Changing iLO HTTP(S) port via SSH

In some instances a (malicious) user may have changed the ports iLO's web services are being ran on. This is usually accompanied by an iLO breach on lower firmware (<2.52) and/or a public IP address.
Luckily, in most cases, SSH is still running one the default port, and may be used to restore the web server ports.

First, an SSH connection would have to be started to iLO. Credentials for this shell are the same as the web interface.

Now, we may navigate through the folders and change the correct setting.
Please keep in mind after every change you make iLO will reboot. (The server or OS itself are unaffected and won't reboot)

cd map1
cd config1
set oemhp_sslport=443


set oemhp_httpport=80

As mentioned, iLO will now restart to take the changes into effect, and the web interface should be reachable again via the correct ports within a few seconds. 

Now would also be a good time to ensure there are no extra users set up via the User Administration tab in the web interface.
Only one administrator account should remain, which are usually called "Administrator" or "admin". Accounts like "hp" or "hpadm" are often malicious.

No Comments
Back to top