This page provides an overview of the IP Addresses used by Memset for Support Access, Automation, Monitoring and our Additional products (e.g. Intrusion Detection, Vulnerability Scanning etc), it also details the Ports required for normal access. This may vary slightly depending on your Operating System.

Access and Monitoring Details

By default these IPs and Ports will be whitelisted in all Memset Stock Images on our Cloud VPSs and Dedicated Servers, we strongly recommend that you whitelist these IPs in all third party firewalling and similar.

IP Address / RangePurposecPanelLinuxWindowsAdditional Comments

5.153.255.250/32

or

5.153.255.248/29

Memset Support Access
  • 21 (FTP)
  • 22 (SSH)
  • 80 (HTTP)
  • 443 (HTTPS)
  • 2078 (cPanel WebDisk)
  • 2083 (cPanel)
  • 2087 (WHM)
  • 2096 (cPanel WebMail)
  • 3306 (MySQL)
  • 21 (FTP)
  • 22 (SSH)
  • 80 (HTTP)
  • 443 (HTTPS)
  • 3306 (MySQL)
  • 21 (FTP)
  • 22 (SSH) [Optional]
  • 80 (HTTP)
  • 443 (HTTPS)
  • 1443 (MS SQL)
  • 3389 (RDP)
  • 5986 (WinRM)

These IPs are the main IPs used by the Memset Support Team to assist with any Technical Queries raised.

Where possible allowing access to all Ports (TCP/UDP) for your server from this IP will assist us to diagnose and resolve any issues you may be experiencing. 

Additionally, it is also recommended to allow any other ports for services you commonly use / require support with, to ensure we have access.

10.128.10.0/23Memset Support Access
  • 22 (SSH)
  • 2087 (WHM)
  • 22 (SSH)
  • 22 (SSH) [Optional]
  • 3389 (RDP)
  • 5986 (WinRM)
It is also advisable to allow access to Ports 80 and 443 from this IP Range as well so that we can view any websites hosted on your servers if required, However this is not essential for this IP Range.

5.153.255.0/29

5.153.254.13

5.153.254.115

5.153.254.130

89.200.136.76

Memset Automation & Support Access
  • 22 (SSH)
  • 2087 (WHM)
  • 22 (SSH)
  • 22 (SSH) [Optional]
  • 5986 (WinRM)







Additional Services

This table looks at the additional Services available, including Memset Monitoring, Managed Backups, Intrusion Detection, Vulnerability Management and more.

IP Address / RangePurposePorts to AllowAdditional Comments

10.128.247.0/24

78.31.111.102

89.200.136.31

Memset Monitoring
  • 80 (HTTP)
  • 161 (SNMP)
  • 443 (HTTPS)
  • 10050 (Zabbix Monitoring Agent)
  • Additional Ports as Configured in your Monitoring
Where possible for this IP Range we would recommend allowing all TCP / UDP / ICMP Traffic to prevent uninterrupted monitoring and to minimise False Positives.

78.31.111.102

89.200.136.31

Memset Monitoring

(Additional for Dedicated Servers or for Servers with Advanced Monitoring Enabled)

  • 5666 (Nagios Agent)

Nagios Remote Plugin used for Advanced Monitoring Rules (e.g. Server Load, Disk Space, etc.) and RAID Array Monitoring in Dedicated Servers.

All IPs Listed for;

  • Memset Monitoring
  • Memset Support
  • Memset Automation & Support Access
DRAC's (for Dedicated Servers)
  • 22 (SSH)
  • 80 (HTTP)
  • 443 (HTTPS)
  • 3668 (Virtual Media Server)
  • 3669 (Virtual Media Server SSL)
  • 5869 (Remote RACADM SPCMP Server)
  • 5900 (Console Redirection / VNC)
  • 5901 (Console Redirection / VNC)

This is only applicable for Dedicated Servers with a DRAC, these Ports need to be open within the Firewall Associated with the DRAC to allow access.

By default the Memset Firewalls will allow access to these Ports as required to the Memset Monitoring System and Memset Support Team.

All IPs Listed for;

  • Memset Monitoring
  • Memset Support
  • Memset Automation & Support Access
File Fabric (SME) Appliance
  • 22 (SSH)
  • 443 (HTTPS)
  • 8080 (Configuration Interface)

See Comments

Managed Backups

(for R1Soft Backups Only)

  • 1167 (R1Soft Backup Agent)

At present there is no fixed range of IPs used for our Memset Managed Backups, as such the IP used will vary.

To determine the Backup IP in use for your server, you can run a DNS Lookup using the below format (replacing "<SERVERNAME>" with your Memset Server Name e.g. "demoaa1";

#Cloud VPS Servers;
host backup.<SERVERNAME>.miniserver.com

#Dedicated Servers;
host backup.<SERVERNAME>.memset.net
BASH

This will display the IP address of the Backup Server in use for this server.

If you are unable to do this, or require further assistance, please contact our Technical Support Team.

5.153.254.133

5.153.250.174

31.25.190.98

37.128.134.250

77.73.1.217

Intrusion Detection
  • 1514 (OSSEC Agent) [UDP]
This is an Outgoing Rule and should only be needed if you are running a Stateless Firewall, or have specific Outgoing Port Restrictions configured in your Firewall.
5.153.253.153Vulnerability ManagementAll TCP, UDP, ICMP

This is used by our F-Secure Radar Vulnerability Scanning as part of our Vulnerability Management product.

For accurate / complete scan results, all Ports should be accessible from this IP Address.

See CommentsWebsite Firewall Platform
  • 80 (HTTP)
  • 443 (HTTPS)
  • Any Additional Ports as required by your Wesbite

For your Website Firewall Platform you should allow the Firewall IPs access to your server, details on where to obtain these IPs can be found here.

Where possible for these IP Ranges we would recommend allowing all TCP / UDP / ICMP Traffic to prevent uninterrupted access to your Websites

Unless stated otherwise all Ports listed above are of the the TCP Type and for Incoming Traffic.

ICMP (Ping) Traffic

We also strongly recommend that you allow ICMP (Ping) Traffic from each of these IPs listed above, this allows us to check whether the server is responding to ping requests from anyone of our services.



SSH Key

Our Public SSH key can be added to any Server as required (with SSH Access), to allow us access to that server.

The Memset Public SSH key will need to be in place in the 'authorized_keys' file for the user you wish to grant us access to, the key can be downloaded from here;

Memset Public SSH Key

http://www.memset.com/downloads/memset-admin.pub
TEXT

To add this to the Root User, you would append this to;

Root Users Authorized Keys File

/root/.ssh/authorized_keys
BASH

To add this to a Custom User, you would append this to (replacing "<USER>" with the username in question;

Custom Users Authorized Keys File

/home/<USER>/.ssh/authorized_keys
/home/memset/.ssh/authorized_keys
BASH

Default Access

By default our SSH key will be pre-installed in all Linux (including cPanel) servers (with the exception of Cloud IaaS OpenStack Instances) under the "root" user.

In accordance with our Acceptable Usage Policy, Memset should have access to the server at all times, the below excerpt is from our Acceptable Usage Policy;

Customers should not tamper, hinder, delete, or in any way change the functioning of these MemsetĀ® administration methods. To do so intentionally will breach the MemsetĀ® Terms and Conditions and may affect our ability to deliver in line with the Service Level Agreement.
TEXT

If you wish to change the user this is stored under, or amend this further, please contact our Technical Support Team to discuss your requirements further.