Hide WHM login URL
Needs Review
It would be nice to be able to hide your url of the whm control panel login without going to full host access control with a whitelist. It is often a resource drain if a bot is trying to crack your login even if limited to a low number such as 5 tries.
Example http://your_server_whm.com:portxxxx/?your_secret_word
This is worst idea. Only useful when you are the only who is using the server but when you are providing shared hosting services then you will keep getting support queries about your login url. Instead I'll suggest 2FA using Google Authenticator app.
This is worst idea. Only useful when you are the only who is using the server but when you are providing shared hosting services then you will keep getting support queries about your login url. Instead I'll suggest 2FA using Google Authenticator app.
Now that brute protect have a in memory cache and the ability to perform ban's in the firewall there would only be a ressource drain if lots of IP's are trying lots of usernames.
We communicate alot with /cpanel and /whm URL's which, if they kept working to the new URL would defeat the purpose of renaming the URL.
If you are the only person using WHM, disable access to 2087 from all IP's except your own.
Now that brute protect have a in memory cache and the ability to perform ban's in the firewall there would only be a ressource drain if lots of IP's are trying lots of usernames.
We communicate alot with /cpanel and /whm URL's which, if they kept working to the new URL would defeat the purpose of renaming the URL.
If you are the only person using WHM, disable access to 2087 from all IP's except your own.
Thank you for your suggestion. There are better ways of mitigating bot attacks on login interfaces. Changing a well known access point will make usage more difficult for the most important audience, your users, while having questionable effect at best against bots.
We will not implement this request.
Thank you for your suggestion. There are better ways of mitigating bot attacks on login interfaces. Changing a well known access point will make usage more difficult for the most important audience, your users, while having questionable effect at best against bots.
We will not implement this request.
Replies have been locked on this page!