Jump to content

"Login to Control Panel" from within WHMCS Denied


davet

Recommended Posts

I noticed a recent cPanel upgrade was automatically installed to all of our servers a few days ago.

 

WHM 11.32.2 (build 15)

 

Since then I can no longer login to cPanel directly from a customer's profile in WHMCS.

 

It tries to access the page https://cpanel5.primary001.net:2087/xfercpanel/collegeg and returns the following error:

 

==================

HTTP error 401

You do not have permission to access this page from https://interactiveonline.com/support/admin/clientshosting.php?userid=2370&id=2949.

==================

 

Any ideas how to fix this?

Link to comment
Share on other sites

  • 4 weeks later...

Here are some settings I had to change in WHM > Tweak Settings to get it working if I recall correctly.

 

Blank referrer safety check: Off

Referrer safety check: Off

Enable HTTP Authentication: Off

Security Tokens: Off

Link to comment
Share on other sites

Here are some settings I had to change in WHM > Tweak Settings to get it working if I recall correctly.

 

Blank referrer safety check: Off

Referrer safety check: Off

Enable HTTP Authentication: Off

Security Tokens: Off

 

Well that sounds like it just kills security then.. ?

Link to comment
Share on other sites

Here are some settings I had to change in WHM > Tweak Settings to get it working if I recall correctly.

 

Blank referrer safety check: Off

Referrer safety check: Off

Enable HTTP Authentication: Off

Security Tokens: Off

 

I agree. This is not a safe setting.

Link to comment
Share on other sites

Setting all of those to Off is the cPanel default (except for Security Tokens). Security Tokens was default as Off a few versions ago in cPanel.

 

Keeping those settings as described is the only way we have gotten the cPanel login to work from WHMCS.

 

Has anyone else found a better solution that allows them to turn those Tweak Settings to On instead and still allow login to cPanel from WHMCS?

Link to comment
Share on other sites

Here are some settings I had to change in WHM > Tweak Settings to get it working if I recall correctly.

 

Blank referrer safety check: Off

Referrer safety check: Off

Enable HTTP Authentication: Off

Security Tokens: Off

 

I think you meant to say "On" for all of those settings instead of "Off", as using off for "Enable HTTP Authentication" will cause login issues from the client area. Setting the other 3 to On will improve security, while only "Enable HTTP Authentication" could adversely affect it.

Link to comment
Share on other sites

@larwilliams, What I stated was correct. The default for the following is Off for WHM 11.32.2

 

Blank referrer safety check: Off

Referrer safety check: Off

Enable HTTP Authentication: Off

 

I did go ahead and turn these to On (except for HTTP Authentication), but now any login attempts from WHMCS require me to type in the root password for the server every time.

 

HTTP Authentication should be Off. There's the following warning in Tweak Settings about enabling HTTP Authentication:

 

"Enable HTTP Authentication for cPanel/WebMail/WHM Logins. This risks certain types of XSRF attacks that rely on cached HTTP Auth credentials. Disabling forces cookie authentication."

 

Also CFS > Check Server Security gives a warning about disabling HTTP Authentication if it is turned On.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated