Overview:
Host Access Control interface allows you to allow, reject, or drop access to specific ports on your server.
In this documentation, we will go over how to use the Host Access Control interface in cPanel to restrict specific WHM/cPanel functions in order to protect your server. In our example, we will be restricting the SSH service to only allow access to specific IP addresses.
Steps
Login to WHM [Your-IP]/whm
Find the Host Access Control interface by searching "Host Access Control" within WHM
Add your first access rule:
The first rule that you will want to add is the accept rule. In order to do this, you will want to add the port, IP address (for multiple IP addresses, separate the IP's with a comma), Protocol=TCP, and select "ACCEPT" from the Action dropdown:
Add your deny rule:
This second rule that you will want to add is the reject rule. In order to do this, you will want to add the port, put "ALL" without the quotes into the IP address field, Protocol=TCP, and select "REJECT" from the Action dropdown.
Conclusion
After both rules are added, you've successfully restricted the specified port to only allow whitelisted IP addresses from accessing the service.
If you ever restrict yourself from your server, you can contact our support team to get assistance in regaining access, or if you have SSH access to your server, you can edit the /etc/hosts.allow file to regain access to your server.