cPanel VPN server
Open Discussion
Created on the behalf of a customer: Regarding the vpn, what I was asking for was a cPanel installation that would set up the software to use cPanel VPNs on a server. I think this would be beneficial both to the end user and cPanel. Say for example I want to set up a server for cPanel VPS instances. I could use a cPanel installer to install all the necessary software to do this.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
It would be very nice to be able to sell VPN accounts and allow our users to access resources located in the country of our server. This is in very high demand now a days.
It would be very nice to be able to sell VPN accounts and allow our users to access resources located in the country of our server. This is in very high demand now a days.
Yes, I concur with Jamie Z. It would be great if we can provide our customers with VPN Server as well.
Thank you.
Yes, I concur with Jamie Z. It would be great if we can provide our customers with VPN Server as well.
Thank you.
This is yet another area that Cpanel should "support" as a configuration, but not necessarily as an application. A how-to, quasi-support mode would be a lot better than a binary: yes/no.
This is yet another area that Cpanel should "support" as a configuration, but not necessarily as an application. A how-to, quasi-support mode would be a lot better than a binary: yes/no.
I think this would be a nice add-on like DNSonly or Mailonly, I agree customers want VPN but this would be better than running it on the same servers as the websites that require high-performance.
I think this would be a nice add-on like DNSonly or Mailonly, I agree customers want VPN but this would be better than running it on the same servers as the websites that require high-performance.
Maybe using Linux Containers and RHEL/Centos 7. Possibly work with the Centos team, and offer an official disk image for RHEV's openstack implementation.
Maybe using Linux Containers and RHEL/Centos 7. Possibly work with the Centos team, and offer an official disk image for RHEV's openstack implementation.
I would love to use VPN on same server used for my websites.
I would love to use VPN on same server used for my websites.
Googled it and got an answer: https://georgetasioulis.com/how-to-install-and-configure-pptp-vpn-on-a-cpanel-server/
Googled it and got an answer: https://georgetasioulis.com/how-to-install-and-configure-pptp-vpn-on-a-cpanel-server/
This should only be added as a security option. For example to access cPanel or WHM via a secure connection on a private IP. It should use L2TP over IPSec so that every modern device could connect and allow management without having to install a 3rd party client.
Attempting to route everyday internet traffic through a server designed to serve as a web server is not smart. You are taking away resources that should be used for Apache, MySQL, etc.
This should only be added as a security option. For example to access cPanel or WHM via a secure connection on a private IP. It should use L2TP over IPSec so that every modern device could connect and allow management without having to install a 3rd party client.
Attempting to route everyday internet traffic through a server designed to serve as a web server is not smart. You are taking away resources that should be used for Apache, MySQL, etc.
Do we have any update on this? I don't really want to sell VPN services, but it would be good idea, especially for setting up a secure network for globally dispersed servers - for backups, shared SQL, etc.
But I can also see how it could be beneficial to clients: A client connects to the server's VPN and can then use MySQL Management Studio from his PC to securily manage his databases.
Do we have any update on this? I don't really want to sell VPN services, but it would be good idea, especially for setting up a secure network for globally dispersed servers - for backups, shared SQL, etc.
But I can also see how it could be beneficial to clients: A client connects to the server's VPN and can then use MySQL Management Studio from his PC to securily manage his databases.
Useless: cPanel is for Hosting Website/databases/email management !
If you use same server for VPN and sending email, the IP reputation of emails will be very bad ....
Useless: cPanel is for Hosting Website/databases/email management !
If you use same server for VPN and sending email, the IP reputation of emails will be very bad ....
I agree with PH-Quentin. I had "Voted up" this question a few years ago.
Now that I have experience, I changed my vote to "No!".
cPanel's team should direct their efforts to implement/solve things related to web hosting.
If you want to provide VPN Services, go ahead, but let cPanel out of this.
Also, if you want an additional layer of security, use firewall to block cPanel's and WHM's ports outside your network, and then reserve another machine to act as VPN server, to allow your entrance in your private network.
This is something I would NOT like to see in a future build of cPanel.
I agree with PH-Quentin. I had "Voted up" this question a few years ago.
Now that I have experience, I changed my vote to "No!".
cPanel's team should direct their efforts to implement/solve things related to web hosting.
