How to disable cPanel URLs

Question

I use cPanel for hosting my website. I have noticed that if anyone who visits my website happens to be a web developer, he can always reach my cPanel Login page via mydomain.com:2082, mydomain.com/cpanel, etc.. It is better to not let the visitors know what control panel I use. I want to disable these URLs. To myself log in to cpanel, I will use the alternate URL provided by my Web Host which is something like a.myhost.com/cpanel.

As a work around, I also changed the main domain and added my main website as an addon domain. But even that didn't work and addondomain.com:2082 and addondomain.com/cpanel showed up the cpanel login and I was able to login there using cpanel username and password.

Please help me hide these pages from the public world. At least addondomain.com:2082 or addondomain.com/cpanel should throw a 404(preferable) or 403 or anything.

I use cPanel 11/x3.

Even my hosting provider is not able to help me with this. Anybody who know anything about this, or implemented this, please help me.

Thanks in advance....

Answer 1

Changing default cPanel port.

The cPanel port can be changed in /var/cpanel/cpanel.config file.

Just change port=2082 (located in the config file) to anything else.

Then running the following commands for the changes to take effect.

/usr/local/cpanel/whostmgr/bin/whostmgr2 --updatetweaksettings
/etc/init.d/httpd restart

Changing/removing default cPanel URLs.

For the /whm and /cpanel urls, remove/change these lines or similar matched lines located on the /usr/local/apache/conf/httpd.conf file:

 ScriptAliasMatch ^/?cpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
 ScriptAliasMatch ^/?webmail/?$ /usr/local/cpanel/cgi-sys/wredirect.cgi
 ScriptAliasMatch ^/?whm/?$ /usr/local/cpanel/cgi-sys/whmredirect.cgi

Then run the following commands for the changes to take effect.

 /usr/local/cpanel/bin/apache_conf_distiller --update
 /scripts/rebuildhttpdconf
 /etc/init.d/httpd restart

Source and more info

Answer 2

From a similar discussion raised on cPanel's Forums - "Changing cPanel URL?" (29 Nov 2010):

There is no way to change the port numbers for cPanel, the WebHost Manager or Webmail. The port numbers are hard-coded into cPanel and there is no configuration option that allows them to be changed.

Even if you edit the httpd.conf file and change the ScriptAlias directives that cause /cpanel, /webmail and /whm to work, they will still be accessible via ports 2082/2083, 2095/2096, and 2086/2087, respectively.

(With application, or package specific questions, your best port of call is initially their own forums/helpdesk rather than a general purpose community like StackOverflow.)

Answer 3

this can be easily done with TCP PORT filtering blocking.

Just filter out in iptables every 2082 (may be even 2083) TCP IN and you will have your cpanel port blocked.

You can reinstate it when needed adding an ALLOW directory to the same ports.

Please tell me if you need further help.

Answer 4

There are times you want to disable automatic to SSL connection while accessing WHM, cPanel, Webmail, so you can access cPanel/WHM via standard ports 2082 and 2086, this is pretty useful if you have SSL issue that's preventing you from loging into your server or cPanel account because it may unable to decrypt your stored password.

Login to WHM >> Tweak Setting >> Uncheck the following options under Redirection

Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc.

Also you have to uncheck the following option under Security in Tweak Settings.

Require SSL for all remote logins to cPanel, WHM and Webmail. This setting is recommended.

If you are unable to login to WHM backend, you can disable those options from the shell. SSH to the server as root.

SSH to your server as root

Open

# nano /var/cpanel/cpanel.config and set the following options to 0 (zero).

alwaysredirecttossl

requiressl

—-

alwaysredirecttossl=0

requiressl=0

—–

Save the file and exit.