New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
cPanel Server port 53 locked - can DNS be resolved on DNS Only?
Hi,
I just want to see if this is possible:
I want to install cPanel on my personal server at home but my ISP has port 53 locked. Can I connect that server to others DNS Only servers to share the DNS and resolve it there? I just want to make sure I won't need port 53 before starting to migrate things.
I want to make full use of cPanel and not have to trouble to configure every DNS entry manually.
Thanks in advance
Comments
They didn't block 53 completely, probably just force you to use their DNS servers. Set their resolvers up on the server and you should be set. Should be easily found in your router config.
You absolutely need outbound UDP/53 to work on that server. If for nothing more than reverse lookups performed by web server, SSH, and exim. The last of those three you can't sacrifice without huge loss, in the way of not checking incoming mail for spam.
Outbound 53 is clear, only inbound is locked according to them.
I have pfsense managing my NAT network and even after opening the port I can't connect to it.
Oh inbound. Yeah then you can use a DNS only install elsewhere and make sure that's your nameserver.
I've just remembered that I won't be able to change rDNS... Will that affect email a lot? :x
Yeah you'll want to route mail through another server too.
Won't a GRE Tunnel work? Honestly I rather do that since the idea is to keep budget down :b
Thanks in advance btw
I suppose that'd work
I'd consider an ISP forcing me to use only their DNS server to be a deal breaker...you need to either find a new ISP or VPN out.
If they can force you to use their DNS, then they can also
(1) block anything they want (torrents, sites critical of that ISP, etc.)
(2) redirect and impersonate anything
(3) land you on an obnoxious advertising page if something doesn't resolve
...not to mention, it's a fantastic vulnerability if they're ever compromised.
Etc. It's coercive, unwise, and just wrong.
Are you NATted at home (like 99% of users)? If so, how is cPanel going to activate?
Maybe things have changed but last time I admin'd cPanel, it expected its IP to be a publicly routable address.
@raindog308 I'm not forced to use their DNS. I just can't open port 53 from outside to inside so I can't create a DNS server from the inside but I can connect to others. Actually I'm using Google's DNS right now to unlock some website blocks :P
I have NAT routing inside my house but according to their documentation 1:1 NAT is already supported (https://documentation.cpanel.net/display/ALD/1:1+NAT) and if I create a GRE Tunnel I think I can set the final IP as the public cPanel IP.
I really hope so you are just playing with cpanel. Hosting business in a home connection is just wrong, mate.
It's for personal use and friends only don't worry