Author Topic: Basic knowledge of Protecting ports  (Read 901 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Basic knowledge of Protecting ports
« on: December 21, 2023, 02:25:17 PM »
Hello,

I would appreciate it if someone could assist me by guiding me in the right direction. I have been utilizing the CWP control panel for approximately six months and I am extremely satisfied with its user-friendly interface and management capabilities.

However, I am currently facing a challenge regarding obtaining SSL certificates to cover login ports, such as 2031 and others. I am having difficulty locating the option or the ability to secure these ports. Could you please advise me on how to resolve this issue? It seems that everything works fine until I try to log into something and realize that the connection is not secure. I apologize if this is simply a mistake on my part during the setup process.

Thank you for your assistance.

Offline
*****
Re: Basic knowledge of Protecting ports
« Reply #1 on: December 21, 2023, 04:36:15 PM »
1st you need to have the rDNS configured to the FQDN of the server.

Then login to the server using the server name (e.g. server.domain.com) https://server.doian.com:2031.
You will get that the site is not secure, and continue.

Under Server Settings -> Change Hostname

It will show:

Your Hostname is: server.domain.com and it resolves to IP: xxx.xxx.xxx.xxx
rDNS/PTR = server.domain.com SUCCESS

Scroll down, and click on the Blue Bar that says, Change Hostname.

Give it a few seconds, depending on your servers speed.
This will create the SSL for the hostname, and secure the login screens.

Close the windows, and reopen, now when you login to https://server.doman.com:2031 it will have a valid SSL.

Offline
*
Re: Basic knowledge of Protecting ports
« Reply #2 on: December 21, 2023, 05:22:03 PM »
Thank you very much for your invaluable assistance. I sincerely apologize for my oversight regarding the rDNS configuration settings. Your support has been exceptionally valuable, and I am truly grateful for your time and expertise. Once again, I extend my heartfelt thanks, and I hope you have a delightful Christmas.

Offline
*****
Re: Basic knowledge of Protecting ports
« Reply #3 on: December 21, 2023, 06:21:21 PM »
Also consider moving the administration ports from the default 2087 and 2031, as those are commonly scanned and brute force attacks made against them. https://azdigi.com/blog/en/webserver-panel-en/centos-web-panel-en/how-to-change-the-port-on-centos-web-panel-cwp/