homepage Welcome to WebmasterWorld Guest from 54.167.182.201
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Search Engines / Search Engine Spider and User Agent Identification
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL

Search Engine Spider and User Agent Identification Forum

    
Does IP Range Block Via WHM Blacklist Block Same IP Ranges at cPanel
Does IP Block at WHM BruteForce Level Filter Down to Unique Domains on VPS?
Webwork

WebmasterWorld Administrator webwork us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4637172 posted 10:33 pm on Jan 13, 2014 (gmt 0)

I've searched the WWW for an answer but I'm not finding it. Maybe I'm not asking the right question.

I can blacklist a range of IP addresses in Web Host Manager (WHM) via Home Security Center cPHulk Brute Force Protection >> Whitelist/Blacklist Management.

I just blocked most of Russia's IP ranges are nothing good seems to originate in .ru.

Having blocked RU's IP ranges at the WHM level do I still need to enter those addresses on my VPS at the cPanel level for each unique domain/website hosted on the VPS?

I SO hope that the block at WHM level "flows down" buuuttt . . I'm thinking that the settings may only effect efforts to hack the server's root/login.

If not via Brute Force Protection listing what is/are the way(s) of blocking IP ranges at the server level (VPS) so I don't have to set up redundant IP blocking via each website's cPanel?

Thanks. A LOT. I hope . . ;)

 

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4637172 posted 3:22 am on Jan 14, 2014 (gmt 0)

Moct of the CP's used malformed syntax to deny IP's (there are many very old references in the archives to this).

Do you have an .htaccess file in the VPS root above all the domains and their directory structures?

keyplyr

WebmasterWorld Senior Member keyplyr us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4637172 posted 4:38 am on Jan 14, 2014 (gmt 0)

Don't know about you specific panel features.

At VPS server level yes a htaccess will do the job, but it is better to use the htconfig file. Much more robust and manageable.

[httpd.apache.org...]

Webwork

WebmasterWorld Administrator webwork us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4637172 posted 6:06 am on Jan 14, 2014 (gmt 0)

Thanks for the replies.

Do you have an .htaccess file in the VPS root above all the domains and their directory structures?


I've been nothing but a GUI VPS server admin, i.e., have never touched anything by command line.

I just examined all the GUI options and I cannot find a darned thing that will allow me to either view or alter a server level .htaccess OR .config file.

It appears I MAY be able to access the VPS's .htaccess and/or .config file but I first have to ask the NOC (@ ServInt) to enable SSH access. Once they do I'll still be a bit of a child lost in the dark and scarey forest. ;)

Suggestions?

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4637172 posted 7:03 am on Jan 14, 2014 (gmt 0)

Is this an Apache system? Presumably yes, since the words "config" and "htaccess" are floating around, but you never actually say. In most areas of Apache, everything is inherited. So behavior that happens at the top level (for everything living on the server) will trickle down to all lower levels (a single sub-subdirectory of one domain living on the same server).

If you really don't have the power to edit either the htaccess or the config file directly ... how dearly do you love your host in other respects? An htaccess file is either present or not; you can see it when you ftp-or-equivalent into your site.

When you change things via your GUI thingie, do changes take effect instantly? Someone will need to explain (to me, that is) how that works if there's no htaccess involved. You're not restarting the server every time you edit one thing are you?

I've been nothing but a GUI VPS server admin, i.e., have never touched anything by command line.

Apples and oranges. I won't touch command-line stuff with a barge pole if I can possibly help it. But Apache has a fairly shallow learning curve. So you can learn how to do one thing, and just do that one thing until you learn how to do a second thing.

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4637172 posted 8:34 am on Jan 14, 2014 (gmt 0)

I've been nothing but a GUI VPS server admin, i.e.,


have never touched anything by command line.


Neither keyplr or myself introduced this term, however and generally speaking htaccess or config are not edited via any commnand line methods.


how dearly do you love your host in other respects?


lucy,
it's not his host, rather he's an administrator with restricted access (see first quote), possible not even to htaccess or config.