If you want to provide VPN Services, go ahead, but let cPanel out of this.
Also, if you want an additional layer of security, use firewall to block cPanel's and WHM's ports outside your network, and then reserve another machine to act as VPN server, to allow your entrance in your private network.
This is something I would NOT like to see in a future build of cPanel.
Please people, VPN on webhosting server? You will make your server VERY slow and there is no added value at all. Create a seperate VPN to handle this kind of service.
Please people, VPN on webhosting server? You will make your server VERY slow and there is no added value at all. Create a seperate VPN to handle this kind of service.
While I understand that some people might have a need for setting up a VPN on their server, I don't think cPanel should be involved since there are much more widely needed updates/additions for cPanel.
To the relatively small number of people who need a VPN solution, there are ways to install services like OpenVPN on you server via SSH if you so desire; which is relatively straight forward if you know what you are doing. If you struggle setting that up, then running a VPN on your own is probably not wise.
While I understand that some people might have a need for setting up a VPN on their server, I don't think cPanel should be involved since there are much more widely needed updates/additions for cPanel.
To the relatively small number of people who need a VPN solution, there are ways to install services like OpenVPN on you server via SSH if you so desire; which is relatively straight forward if you know what you are doing. If you struggle setting that up, then running a VPN on your own is probably not wise.
Hey folks! I appreciate the opinions being shared, but I don't want to go too far down into a discussion of whether or not we should. It seems like opinions in both ways have been shared. Right now, Id' say we're set on those two. If you have any further information to share about our potential implementation of this request, feel free to share it. If you think we shouldn't work on it, feel free to downvote it.
Hey folks! I appreciate the opinions being shared, but I don't want to go too far down into a discussion of whether or not we should. It seems like opinions in both ways have been shared. Right now, Id' say we're set on those two. If you have any further information to share about our potential implementation of this request, feel free to share it. If you think we shouldn't work on it, feel free to downvote it.
Ok. I think this depends on how the server is provisioned in the sense of what its being designed to service.
For plenty of reasons (primarily legal compliance), a cPanel account may want their site(s) tunneled into their corporate network and not accessible from a public URL. This is especially true for 'Intranet'-style sites. Since, traditionally, static IPs are setup at the account level, configuring an account to serve over a VPN-IP would need to be done at the admin level. BUT, this is where the server is acting as a VPN client. Not unreasonable, but I think the OP was after something different.
If you want your cPanel server to be a VPN server as well ... I could see application in the reverse of the above paragraph where the company doesn't want a Intranet site publicly accessible and therefore a VPN tunnel to access the site makes sense. OK, but with HTTPS this need has 90% gone away? Assume you go ahead ... then you're tunneling all of those users' traffic if not configured correctly.
As someone whose been burned by RBLs I don't want unfiltered end-user traffic running through my server and making that matter worse. So, obviously turning on a 'VPN Server' on my server is on my list of 'never going to happen'. It seems to me that people wanting to sell tunneling services should use dedicated infrastructure for that ... however, since accounts have a 'user account' structure and some small businesses may effectively have that as their directory, I see the benefits of this option.
But I tend to agree with Ryan on 'priorities and work-around' front.
Ok. I think this depends on how the server is provisioned in the sense of what its being designed to service.
For plenty of reasons (primarily legal compliance), a cPanel account may want their site(s) tunneled into their corporate network and not accessible from a public URL. This is especially true for 'Intranet'-style sites. Since, traditionally, static IPs are setup at the account level, configuring an account to serve over a VPN-IP would need to be done at the admin level. BUT, this is where the server is acting as a VPN client. Not unreasonable, but I think the OP was after something different.
If you want your cPanel server to be a VPN server as well ... I could see application in the reverse of the above paragraph where the company doesn't want a Intranet site publicly accessible and therefore a VPN tunnel to access the site makes sense. OK, but with HTTPS this need has 90% gone away? Assume you go ahead ... then you're tunneling all of those users' traffic if not configured correctly.
As someone whose been burned by RBLs I don't want unfiltered end-user traffic running through my server and making that matter worse. So, obviously turning on a 'VPN Server' on my server is on my list of 'never going to happen'. It seems to me that people wanting to sell tunneling services should use dedicated infrastructure for that ... however, since accounts have a 'user account' structure and some small businesses may effectively have that as their directory, I see the benefits of this option.
