What services are Allowed and Blocked from accessing cPanel

 

Overview

To keep our infrastructure robust and to avoid any potential security or data breach we have set some access limitations to the cPanel server environment for both incoming and outgoing.

 

Services that are Allowed

Inbound services Allowed

  • FTP

  • SMTP / SMTPS

  • HTTP / HTTPS

  • IMAP / IMAPS

  • POP3 / POP3S

  • WebDAV

  • CalDAV / CardDAV

  • cPanel access

  • WHM Access

  • Webmail

Outbound services Allowed

  • FTP

  • SMTP/SMTPS

  • MySQL

 

Services that are Blocked:

Inbound services Blocked

  • MySQL

  • Telnet

  • NTP

  • Kerberos

  • SSH / SFTP

 

Outbound services Blocked

  • POP3 / IMAP both standard and secure socket.

  • Telnet

  • NTP

  • Kerberos

cPanel Email restrictions

  • SMTP Email Ratelimit / Account / Hour   100
  • SMTP Email Ratelimit / Account / DAY     500
  • SMTP EMail Ratelimit / DOMAIN / Day    2500
  • POP3 Logins / Hour                                  80

Firewall limits

  • POP3 Logins / Hour                                   80
  • IMAP Logins / Hour                                   Unlimited
  • Failed login limit *                                     15
  • Connection tracking Limit **                     10
  • Connection Tracking Ports **                     Port 25 (SMTP)

'*' When the number of failed login limit is reached, the source IP address will be blocked.

**’ When the connection limit is reached, the source IP is blocked for one hour.

 

General Restrictions

  • xmlrpc.php is blocked at the web server level
    This mitigates a lot of incoming abuse against Wordpress installations.

Was this article helpful?
0 out of 0 found this helpful