Urgent Assistance Required! - Client access appears identical to root/Admin

[lukeydook]

I need urgent assistance.

For some reason about 75% of my clients accounts, when they login, they are root and can view all accounts!

Luckily, I have honest clients who have let me know.

Any ideas anyone?

[javiercampos]

I need urgent assistance.

For some reason about 75% of my clients accounts, when they login, they are root and can view all accounts!

Luckily, I have honest clients who have let me know.

Any ideas anyone?

would recommend running the following command:

/scripts/upcp --force

If the problem persists, you should check the permissions on Reseller center.
Also you can contact me at msn javiercampos@espacioweb.cl

[lukeydook]

Thankyou very much.

Going to try this now.

[Infopro]

I need urgent assistance.

For some reason about 75% of my clients accounts, when they login, they are root and can view all accounts!

Luckily, I have honest clients who have let me know.

Any ideas anyone?

When they login, where, exactly? And how do they know they've got root privileges?

[lukeydook]

When they login, where, exactly? And how do they know they've got root privileges?

It is asif they have logged in as root.

It says "You are logged in as root" and it shows the accounts in a dropdown above the main cpanel icons as it would if you were logged into root.

It is asthough the accounts have root access, yet not all of the accounts have this - only about 75%

I've logged in with their details to check and it does the same.

[lukeydook]

would recommend running the following command:

/scripts/upcp --force

If the problem persists, you should check the permissions on Reseller center.
Also you can contact me at msn javiercampos@espacioweb.cl

Just so you are aware, this did NOT fix the issue.

[Infopro]

What version of cPanel? I don't have a server running anything less than CURRENT here.

In Tweak Settings > System tab > Accounts that can access a cPanel user account, whats that set to on yours?

Previous versions it was titled "Disable login with root or reseller password into the users' cPanel interface"

I'd disable this, or set it to cPanel User Only (depending on your version of cPanel) for now. Next go check who owns the accounts who believe they have root. Are these all reseller accounts by chance?

[cPanelDon]

It is asif they have logged in as root.

It says "You are logged in as root" and it shows the accounts in a dropdown above the main cpanel icons as it would if you were logged into root.

It is asthough the accounts have root access, yet not all of the accounts have this - only about 75%

I've logged in with their details to check and it does the same.

Please ensure that no other user or reseller has the password as root; to accomplish this, I recommend using the password generator to create a new root password of sufficient strength.

Alternatively, as Infopro mentioned, you may restrict using the root password to login as a user in cPanel & WHM (i.e., using the root password instead of the cPanel user's password).

Here is the applicable menu path for cPanel & WHM version 11.28, specifically in WebHost Manager, with linked documentation:
WHM: Main >> Server Configuration >> Tweak Settings >> System
Accounts that can access a cPanel user account: [?] This setting specifies who can access a user’s cPanel account. Account-Owner refers to the particular reseller that owns the user account.

• Root, Account-Owner, and cPanel User default
• Account-Owner and cPanel User Only
• cPanel User Only