Child pages
  • How to Authenticate your Server for cPanel Technical Support
Skip to end of metadata
Go to start of metadata

Overview

This document explains how to authenticate your server for technical support. You must authenticate your server in order to allow our Technical Analysts to securely access it.

 

Important:

You must open a support ticket to use the steps provided in this article.

How to authenticate your server


 

Log in to the cPanel Customer Portal.

In your preferred browser, navigate to the cPanel Customer Portal and log in to your account.

 


 

Find your support request.

To find your open support request, perform the following steps:

 

 

 1. Click Show Open/Closed Requests...

 You can find this link in the Tasks menu, on the cPanel Customer Portal dashboard.

 

 2. In the ID column of the Open Requests table, click the seven-digit number that corresponds to the ticket that you need to update...

A new window will appear.

 

 3. Click Update Server Information...

A new window will appear.


 


 

 

Receive authentication information.

Enter your server information in the appropriate text boxes.

Important:

To provide cPanel Support with an account's non-root login details, enter the account's username and password in the Server Notes text box. Do not provide non-root login details via support ticket responses.

Note:

To allow cPanel Support to access your server, do not select the I DO NOT wish to provide cPanel access to my server checkbox.

You will receive a unique public SSH key for each server for which you submit information. You will also receive a list of cPanel Support-sanctioned IP addresses:

These addresses appear on the ticket request confirmation page and in an email that you receive when you open a ticket.

After you enter the information for your server, click Update Servers.

 

 Authentication information for additional servers

You may submit authentication information for multiple servers. You may find this useful if you wish to migrate multiple servers to cPanel & WHM, or require support for several servers at the same time.

Click + to open an additional form, and then enter your server information for each additional server.

Important:

For cPanel users and FTP support, enter the access credentials for each account in the Server Notes text box.

Click + to open an additional form

 

The Server Notes text box

 


 

 

How to rename a server tab

To rename a server tab, select the server tab that you wish to rename. In the Server Name text box, enter the tab name that you wish to use. Click Update Servers to save your changes.

Important:

To rename multiple server tabs, you must update each server tab individually.

 


 

Grant access to cPanel Support in WHM

Use WHM's Grant cPanel Support Access interface (Home >> Support >> Grant cPanel Support Access) to grant access to your server to cPanel Support.

 

 

 

Note:

For cPanel & WHM versions 11.44 and earlier, follow the steps below.

 

 

 1. Import the public SSH key...

To import an existing SSH key, perform the following steps:

  1. Click Import Key.
  2. To use a custom key name, enter the key name in the Choose a name for this key (defaults to id_dsa) text box.

    Important:

    If you use a custom key name, you must manually specify the SSH key when you log in to the server. 

    To manually specify the SSH key, run the following command, where user is the username and example is the server name or IP address:

    ssh user@example -i /root/.ssh/key_name 
  3. To import a PPK (PuTTY Key Generator) file, enter the password in the Private key passphrase (Needed for PPK import only) text box.
  4. Paste the public and private keys into the appropriate text boxes.

    Important:

    Private keys should always remain on the server that generated them. Do not enter the private key when you import another server's key to allow SSH connections between the two servers, or to use SSH for account transfers. 

  5. Click Import.
 

For more information, read the Manage root's SSH Keys documentation.


 

 

 

 2. Add the cPanel Support IP addresses to your list of trusted IP addresses (whitelist)...

To add IP addresses to cPHulk's whitelist, perform the following steps:

  1. Enter one or more IP addresses, one per line, in the New Whitelist Records text box.

    Note:

    Enter IP addresses individually (IPv4 or IPv6) or in CIDR format.

  2. Enter any desired comments in the Comment text box. This comment will display for each of the IP addresses that you entered.
  3. Click Add.

Note:

If you use a third-party firewall, such as CSF, add the firewall's IP address to the whitelist.

For more information, read the Whitelist Management section of WHM's cPHulk Brute Force Protection interface (Home >> Security Center >> cPHulk Brute Force Protection).


 

 

 3. Allow cPanel Support IP addresses in Host Access Control...

To allow an IP address to access a service, perform the following steps:

  1. Enter the service name in the daemon text box.
  2. Enter the IP address or hostname in Access List text box. 
    • You may enter wildcards in this text box.
    • You cannot enter a range of IP addresses with CIDR notation.
    • To specify a network range, add a network mask to the IP address.
      • For example, 192.168.0.0/255.255.255.0, where 255.255.255.0 is the desired network mask you want to use.
  3. Enter the desired action in the Action text box.
    • Enter allow to allow access.
    • Enter deny to deny access.
  4. Describe the rule in the Comment text box.
  5. Click Save Host Access List, or click  Reload  to delete any changes.

Note:

You can also enter ALL EXCEPT IP address in the Access List text box. When you enter allow as your action, the system will allow all of the addresses except for the one that you entered in the Access List text box. For more information, read the Notes and Additional documentation sections below.

 

Warnings:

  • You must add the cPanel Support IP addresses above any DENY rules in the /etc/hosts.allow file.
  • You must also allow access to the cPanel Support IP addresses, either in WHM's Host Access Control interface (Home >> Security Center >> Host Access Control) or manually in the /etc/hosts.allow file.

 

 

 


 

 

After you perform these actions on your server, our Technical Analysts can connect to your server. If our Technical Analysts request that you do so, update your ticket to inform them that you authorized your server.

 

Additional documentation