How to restrict the use of Administrator accounts by ip address in SolidCP?

SolidCP is a widely-used open-source control panel designed for Windows hosting environments. To bolster security, it’s crucial to limit administrator access by IP address, safeguarding against unauthorized entry from unfamiliar locations. This guide will outline the necessary steps to implement IP-based restrictions on administrator access in SolidCP.

Why Restrict Administrator Access by IP?

Limiting administrator account access according to IP addresses boosts security by:

1. Stopping unwarranted access attempts from unfamiliar locations.
2. Minimizing the likelihood of brute force attacks.
3. Making certain that only authorized devices or networks have the ability to control the system.

Instructions for Limiting Administrator Account Access by IP Address in SolidCP

Step 1: Log into SolidCP

Open your web browser and navigate to the SolidCP login page.
Enter your administrator credentials and sign in.

Step 2: Navigate to Security Settings

Navigate to the Configuration section from the primary SolidCP dashboard.

Locate the System Settings section.

Step 3: Enable IP Restrictions

Look for the Portal IP Address Restriction Settings

Enter the IP addresses

Use this to Restrict administrator access from specific IP addresses, you can use single IP's or subnets (/26 /24 /22, etc..) Put one IP or Subnet per line and comma separate them.

Step 4: Save the settings

Click Save Changes to apply the restriction.

Attempt to log in using an unauthorized IP address to confirm that access is denied.
Try logging in from an authorized IP address to verify that access has been granted.

Step 5: Adjust IIS to Implement Extra Limitations (Optional)

For an added layer of security, configure IIS to restrict access:

1. Open Internet Information Services (IIS) Manager on your server.
2. Select the SolidCP Portal site.
3. Click on IP Address and Domain Restrictions.
4. Click Add Allow Entry and enter the permitted IP addresses.
5. Set the default behavior to Deny all other IPs.
6. Click Apply and restart IIS.

Step 6: Configure Windows Firewall Rules (Optional)

To further restrict access, create a firewall rule on your Windows Server:

1. Open Windows Defender Firewall with Advanced Security.
2. Click on Inbound Rules in the left pane.
3. Click New Rule on the right-hand side.
4. Select Custom and click Next.
5. Choose This program path and select the SolidCP executable (if applicable), or select All programs.
6. Click Next and choose These IP addresses under "Which remote IP addresses does this rule apply to?".
7. Click Add, enter the allowed IP addresses, and click OK.
8. Click Next, select Allow the connection, and click Next.
9. Select when the rule applies (Domain, Private, or Public networks) and click Next.
10. Name the rule (e.g., "SolidCP Admin IP Restriction") and click Finish. It would only allow the mentioned IP to access Solid CP.

Conclusion

Limiting administrator access by IP within SolidCP is an efficient strategy to enhance security and minimize the chances of unauthorized access. By configuring these settings in both SolidCP and IIS, you can bolster protection for your hosting environment against cyber threats. Adhering to these guidelines ensures that only trusted networks have management capabilities over your SolidCP instance, thus aiding in the preservation of a secure and dependable hosting environment.