cPanel is not designed to run behind a NAT, therefore if you decide to go that way you won’t get any help from cPanel support techs, it is not officialy supported. Many people have done it. I personaly do it manualy by changing the IP configuration and DNS Zones, but for those with less Linux/DNS knowledge, here is a great script that helps you run cPanel & WHM behind a NAT (router with internal IP for example 192.168.0.x)
create the script by pasting source from bellow or downloading from link above
as root go to /var/cpanel/scripts and type vi wwwact_nat.sh (paste the script), then :wq! to save it.
then type chmod 0755 wwwact_nat.sh
and then run with sh wwwact_nat.sh
How to use
Script is very self-explanatory, Run the initial configuration first, then create a domain etc. If any problems, feel free to comment 🙂
Script Source Code
This KB was written to provide some insight into a problem many people face when running their own sites/servers: running cPanel behind NAT.
We’ve been over at the cPanel forums and have read the many posts about how “cPanel does not support NAT configurations in any way.” This may be true. But what they’re saying is that cPanel, the company, does not support NAT – meaning they do not provide technical support/assistance with your NAT setup. Some posts go as far as saying a NAT’d cPanel server won’t work. Well… it does. Here’s what we did to get it working (CentOS 6, 64-Bit):
What’s really odd about this whole thing? The solution came from cPanel and was published in the Forums.
Download the cPanel script from gitHub
This script is designed to help you run cPanel/WHM behind a NAT/ROUTER Based network 192.168.x.xxx take Extra Caution when using this script. You may also want to view the readme.md file under gitHub.
Install the Script
Login to your cPanel server via SSH
cd to /scripts
create the file wwwacct_nat.sh
edit the file and copy the contents of the script you downloaded
OR you can also FTP the script to this location.
Set permissions of the script
Do not forget to set the permissions on the script so it can execute.
root@perseus [/scripts]# chmod 755 wwwacct_nat.sh
When you first run the script, it will attempt to ascertain the external and internal IP’s. You will need to confirm the IP’s are correct. If they are not, you need to set your Shared IP in the Basic Setup of cPanel and re-run the script.
First Time Setup
Now you will need to run the First Time Setup under Option 1). This will make adjustments to your Zone Files as needed.
Adding a New Account
Since you are running behind NAT, you will not be able to use the WHM Admin UI to add or remove accounts. This should now all be done via the new script.
Using Option 3) we will add a new account.
What is the domain name you would like to setup?
What username would you like to setup?
What password would you like to setup?
Preparing DNS Zones For WAN IP
Backups Exist Copying To Main Folder For Setup
Setting Up Zone Templates With 18.104.22.168
This ok? y
Dns Zone check is enabled.
Bind reloading on perseus using rndc zone: [spicecentral.net]
Check your new Zone File
Login to your WHM UI and go to DNS Functions -> Edit DNS Zone
Select the newly created domain and click EDIT.
Now verify the Public IP address is present in the Zone File and not the NAT’d IP.
Change any IP addresses that may not be correct in the Zone File. If there are corrections to make, then you will need to manually adjust your Zone File Template for the standardvirtualftp Zone Template.
Deleting an Account
Remember, you shouldn’t delete an account through your WHM UI if you are using this script.
We will use Option 4) to delete the account we just created.
you will be promoted for the user you wish to delete from the system. You must type in the user name you want to delete.
forsythp insspec jimks kitcom kitllc kitpro secc spice triplej
There may be some final tweaking, but these steps got our server up and running behind a NAT Firewall running DNS, Email, HTTP, SSH, FTP, WHM, cPanel. We wouldn’t recommend this configuration for a server you plan on using as an auto-provisioned hosting server for clients. Perhaps with a little more tweaking of scripts, etc. you can get it perfected.