALL in the "IP Address/CIDR" textbox.
  11. Ensure that TCP is selected in the "Protocol" dropdown menu.
  12. Select REJECT from the "Action" dropdown menu.
  13. Click the "Add Rule" button.

 

Additional resources

Host Access Control: Allow or deny access

What does "console access" mean?

How to deny access to WHM via Host Access Control on Ubuntu