Webwork

WebmasterWorld Administrator webwork us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4637172 posted 4:30 pm on Jan 14, 2014 (gmt 0)

Apache http server.

From the homepage of my root login to the VPS WHM control panel:

CENTOS 6.5 i686 virtuozzo my
WHM 11.40.1


ServInt's docs suggest I can login for the purpose of making changes to config file:

[url]https://knowledgebase.servint.net/questions/692/How+do+I+log+into+my+VPS+as+root+via+SSH%3F[/url]

I guess the easier path to understanding "what's possible" (Can I alter .htaccess or .config?) may be to ask their NOC directly. I was hoping there was an answer to the question as initially posed:

Does IP Block at WHM BruteForce Level Filter Down to Unique Domains on VPS?


It would seem redundant to have to block IP addresses at multiple levels . . so I thought it possible that the block at the VPS level would "filter down" to effectively/automatically block the same IP ranges for any website I set up on the VPS with a seperate cPanel.

IF I use a blacklist to deny access to the server is that only a block to "logins as root" or does a WHM blacklist of IPs ALSO - or effectively - blacklist and block those same IP addresses from entering the server "by any means": acessing a separate hosted site's public_html, mail svcs, etc.

Webwork

WebmasterWorld Administrator webwork us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4637172 posted 4:45 pm on Jan 14, 2014 (gmt 0)

From cPanel documentation: [docs.cpanel.net ]


Overview

Brute force is an attack (hacking) method that involves using an automated system to guess the password to your web server or services. cPHulk provides protection against brute force attacks.

ALERT! Important: cPHulk will not protect POP3 or IMAP against IP-based brute force attacks if you use the Courier mailserver. Courier does not log the IP addresses of failed POP3 and IMAP logins.

cPHulk will protect POP3 and IMAP against brute force attacks if you use the Dovecot mailserver. Also, cPHulk will protect other services on any mailserver that you use against brute-force attacks.

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4637172 posted 8:06 pm on Jan 14, 2014 (gmt 0)

Does IP Block at WHM BruteForce Level Filter Down to Unique Domains on VPS?

You need to know what your GUI actions turn into.

If your lockout request turns into something in a firewall, then it is physically impossible for affected requests to reach individual domains, because they're not allowed into the server at all.

If your lockout request turns into a line in the config file that says

Deny from 12.34.56.78

(this seems most likely to me) it will affect the entire server unless someone further down the line puts in an explicit exception.

If your lockout request turns into a pair of lines in config that say

RewriteCond %{REMOTE_ADDR} 12\.34\.56\.67
RewriteRule .? - [F]


then all bets are off because you need to know how the individual sites are set up.

keyplyr

WebmasterWorld Senior Member keyplyr us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4637172 posted 9:55 pm on Jan 14, 2014 (gmt 0)

The syntax is different in htaccess and htconfig.

bobothecat2



 
Msg#: 4637172 posted 10:19 pm on Jan 14, 2014 (gmt 0)

Just speaking out loud more than anything... so if this post is considered off topic I certainly apologize and in no way am trying to distract from the OP's question.

But Wow! I couldn't imagine running a site without knowing Unix/Linux. I've seen cPanel and it's ilk - no thanks. I'll take the command prompt any day of the year. Much easier and faster. I will also freely admit that I must be old-school, because I still code by hand and enjoy it.

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4637172 posted 10:40 pm on Jan 14, 2014 (gmt 0)

The syntax is different in htaccess and htconfig.

Where? I mean, where exactly, within the context of the present discussion?

I couldn't imagine running a site without knowing Unix/Linux.

What do you use them for?

Hand-rolled html is trivial; it's just a glorified word processor. You can do it without knowing a word of any programming language.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Search Engines / Search Engine Spider and User Agent Identification
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved