need to use https for Cpanel

**medeano** · 05-21-2010 10:21 AM

Hi to all hope anyone can help and advise please i have done a mcafee pci scan on my site and it came back with 2 problems the one problem said-

Vulnerability: Unencrypted Login Information Disclosure

Description
The remote host appears to allow logins over unencrypted (HTTP) connections. This means that a user's login information is sent over the internet in clear text. An attacker may be able to uncover login names and passwords by sniffing network traffic.

General Solution
Plain-text protocols should never by used to transmit sensitive information over the Internet. When passing login information to the web server, use HTTPS (SSLv3, TLS 1) instead of HTTP.

Since i login to my website using https i know its not this, i asked wesh hosting who iam with and they just said put a "S" after http but that doesn't work surely its something they have to do their end..

My Cpanel version is - 11.25.0-CURRENT

Iam not clued up on these things could anyone kindly advise please

Many thanks

**Infopro** · 05-21-2010 03:01 PM

In your WHM > Tweak Settings > Redirection section you'll see some settings you might find useful, like this one:

Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc.

**medeano** · 05-21-2010 03:38 PM

sorry to sound really thick but were do i find the WHM > Tweak Settings >
Iam totaly out my depth with this stuff....

Many thanks

**JawadArshad** · 05-21-2010 06:01 PM

Originally Posted by medeano

sorry to sound really thick but were do i find the WHM > Tweak Settings >
Iam totaly out my depth with this stuff....

Many thanks

Do you have administrator access of this server. WHM is the administrator panel and you can access it at https://yourserverIP:2087 after replacing 'yourserverIP' with the actual IP of your server. root user/pass will work at this URL.

**Infopro** · 05-21-2010 08:28 PM

Originally Posted by medeano

sorry to sound really thick but were do i find the WHM > Tweak Settings >
Iam totaly out my depth with this stuff....

Many thanks

You might do better to speak with your host, I'm sure they can assist you with this.

**medeano** · 05-22-2010 04:10 AM

Hi thanks for everyones help, i tried the https://yourserverIP:2087 but the user name and password that i orginaly use for my Cpanel doesn't work here, i contacted my hosting company and see what ifno they come back with this time...

**crazyaboutlinux** · 05-22-2010 06:16 AM

Originally Posted by medeano

Hi thanks for everyones help, i tried the https://yourserverIP:2087 but the user name and password that i orginaly use for my Cpanel doesn't work here, i contacted my hosting company and see what ifno they come back with this time...

You can not login in WHM using cPanel user name & password. you can access by having root password https://yourserverIP:2087

https://yourserverIP:2087 (WHM)
https://yourserverIP:2083 (cPanel)
https://yourserverIP:2096 (webmail)

LinkBack

Thread Tools

need to use https for Cpanel

cpanel https

cpanel via https

HTTPS On Cpanel -Help-

HTTPS en cPanel

cpanel and https