cPanel & WHM Version 92 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Bind user to the IP they are assigned to

Michael24 shared this idea 5 years ago
Needs Feedback

I put this into security, although it is also good for networking


Currently there is no possibility, known to me and CPanel Support, to force

clients to use their own IP address for outgoing connections (Scripts,

CURL etc.) as CPanel is not involved in any routing issues.


Clients on the shared main IP can bind outgoing connections to any dedicated IP on

the same server (they know about) on the same subnet or Gateway (on MAC

based routing). Needless to say that this is horrible securitywise as

they could identify themselve as someone else on abusive behaviour.


I have a setup with one shared IP with many clients and one dedicated IP,

which is used internally and is also used for licensing CPanel and

other stuff. I was forced to set a default route src to the dedicated

IP. No surprise, now ALL traffic leaves the server from the dedicated

one, even if a shared client issued the connection.


If I do not set a default route to the dedicated IP ALL outgoing traffic is routed over the shared main IP.


So it would be a good idea to enforce that clients can not use other IPs which are not assigned to them.

Comments (1)

photo
2

How do you propose we do this?