How to Block port no 80 on cPanel/WHM

[bhanu2217]

Many shared hosting have the feature of blocking Port no 80 and other ports on a cPanel account when malicious files are detected on that cPanel account.

Can you let me know how can i implement this feature in WHM Panel. Which plugin/software do i need to install on WHM panel for this feature to work

 

[bhanu2217]

Looking at this feature

Screenshot links:

• https://ibb.co/c7yVQV
• https://ibb.co/eGqzKq

 

[phpAddict]

That appears to be some version of a cPanel antivirus plugin that when detecting a virus disables the account to some degree. I'm also interested to know what plugin that might be as I'm not aware of ClamAV doing that.

 

[wphackedhelp]

You can unblock your port number 80 by following the below steps
Step 1: Login into the WHM panel of your Linux hosting
Step 2: Search and click on the option ConfigServer Security & Firewall.

Step 3:.In ConfigServer Security & Firewall>>Click on the Firewall Configuration button>> IPv4 Port Settings section

Step 4:In IPv4 Port settings edit the fields Allow incoming TCP ports and Allow outgoing TCP ports.

Step 5: save the changes made and restart the server by clicking on Restart csf+lfd.

If you have SSH access you can unblock using SSH by following the below steps:
Step 1: Login to the SSH of your server
Step 2: Open the configuration file of the CSF “vi /etc/csf/csf.conf”
Step 3: Add the ports to the csf.conf file, either under Allow incoming ports (Allow incoming TCP ports TCP_IN) or Allow outgoing ports(Allow outgoing TCP ports TCP_OUT):
Step 4: Restart the CSF using the below command
csf -r

 

[phpAddict]

Hi @wphackedhelp ,

He was looking to block port 80, not allow port 80. It seems he's also looking for an automated solution when malicious files are detected that will display a message only on the users website. If you were to use ConfigServer and remove port 80, to instead block the port, it would cause a "Site can't be reached" for the entire server. That would cause no sites on the entire server to be reachable, instead of just the one user. If you were to do that you may also want to block 443, and many of the other ports, and also do them under IPv6, if you have one.