Hi, a few days back I successfully installed CyberPanel on my Hetzner VPS. I am using Cloudflare so I cannot access https://mydomain:8090 as Cloudflare blocks port 8090. So,
Is it safe to change the CyberPanel port to 8443?
I have a Firewall rule setup to block all incoming traffic at port 8090 except my IP to protect my CyberPanel. Is it possible to do the same if I access my CyberPanel at port 8443 (with a domain name)?
That’s a very good decision, actually if you want a pro tip from someone that’s very confident but just wouldn’t bother, I just shutdown cyberpanel when I don’t need it, because that’s the ultimate security. I never have to worry who’s trying to brute force my panel or why /usr/local/lscp/logs/error.log is getting written each minutes with pure nonsense. Actually I have a php file that all it does is ask for a password and then start cyberpanel and shut it down 30 minutes later, I guess you could do the same but it just open port 8090 when you need it. No modification to the original control panel. Like what’s the point of running a control panel 24/7?
Doesn’t impact certificate renewal or even backups, since those are cron jobs. You can use start to start it when needed.
It’s important to remember that while we do have the source code of cyberpanel the django app, and that openlitespeed is a very nice, fast and modern webserver, cyberpanel itself is served from a binary file ( I’m guessing a version of litespeed ) that you’ll find in the root of the git repo ( cyberpanel/lscpd-0.3.1 at 4ce83cb4b0fe59a375f7ed13475c49e572dc457e · usmannasir/cyberpanel · GitHub ) I don’t know that thing, I can’t config it, I can’t understand it’s weird log ( and why oh why it keep logging all the time ) and it did have vulnerability issues. If you want real security, just changing port ain’t gonna cut it, but shutting it down certainly will. Btw I think the cyberpanel watchdog restart it? I didn’t install that so no idea.