How to prevent accessing accounts with server IP address(or hostname) and the account username in a cPanel server : ip/~username

It’s very important resource usage measure if you are an owner of a shared hosting. Because, in a cPanel server every user can access their on account(Domains) by using the server IP address or hostname if the “Apache mod_userdir” is not enabled on the server. It is serious issue. By allowing IP/~username access method every cPanel users can access their own websites with server IP address or host name. Also, anybody can access their domain by using an another account in that shared server. The disadvantage of this feature is that any bandwidth usage used by this site will be put on the domain it is accessed under or the main server.

For example, consider one shared server with host name “test.test.com” and the IP address is xx.xx.xx.xx. If the Apache mod_userdir is not enabled in that server all users in that shared server can access their domain by using the server main IP address or hostname or even any other domain in that shared server. That means, a BandWidth misuse will be there if the “Apache mod_userdir” is not enabled on the server.

http://ip/~username
http://hostname/~username
http://otherdomain.com/~username

From the above example;

http://xx.xx.xx.xx/~username

How to stop and save BW ?
In your server’s WHM, there is an option to stop this type of account accessing. Please do follow the steps pasted below:

Step I : Login to WHM control panel
Step II : Go to:

Home >> Security Center >> Apache mod_userdir Tweak

Step III : Select the “Enable mod_userdir Protection” option
Step IV : Save
Enable mod_userdir Protection

 

That’s it.

Then try to access the website using username, you will get the following error 🙂

404 Not Found
The server can not find the requested page:

Related:
How to reset SSH port from WHM
How to set the maximum number of mails per hour – WHM/cPanel server
How to enable BoxTrapper function for cPanel accounts – WHM/cPanel
How to replace MySQL with MariaDB on a cPanel server

Post navigation

Arunlal A

Senior System Developer at Zeta. Linux lover. Traveller. Let's connect! Whether you're a seasoned DevOps pro or just starting your journey, I'm always eager to engage with like-minded individuals. Follow my blog for regular updates, connect on social media, and let's embark on this DevOps adventure together! Happy coding and deploying!

Leave a Reply

Your email address will not be published. Required fields are marked *