Can someone advice how modrewrite can be used to protect cpanel?
At the moment with cpanel, anyone on the web can type
www.domain.com/cpanel
www.domain.com/whm
www.domain.com/webmail
This makes it easier for hackers and snoopers to try and access the backend of the site.
Is there a way to protect a site's cpanel both when cpanel is used on a dedicated as well as shared hosting account, in .htaccess file so that
- access to cpanel URL is restricted by IP or something similar, or specifying a custom login area.
When cpanel is configured, www.domain.cpanel is moreless a redirect to www.domain.com:2082 (or 2083 but how can this be set so that in any environment including shared accounts, someone without the right IP address cannot see anything when such is typed in?
Note that unlike preventing access to folders, for shared account users, they cannot prevent access to cpanel in the same way, because it is not a folder but a port and cpanel simply redirects one to that port.
Or if a direct management of the ".com/cpanel" redirect cannot be made especially in a shared hosting environment as it is a shared IP being used, then a way to prevent access to that redirect URL.
Normally in a shared environment, the requst comes to the server via IP and it resolves to the domain's account, e.g. 123.456.789.01~accountname
So, when someone requests cpanel or the port 2082, the person is simply being taken to 123.456.789.01~:2082 or something of the sort by a redirect that seems to pick up 123.456.789.01~/cpanel
There should be a way to prevent any redirect from a given domain
This will help make more sites a bit more secure from snoopers