LinkBack URL
About LinkBacksCan someone please tell me how to enable login to WHM/CPanel via https instead of http? My hosting provider gave me a http login url to the server.
Ie:
https://domain.com:2086/
rather than:
http://domain.com:2086/
https login instead of http?
Can someone please tell me how to enable login to WHM/CPanel via https instead of http? My hosting provider gave me a http login url to the server.
Ie:
https://domain.com:2086/
rather than:
http://domain.com:2086/
I use
http://www.domain.com:2082 for non secure
and
https://www.domain.com:2083 for secure
Same user/pass for both
Re: https login instead of http?
Hi,Originally posted by roax66
Can someone please tell me how to enable login to WHM/CPanel via https instead of http? My hosting provider gave me a http login url to the server.
Ie:
https://domain.com:2086/
rather than:
http://domain.com:2086/
Usually I'll ask clients to use this links:
https://IPADDRESS:2083 for secure login to cPanel
https://IPADDRESS:2087 for secure WHM (Reseller)
https://IPADDRESS:2096 for secure WebMail Access.
You can also replace the IPADDRESS with the real domain name too.
Rgds,
Vincent Kam
http://www.eazistore.com
Many thanks for your help. Using :2083 & :2087 for secure cPanel & WHM respectively works fine for me.
But when I login into WHM using secure mode and click "List accounts" link, the links to the respective accounts are using nonsecure :2082. Is it possible to configure these links to use secure :2083?
List Account Links
Hi again roax66,Originally posted by roax66
Many thanks for your help. Using :2083 & :2087 for secure cPanel & WHM respectively works fine for me.
But when I login into WHM using secure mode and click "List accounts" link, the links to the respective accounts are using nonsecure :2082. Is it possible to configure these links to use secure :2083?
When you access to WHM and click List Account, the clickable DOMAIN will point you directly to their website and not to their cPanel.
If you want to access to your clients cPanel, you can type:
USER ID: their ID
PASSWORD: your root password
I am not too sure if I answer your answer correctly.
Rgds,
Vincent Kam
http://www.eazistore.com/
Let me clarify:
I click "List Accounts". In the column cPanel I can click the link to the respective account cPanel. But these links are http, not https? They should be https://accountdomain.com:2083 and not http://accountdomain.com:2082?
Re: Re: https login instead of http?
But if I use IPADDRESS in https link I have an secure alert because I don't use the domain name..Originally posted by eazistore
...
Usually I'll ask clients to use this links:
https://IPADDRESS:2083 for secure login to cPanel
...
I have a reseller account, and I can't use any other domain name without to have this alert about security. I ask to my host if I can use my SSL cert but they said WHM can use only one SSL cert... Right ?
Thanks,
David.
If you have root access to WHM go to Tweak Settings page and select (down at the bottom of the list):
"When users access /cpanel or /whm or /webmail on their domain redirect them to the https(ssl) port instead of the insecure one".
If no root access then ask your provider to set this setting for you and all their clients. This really should be made the default by cPanel.
Then there is no need to have to tell clients to use secure login it should redirect them to the respective secure port for login. Give it a try.
http://domain.tld/whm redirects to https://domain.tld/whm
http://domainip/whm redirects to https://domainip/whm
http://domain.tld:2086 does not redirect to https://domain.tld:2087
These port defined urls are a manual form of sending the address and have no need for a redirection.
The search feature of this forum is truly your friend.
HTH
I don't think making secure port a standard is a good idea. We've had more problems with using the secure port than standard port. For one, all cpanel secure ports are blocked by the corporate firewall I sit behind, and for another, the annoying ssl popup window got to be annoying for some people, so it was easier to disable forcing ssl and let customers choose which one to use.
"The annoying ssl popup window got to be annoying for some people" is a real problem indeed. It's because that I would like to use my own SSL cert. I'm afraid to ask my customers to login a control panel with http, it's too easy to catch the pwd..
David.
Typically its easier to have people login to theirdomain.com, but unless they have a cert, they're going to get that popup. About the only way around that is to sent them to another domain on the server with a cert, like the server.doman.com which can be confusing to some people. Without using ssl, they can log into their own domain without the popups.
I agree with you here alex042,Originally posted by alex042
I don't think making secure port a standard is a good idea. We've had more problems with using the secure port than standard port. For one, all cpanel secure ports are blocked by the corporate firewall I sit behind, and for another, the annoying ssl popup window got to be annoying for some people, so it was easier to disable forcing ssl and let customers choose which one to use.
Most of corporate clients have a firewall within their server.
They cannot access to https://domain.com:2087
Unless they user is allow to use a TELNET to open their port to allow access to port 2087 or 2083 and even 8443
Rgds,
Vincent Kam
http://www.eazistore.com/
What it should do when SSL only is enabled is to redirect to your server domain (with the valid certificate) and have them login with their info. They'll still login to their account and everything, but it'll accept the SSL cert by default since the domain will match across the board. Should be an option when enabling forced ssl to redirect to server domain.
Reply With Quote