How to secure access to the resellers control panel and Openprovider API?
Basics of securing your account
Protecting the reseller account is important. With access to this account the reseller can change all settings on the domain name and have full access to the DNS. Making sure that only the right people can access it and make changes is vital.
Naturally Openprovider recommend choosing a strong password. Don't focus too much on special characters and such, the most important thing is to make it hard to guess and not too short. The password 'openprovideruser' too easy to guess, choosing something like 'whatdoyougetifyoumultiplysixbynine42' is a lot more secure and still easy to remember.
One of the strongest forms of protection from outsiders accessing the reseller account is limiting which IP addresses are allowed to log on.
The reseller has the choice to limit a specific user to log on via the RCP (Reseller Control Panel) or the API only from specific IP addresses, or block access from specific addresses.
Configuring a white-/blacklist entry
To configure an user to use the white-/blacklisting functionality, The reseller will first need to find the contact what should be limit in the control panel. The list of the active users in the account can be found by navigating to Account > Account Overview > Contact Person Or, simply go there directly by clicking here!
On this page, select the user which need to be edited by clicking on Modify on the next page that loads. Now scroll down to the end of the page and there are two blocks for the RCP and API white-/blacklisting.
In these example screenshots the reseller has allowed access to both API and RCP only from the IP 22.214.171.124. At the same time the reseller has disallowed access from 126.96.36.199.
Remember. If the reseller add someone to the whitelist, only people attempting to log on from that specific IP will be granted access. All logon attempts from different sources will be declined. If the reseller only add an IP in the blacklist, only that single IP is prevented from logging on, other IPs can still access the reseller account when they have the right credentials.
In all lists, the use of wildcards is allowed. For example, white listing IP address 93.180.69.* allows any connection from IP addresses 188.8.131.52 to 184.108.40.206. IPv6 is supported as well.