1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How Can I Protect My WHM/cPanel folder?

Discussion in 'BlackHat Lounge' started by wokaka, Jun 6, 2011.

  1. wokaka

    wokaka Senior Member

    Joined:
    Apr 1, 2010
    Messages:
    866
    Likes Received:
    230
    hi guys..

    i know we can simply redirect wp-admin folder to something random and that's of course necessary. Im curious though if there's any way we can protect our whm/cpanel folder? Because anyone can see the login box at mydomain.com/cpanel, that's a bit unsafe.

    I have asked my web host about this anyway (i have a vps host) and they said it's impossible to do so. Anyone of you are able to get around this or you simply ask them to remove the whm/cpanel? If yes, then how you are able to edit things if you need the whm?

    Sorry for my noobish question, im still not that familiar with security stuffs but i was once hacked last year. Not sure how he did it but my web host back then told me there were a lot of attacks (brute force and even ddos), we tried to fix the security stuffs but it didnt really help. Just few weeks later i lost that whm account and he deleted all my files there.

    Atm nobody attacks me of course but im just curious how do we get around this? Im sure if nobody knows how to access to cpanel/whm login box, it'd be safer at least.
     
  2. sirgold

    sirgold Supreme Member

    Joined:
    Jun 25, 2010
    Messages:
    1,260
    Likes Received:
    645
    Occupation:
    Busy proving the Pareto principle right
    Location:
    A hot one
    Search for .htaccess and how to set up apache with it. You will be able to create specific rules to redirect visitors that are not coming from your hmm let's say IP, IP range or maybe a secret referrer only you know. You can forge it and if the rule is matched you will be presented with the current location, if not, the casual visitor will be redirected somewhere else. With htaccess (simple text file) you can do this and more. HTH!
     
  3. wokaka

    wokaka Senior Member

    Joined:
    Apr 1, 2010
    Messages:
    866
    Likes Received:
    230
    i know .htaccess but never knew it could redirect visitors coming to my whm/cpanel folder...thanks, i will search for it
     
  4. No.RuleZ

    No.RuleZ Elite Member

    Joined:
    Jul 23, 2010
    Messages:
    1,732
    Likes Received:
    358
    can we change the domain.com/cpanel to domain.com:port?