Question How to block control panel access for subdomain?

afuego · May 10, 2023

We have a client were we only host a subdomain for them, the root domain is hosted somewhere else and the DNS records are managed externally. The client wants to block access to port 8443, they do not want the page for <subdomain>/login_up.php showing up on security assessments.

We already implemented HTST headers and forward the request to <controlpanel_domain>:8443 but client is not happy.

I read its possible to achieve this using a Cloudflare "Business" plan and configure the subdomain to block access to port 8443 for that site.

Is that correct (Cloudflare Business Plan) or there is another way to accomplish this?

helalsiftwell · Dec 19, 2023

I am having the same issue.
This is coming up in our security assessment.

What was the resolution to this problem?

afuego · Dec 19, 2023

Hi @helalsiftwell , I was able to clear the security assessment implementing this fix;

https://support.plesk.com/hc/en-us/...ver-hostname-on-port-8443-in-Plesk-for-Linux-

Hope it works for you.

Question How to block control panel access for subdomain?

afuego

Basic Pleskian

helalsiftwell

New Pleskian

afuego

Basic Pleskian

Similar threads

Question How to block control panel access for subdomain?

afuego

Basic Pleskian

​

helalsiftwell

New Pleskian

afuego

Basic Pleskian

Similar threads