BUGS? Unlimited bw/space on reseller accounts without allowing them to...

[cass]

Okey... after seeing some things made by a couple of my resellers, I start to investigate some things ...
So I make some things ... :

1) Create a Reseller with 1Mbyte Space + 1Mbyte Bandwidth
Using some kind of "default" options I use for resellers....
*** A set of defaults for resellers will be VERY NICE, I hate to make all those clicks every time. Come on, this is being asked for at least a year to be done ...
Note : Options "Account Modification, Bandwidth Limiting and Quota Modification" are ON ... IP, SSH,etc are Off.

2) Create a Package "test1" .... with "unlimited" bandwidth. It dont show ANY warning, but when you edit the package it say "1" (1 Mbyte)
** It should not let you create "unlimited" but with a value if the reseller is not allowed to create unlimited things.
(I know it actually dont create it unlimited, but a warning will be very nice there)
On the other hand ... when you create the package the Shell Access shows as "No" (what is correct, as the reseller is not allowed to do it)
but when you go to EDIT packages ... the "Shell Access" instead of say "No" can be chequed ...
if you check it, it "looks" like it was changed, but when you go again to edit is not checked again ... better to just put "No" as with IP.

3) Create an account with this package.... when selecting the package, The quota shows okey (1Mb)
and the Bandwidth shows as "1".

Now the funny part ...
This reseller have 1 Mbyte of Space and 1 Mbyte of Bandwidth .... right?
I have created a 1Mb/1Mb plan, and assigned it to an account, so this reseller is out of resources ok?

now ...
the reseller goes to "quota modification" ... and set the quota to : 10 Mb ....

# quota testcom
Disk quotas for user testcom (uid 32006):
Filesystem blocks quota limit grace files quota limit grace
/dev/hda8 404 10240 10240 57 0 0
/dev/hda2 8 10240 10240 2 0 0
/dev/hda3 4 10240 10240 2 0 0

Damn it worked ... (we are 9 Mb over the reseller quota...)
okey, let's play a little higher...
Now instead of "10" I put the word "unlimited" or "0" and voilá!

# quota testcom
Disk quotas for user testcom (uid 32006): none

Too bad ....
let's try with bandwidth ...
then the reseller goes to "Limit Bandwidth Usage" .... and put "unlimited" or "0" again ...

testcom's bandwidth limit has been set to unlimited meg.

Bandwidth limit (0) is lower then () (all limits removed)

Enabling test.com...Done

Limit Change Complete

voilá...
now going to View Bandwidth Usage ... what we have?
User Domain Megabytes Gigabytes Bandwidth Limit (Meg)
testcom test.com 0.000000 0.000000 no limit

(read... it say NO LIMIT!!!!!)

imagine you give 1 Gb and 20Gb bandwidth to someone ...
then he creates 100 accounts of 10 Mb Space + 200 Mb Bandwidth ....
goes to Quota modification and make all the accounts "unlimited"
and also goes to Bandwidth Limit and make all the accounts as "unlimited" ....

Also ... ANY account with "Account Modification (warning: this will allow circumvention of account creation limits, give shell access, dedicated ips, etc)" Enabled... could make a lot of things ....
With "Allow Creation of Packages with a Dedicated IP" OFF (not checked!!!)
It allows it !!! ... (so I Acc.Mod. is over everything ...?)
So, I always need to go to "Manage Reseller Ip Delagation" and allow them to use only it's main ip (this way, at least dont use MY ips...)
if for any case the reseller create an account with a dedicated IP that's the same as their Main Shared IP, all the FTP's will try to login to the IP based account.
*** Why put something that dont let you create a IP Based Account over your Main Shared IP ?


but Quota Modification and Bandwidth Limiting are VERY DANGEROUS ... anyone could eat all your bandwidth and go far over the limits with this.

And the "Account Modification" ... is nice, I mean ... it's nice to let you modify an account (change domain, change lang, or cpanel theme, or anything ...) but it's dangerous in some way ....
I want to let resellers modify accounts, without letting them use Dedicated IPs if they are not allowed to, etc. ... is this too hard to do?

Another good thing ... would be that resellers CANT delete it's OWN ACCOUNTS, then we can just make them own it's own accounts.

Well... any comments?
Can anyone try the same ... and confirm what I'm saying?
I'm using Build : 6.4.2-E40
Also, the default WHM theme...

What could we do ?

cPanel.net Support Ticket Number:

[cass]

I've actually checked everything ... and the facts are :

1) Any reseller allowed to use "Quota Modification" can fill your hard disk.
2) Any reseller allowed to use "Bandwidth Limiting" can use all your available bandwidth.
3) Any reseller with "Account Modification" can create IP based accounts, no worry if "allow creation of IP based accounts" is Not checked.

I think I need to submit a ticket ...
what do you think?

cPanel.net Support Ticket Number:

[techark]

That has been a bug for a while. I submitted a ticket on it a year ago. Never heard anything.

