Welcome to the JaguarPC Community
JaguarPC
Sales: (888) 338-5261
Support: (888)-551-3050
Results 1 to 2 of 2

This is a discussion on tips on Secure WHM cPanel Webmail in the VPS & Dedicated forum
I typically require customers to use https for securely accessing mail cpanel whm, etc. this has been simplified w/ the whm tweak option to 'always ...

  1. 04-07-2006, 06:14 AM #1
    nsolent
    nsolent is offline
    JPC Member
    Join Date
    Apr 2006
    Posts
    7

    Lightbulb tips on Secure WHM cPanel Webmail

    I typically require customers to use https for securely accessing mail cpanel whm, etc. this has been simplified w/ the whm tweak option to 'always redirect' to those secure ports thus:

    /whm => 2087 (also always /securewhm)
    /cpanel => 2083 (also always /securecpanel)
    /webmail => 2096 (I hope SSL horde and IE get along better these days)

    just noticed a new tweak option... "When visiting /cpanel or /whm or /webmail with ssl redirect to the servers hostname." this1's nice! This makes it simple for you to buy 1 SSL cert and know that all of your clients hitting theirdomain.com/cpanel will get your issued/signed cert (no more browser complaints)

    Upon ordering a new VPS I was surprised to find these secure pages were not initially running. I saw stunnel (serves these pages) was not running, and failed on cpanel restart, did a tad of digging & it looks like a slight conflict of stunnel already running in virtuozzo host during the cpanel install. this somehow craps up the process, so here's a fix:

    hit your VZPP at https://domain.com:4643
    VZPP-> System Services: xinetd checkbox and stop
    SSH-> restart cpanel: /etc/rc.d/init.d/cpanel restart
    VZPP-> System Services: xinetd checkbox and start

    -njoy
    Reply With Quote Reply With Quote
  2. 04-07-2006, 07:01 AM #2
    nsolent
    nsolent is offline
    JPC Member
    Join Date
    Apr 2006
    Posts
    7
    ummm, ok bad solution on the VZPP xinetd stop/start above
    while i could successfully restart cpanel during & after that process, big problem cause stunnel couldn't start w/ a fresh boot. .. let's find the culprit

    "tail /var/log/messages"
    messages:Apr 7 07:28:36 k stunnel[13502]: Error binding pop3s to 0.0.0.0:995
    messages:Apr 7 07:28:36 k stunnel[13502]: bind: Address already in use (98)

    OHHHHH really? so these logs don't usually lie - lets check though

    "netstat -ap"
    tcp 0 0 *:pop3s *:* LISTEN root

    YUP. ok, since we know it's xinetd i dug around in it's conf: ok, i didn't really dig, the tab key does most of my digging!

    vi /etc/xinetd.d/popa3ds
    look for the line "disable no" and change it to "disable yes"
    /etc/rc.d/init.d/xinetd restart
    /etc/rc.d/init.d/cpanel restart

    *bingo*
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules