How to Block port no 80 on cPanel/WHM

bhanu2217

New Member
Many shared hosting have the feature of blocking Port no 80 and other ports on a cPanel account when malicious files are detected on that cPanel account.

Can you let me know how can i implement this feature in WHM Panel. Which plugin/software do i need to install on WHM panel for this feature to work
 
That appears to be some version of a cPanel antivirus plugin that when detecting a virus disables the account to some degree. I'm also interested to know what plugin that might be as I'm not aware of ClamAV doing that.
 
You can unblock your port number 80 by following the below steps
Step 1: Login into the WHM panel of your Linux hosting
Step 2: Search and click on the option ConfigServer Security & Firewall.

main-qimg-f0b84ce099d24761dd08d523c94c0903

Step 3:.In ConfigServer Security & Firewall>>Click on the Firewall Configuration button>> IPv4 Port Settings section
main-qimg-57299e02ec524590db54d1c41d9ef001

main-qimg-56a1e1a7d6df1d4b873d60e33a615be2

Step 4:In IPv4 Port settings edit the fields Allow incoming TCP ports and Allow outgoing TCP ports.
main-qimg-bf950544b339df2b5b92eff3f58e09f0

Step 5: save the changes made and restart the server by clicking on Restart csf+lfd.
main-qimg-c6a5333ba45b4e17a4df3c993f13003c

If you have SSH access you can unblock using SSH by following the below steps:
Step 1: Login to the SSH of your server
Step 2: Open the configuration file of the CSF “vi /etc/csf/csf.conf”
Step 3: Add the ports to the csf.conf file, either under Allow incoming ports (Allow incoming TCP ports TCP_IN) or Allow outgoing ports(Allow outgoing TCP ports TCP_OUT):
Step 4: Restart the CSF using the below command
csf -r
 
Hi @wphackedhelp ,

He was looking to block port 80, not allow port 80. It seems he's also looking for an automated solution when malicious files are detected that will display a message only on the users website. If you were to use ConfigServer and remove port 80, to instead block the port, it would cause a "Site can't be reached" for the entire server. That would cause no sites on the entire server to be reachable, instead of just the one user. If you were to do that you may also want to block 443, and many of the other ports, and also do them under IPv6, if you have one.
 
Top