It also screws the resellers quotas up. If they create an account based on a package and then later change the quotas using Quota or bandwidth limits they are still charged with the amount from the package.

In other words it works both ways. If they create an account with a package of 100 meg and 1000 meg and later change the bandwidth to 500 meg using the Limit bandwidth link they are still charged with allocating 1000 meg of their reseller allocation and the account can only use 500 meg leaving 500 meg in mid air somewhere. I have had many tickets opened where resellers have ran out of space and transfer but swear they only allocated half of it. The only way to fix it is to do a reset of all accounts back to package limits.

It is bad bug that cuts both ways. That is why I no longer allow Quota Modification or Bandwidth limits on reseller accounts forces them to use packages and upgrade downgrade accounts to change limits. Pain for them but keeps the books straight.

cPanel.net Support Ticket Number:

[cass]

Hum... that's bad.

So, every account neds to be managed from the packages...
also, what have you done with the "Account Modification" thing?
Do you enable it on your resellers?

I have a big problem here ...
cause ...

Enabling account modification is were you can change the language for example as well as other things like username... theme... etc.
I have more than one spanish reseller for example ... what they need to do is to create an account, and then modify them to change the lang to spanish.
But the modify account thing also comes with the problem that it enable a lot of things on the create account form, like resellers to be able to use all IPs on server to create IP based sites when they are supposed to NOT do it....

Well... that's becoming to be a pain ....

Regards.

cPanel.net Support Ticket Number:

[sexy_guy]

** BUMP **

Has this problem been fixed? Some of my resellers are setting quotas on their resold sites to unlimited!

cPanel.net Support Ticket Number:

[X-Istencedotcom]

Nope, it hasnt been fixed.

cPanel.net Support Ticket Number:

[sexy_guy]

And why not?

cPanel.net Support Ticket Number:

[techark]

This has nothing to do with that check box. Re read the thread it is in reference to Quota Modifications and Bandwidth Limit links.

cPanel.net Support Ticket Number:

[techark]

Well tell you what set me up a reseller account on your server with 1 meg of space and 1 meg of transfer and do not check that box but check the boxes that allow Quota Mods and Bandwidth limiting and I will show you I can use every bit of disk space and bandwidth on your server.

Monte

cPanel.net Support Ticket Number:

[cass]

Well... as you should already know, now Quota Modification & Bandwidht Limiting have WARNING on the checkbox....

We know this is not a solution.... but at least now it warns you...

What will be good ?
An option to allow Quota Modification & Bandwidth Limiting withing their limits (dunno. a check box or something ...)
Maybe something like :

[ ] Quota Modification
[ ] Quota Modification (Without Overselling)

same for bandwidth limiting ...
you know, maybe of 20 resellers you just trust 1 of them to allow it to oversell something cause at end of month they will change their package or pay for it ....


Also.... about "Account Modification" .... there's some kind of bug... or bad logic on it ... why? ... simple

This really isnt a 'bug' notice what is directly next to it:

Account Modification (warning: this will allow circumvention of account creation limits, give shell access, dedicated ips, etc)

Okey, when you see the warning, you DONT CHECK that box right?
then... your reseller "Create a new Account" looks very clean (just let them create accounts using packages configuration).

But... the bad thing is that in the "Modify Account" link is where you can modify :
1) DOMAIN NAME (could be critical in some circuntances...)
2) USERNAME (not critical...)
3) THEME (could be critical on some circ.)
4) LANGUAGE (very critical... why? ... keep reading)

When you CREATE an new account, there is NO WAY you can define what language this account will use.
So, for every non-english reseller I need to enable this ... too bad, cause they access to a CREATE NEW ACCOUNT options that I really dont want to be there ....

Anyway ...
I see no reply of admin here about this ...
Any solution ?

Regards.

cPanel.net Support Ticket Number:

[sexy_guy]

So if you user needs to modify his sites quote or bandwidth up or down and you have the above two checkboxes unchecked how are they supposed to do this?

cPanel.net Support Ticket Number:

[techark]

They have to create a new package or edit the one the account is on. Dumb and a pain in the a** but that is the only way to keep a reseller from having unlimted resources.

cPanel.net Support Ticket Number:

[Christleo]

My problem is just the quota,

For what i do,

DISABLE QUOTA MODIFICATION until cpanle have fixed.... now lastet version 7.0 i still have this "bug"

I hope cpanel could fix that ASAP..

cPanel.net Support Ticket Number:

[erwinfa]

How about latest version ? Do this bug still coming ?

cPanel.net Support Ticket Number:

[sexy_guy]

If you disable quota mod for resellers how the hell are reseller clients going to be able to adjust their over bandwidth clients at the end of the month? Upgrading/downgrading does not fix this.

I agree, this bug is way to old and should have been fixed months ago.

cPanel.net Support Ticket Number: