Sell Ads, Make money. Buy Ads, Get Traffic with BannerBoxes
Targeted Traffic/Starting at $1.99!

WHM APF Plugin

June 5, 2008 - 11:48 pm | Nessa

I’m happy to announce my first ever perl-written plugin for WebHost Manager, which was developed by myself and one of my fellow sysadmins at InMotion Hosting. The first release is available here:

Download v.1.05

Download Now

To explain a little bit of background here, many hosting companies that give some sort of **** about security will leave SSH port 22 closed except for specified IPs. Us being one of them, requests from customers for us to add their IPs to their firewalls is rather redundant when we host over 900 V-dedicated systems and 100 Dedicated boxes where customers can opt for SSH access. Therefore, I decided that it would be well worth our efforts to create a WHM plugin to allow customers to add their own IPs without ever having to contact us. I am aware that some plugin developer already has a more sophisticated APF plugin for WHM but you have to pay for it.

Requirements:

- cPanel/WHM (tested on version 11.18)

- APF 0.9 (tested on 0.9.6)

- iptables enabled and working (if you are able to restart APF without any errors, it’s probably fine)

Note: default privileges will allow anyone with WHM/reseller access to use this plugin. You can manually change this in the addon_add2apf.cgi file if you want.

Installation:

cd /usr/local/cpanel/whostmgr/docroot/cgi
wget http://v-nessa.net/wp-content/scripts/apfadd_whm_1.05.tar.gz
tar -xvzf apfadd_whm_1.05.tar.gz
rm -f apfadd_whm_1.05.tar.gz

Simple enough?

From there, load up WHM and on the left side you’ll see an option to “Add IP to Firewall” and the plugin page will give you examples of what you can add. The script is set up to allow:

Hostname - v-nessa.net
Single IP - 205.134.252.71
IP CIDR - 205.134.252.71/24
Port/IP - d=22:s=205.134.252.71
Port/CIDR - d=22:s=205.134.252.71/24

Of course, the error checking is not perfect, so just be aware of what you’re adding or you might unintentionally ‘break’ your firewall, which usually results in blocked traffic.

Eventually I’m sure I’ll end up adding the ability to manage ports and remove IPs for users with a certain access level, but currently I don’t see a need to do so because I don’t believe that non-root users should have that type of access. Note that per the readme, you can edit the addon file to limit access to users with a certain reseller ACL privilege.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • bodytext
  • del.icio.us
  • Technorati
  • Facebook
  • Google
  • StumbleUpon
  • Sphinn
  • Mixx
  • blogmarks
  • Furl
  • Reddit
  • Slashdot
Tagged in , , ,
Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

7 Comments | Add your own

  • . M7MoD | June 6, 2008 at 5:43 pm | Permalink

    that is great work nessa ;)

  • . shelby | June 10, 2008 at 2:14 pm | Permalink

    Only 100 dedicated and 900 V-Ded? … should you be posting numbers like that? Also are those correct numbers?

  • . Nessa | June 10, 2008 at 11:26 pm | Permalink

    it’s not a secret — we openly tell people that. I don’t think 100 dedicated servers is bad considering we just started offering them a few months ago…

  • . David | July 9, 2008 at 8:27 pm | Permalink

    Very cool plugin!, everytime I visit your site I find something interesting :)

    Keep it up!

    - your customer :)

  • . andy | August 18, 2008 at 10:28 am | Permalink

    Apologies for not trying your plugin, but the CSF plugin for WHM is excellent and does lots of error checking. It also reviews your logs and blocks multiple failed login attempts.

    http://www.configserver.com/cp/csf.html

  • . Nessa | August 18, 2008 at 12:47 pm | Permalink

    Indeed, but that is for CSF, not APF.

One Trackback/Pingback

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*