But I tend to agree with Ryan on 'priorities and work-around' front.
I would like to see the ability for cPanel servers to act as a VPN server which will be very useful for remote backups, as well as website development / MySQL access, etc.
Put it this way, if cPanel can act as a VPN server, a client behind a public IP address can securely connect to his cPanel account in order to manage his MySQL databases and develop his website without having to login to cPanel and use the File Manager every time he wants to upload files to the server.
From a backup point of view, for people who use 3rd party servers to store their backups, this would add an extra layer of security as well.
I would like to see the ability for cPanel servers to act as a VPN server which will be very useful for remote backups, as well as website development / MySQL access, etc.
Put it this way, if cPanel can act as a VPN server, a client behind a public IP address can securely connect to his cPanel account in order to manage his MySQL databases and develop his website without having to login to cPanel and use the File Manager every time he wants to upload files to the server.
From a backup point of view, for people who use 3rd party servers to store their backups, this would add an extra layer of security as well.
Whilst there are some good ideas I do thing there are far more important things for Cpanel to focus on.
For web development you can easily connect via openvpn or a very cost effective service (many around now) using secure ftp directly into the account without using Filemanager.
The comment above re backups etc could be useful but again if backups are using rsync over SSH that's secure anyway.
I think the OP is asking for a stand alone VPN installer which works with Cpanel, or Cpanels ability to integrate with a VPN, maybe openvpn or something. However, as I say, my opinion is that time should be spent on making Cpanel better and better, especially integration between servers, configs etc with things like this being additional extras on the sidelines.
Whilst there are some good ideas I do thing there are far more important things for Cpanel to focus on.
For web development you can easily connect via openvpn or a very cost effective service (many around now) using secure ftp directly into the account without using Filemanager.
The comment above re backups etc could be useful but again if backups are using rsync over SSH that's secure anyway.
I think the OP is asking for a stand alone VPN installer which works with Cpanel, or Cpanels ability to integrate with a VPN, maybe openvpn or something. However, as I say, my opinion is that time should be spent on making Cpanel better and better, especially integration between servers, configs etc with things like this being additional extras on the sidelines.
As a server admin setting up VPNs on the same server as the cpanel installs would be beneficial, not for reselling (although extra income is always an interesting idea so maybe for reselling down the line) but in terms of privately connecting to servers for administration purposes or clients to do the same would be great.
Various reasons of course, like public networks such as coffee shops etc, work place networks which allow guests or have high turnovers, clients who are completely unaware of online security and are walking targets.
Personally for me this would be useful in my particular use case, I work in an office that has a load balancer across 2 IPs, while the internals of the network are secure all workers and guests (office provides meetings rooms and hot desks) are forwarded out the same 2 modems depending on load. Whitelisting the office IPs are not beneficial because the IPs are not static and it would also leave the server open to attack from people onsite whereas a VPN connection would negate most of the risk by adding the extra layer of security and allowing only access to the intended users.
Also in terms of smaller organisations and free lancers etc, renting / buying another server and using that for external VPN is not always cost effective. Some people can only afford the 1 server or VPS
As a server admin setting up VPNs on the same server as the cpanel installs would be beneficial, not for reselling (although extra income is always an interesting idea so maybe for reselling down the line) but in terms of privately connecting to servers for administration purposes or clients to do the same would be great.
Various reasons of course, like public networks such as coffee shops etc, work place networks which allow guests or have high turnovers, clients who are completely unaware of online security and are walking targets.
Personally for me this would be useful in my particular use case, I work in an office that has a load balancer across 2 IPs, while the internals of the network are secure all workers and guests (office provides meetings rooms and hot desks) are forwarded out the same 2 modems depending on load. Whitelisting the office IPs are not beneficial because the IPs are not static and it would also leave the server open to attack from people onsite whereas a VPN connection would negate most of the risk by adding the extra layer of security and allowing only access to the intended users.
Also in terms of smaller organisations and free lancers etc, renting / buying another server and using that for external VPN is not always cost effective. Some people can only afford the 1 server or VPS
Replies have been locked on this page!