Introduction
How To Whitelist cPanel Support's IP Addresses In WHM's "Host Access Control" Setting?
Procedure:
Host Access Control for Ubuntu®, CentOS 7, CloudLinux 7, and RHEL 7 and earlier versions
- Visit "WHM / Security Center / Host Access Control" to add a new rule. This rule must be above any DENY or REJECT rules for WHM.
- In the "Rule" section, add the following entries:
- Daemon: ALL
- Access List: 184.94.197.2,184.94.197.3,184.94.197.4,184.94.197.5,184.94.197.6,208.74.123.98
- Action: ALLOW
- Comment: "cPanel Support IPs" - From the bottom of the page, select "Save Host Access List."
Alternatively, you can use the following commands to add these rules via the command line:
sed -i '1s/^/sshd : 184.94.197.2 , 184.94.197.3 , 184.94.197.4 , 184.94.197.5 , 184.94.197.6 , 208.74.123.98 : allow\n#cPanel Support IPs\n/' /etc/hosts.allow && systemctl restart sshd
Host Access Control for AlmaLinux OS 8 and later versions, Rocky Linux™ 8 and later versions, and CloudLinux 8 and later versions
- Visit "WHM / Security Center / Host Access Control" to add a new rule. This rule must be above any DENY or REJECT rules for WHM.
- In the "Rule" section, add the following rules:
- Port: 22
IP Address/CIDR: 184.94.197.2/31
Protocol: TCP
Action: ACCEPT - Port: 22
IP Address/CIDR: 184.94.197.4/31
Protocol: TCP
Action: ACCEPT - Port: 22
IP Address/CIDR: 184.94.197.6/32
Protocol: TCP
Action: ACCEPT - Port: 22
IP Address/CIDR: 208.74.123.98
Protocol: TCP
Action: ACCEPT
- Port: 22
- Once the rules are added, they will take effect immediately
Alternatively, you can use the following commands to add these rules via the command line:
nft add rule inet filter cPanel-HostAccessControl ip saddr 184.94.197.2-184.94.197.6 tcp dport 22 accept
nft add rule inet filter cPanel-HostAccessControl ip saddr 208.74.123.98 tcp dport 22 accept
