cPanel and whm both not opening on google cloud vm instance

0
votes

I'm facing issue with firewall configuration on centos-7 vm instance on gcp.cPanel(2082,2083) and WHM(2086,2087) ports are open but still firefox in not launching the WHM. see the comand below. [root@centos-7-1 ~]# netstat -ntlup | grep cp tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) - tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 5361/exim tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 3455/perl tcp 0 0 0.0.0.0:2095 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) - tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) - tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 5361/exim tcp 0 0 10.160.0.2:53 0.0.0.0:* LISTEN 3523/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3523/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3614/sshd tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 5361/exim tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 3523/named tcp 0 0 0.0.0.0:2077 0.0.0.0:* LISTEN 5567/cpdavd - accep tcp 0 0 0.0.0.0:2078 0.0.0.0:* LISTEN 5567/cpdavd - accep tcp 0 0 0.0.0.0:2079 0.0.0.0:* LISTEN 5567/cpdavd - accep tcp 0 0 0.0.0.0:2080 0.0.0.0:* LISTEN 5567/cpdavd - accep tcp 0 0 0.0.0.0:2082 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) - tcp 0 0 127.0.0.1:579 0.0.0.0:* LISTEN 3634/cPhulkd - proc tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) - tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) - cpanel Tech team has reply on the above saying.

Hello,

Thank you for your reply back!

Attempting to connect to the server over port 2087 from the outside it seems that there is some sort of firewall rule in place that is filtering out the requests to that port:

====== [root@test ~]# nmap 35.200.142.242 -p 2087

Starting Nmap 6.40 ( http://nmap.org ) at 2019-01-23 04:37 CST Nmap scan report for 242.142.200.35.bc.googleusercontent.com (35.200.142.242) Host is up (0.26s latency). PORT STATE SERVICE 2087/tcp filtered eli

Nmap done: 1 IP address (1 host up) scanned in 9.54 seconds

However, I was able to confirm that the port 2087 is open for outgoing at this moment in time:

====== [10:41:08 centos-7-1 root@11256229 ~]cPs# telnet portquiz.net 2087 Trying 5.196.70.86... Connected to portquiz.net.

Escape character is '^]'.

I would recommend to review over the port configuration again or reach out to a system administrator that may be able to assist further with the firewall setup and configuration through Google Cloud.

Please keep in mind this problem does not appear to be related to or caused by cPanel or by the basic configuration of the cPanel-bundled software. We're happy to help as much as possible but our technical analysts aren't replacements for a qualified systems administrator. We've provided the data and information that will help you carry on to the next step.

I certainly understand that not everyone has a Systems Administrator.

For a list of System Administration Services, feel free to reference our public services list available here: http://go.cpanel.net/sysadmin

Please note, however, that cPanel cannot be held liable for any services performed by third-party providers.

1
google-cloud-platformhostingcpanel

1 Answers

0
votes

First check that you have created the required firewall rules in Google Cloud Platform, refer to this documentation on how do it, also verify the firewall rules inside your instance using:

iptables -L firewall-cmd --get-active-zones firewall-cmd --info-zone= {activezone}

I also ran an nmap -Pn 35.200.142.242 and got the following output:

enter image description here

So the port 2087 isn't open, I couldn't telnet either.
enter image description here

Finally when trying to debug network issues I suggest you to use one of these tools: iftop, iptraf-ng and tcpdump.

Edit: If you have SELinux in enforcing mode, be sure that the cPanel files are in the correct context.