cPanel Forums

vikas · #1 (**permalink**) 12-04-2002, 06:47 PM

Is there a way to have a web interface login for cpanel like hotmail.com front page instead of the dialog box that displays the users name and password.

Is there some way to pass on the users name and password to the cpanel (actually .htaccess) users name and password box.

Thanks for all your help.

PB

vikas · #2 (**permalink**) 12-04-2002, 06:51 PM

Is there a more secure way, it shows the users name and password which I don't want it too.

Password in particular, its a bad idea to do it.

bmcpanel · #3 (**permalink**) 12-04-2002, 11:44 PM

Use SSL....

&https://$user:$password@domain.com:2083&

haze · #4 (**permalink**) 12-05-2002, 12:48 AM

Whether you use SSL or not, its still going to cache your username and password.. its not secure either way.

dgbaker · #5 (**permalink**) 12-05-2002, 07:40 AM

Even when you use the normal login, the password is cached, phpinfo for example shows the password in clear text as REMOTE_PASSWORD

Website Rob · #6 (**permalink**) 12-05-2002, 08:39 AM

It was my understanding that by using the .htacces method, which is the normal way, once the Browser or all open Browser windows have been closed, the ID & PW are not saved in Browser History -- as they are by any other means of access.

So once closed and upon restarting the Browser, although the URL is retained in Browser History the ID & PW are not -- which they probably would be using any other means of access, other then .htaccess.

This problem and what is described above, also apply to both Web based Email programs and is something to be mentioned to all Clients.

ehsan · #7 (**permalink**) 12-05-2002, 12:09 PM

post it to frame!
it won't show password in IE bar then.

if that is the case...

dgbaker · #8 (**permalink**) 12-05-2002, 12:34 PM

But you can still break out of frames.

Website Rob · #9 (**permalink**) 12-05-2002, 12:49 PM

Other than using .htaccess, there really is no other safe method for accessing the CP. If, for whatever reason, one wants to by-pass that safeguard, then install a 3rd party File Mgr. script and be done with it.

By-passing the CP altogether is much safer than trying to by-pass the safeguards used, for accessing the CP.

eldar · #10 (**permalink**) 12-11-2002, 08:54 AM

I want to do this too...I had hoped to be able to reboot my servers from my cell phone, but the .htaccess method kills my phone browser...

sky · #11 (**permalink**) 12-11-2002, 11:02 AM

ahhh that is but a simple issue ...

just write a wap page that has it's own authentication methods and then link to a reboot script :P

iain-pczap.net · #12 (**permalink**) 12-28-2002, 06:19 PM

Quoting:
--------------------------------------------------------------
sure create a script that passes:

http://$user:$pass@domain.com:2082

--------------------------------------------------------------

I'm a little thick...any chance of someone telling me how to do this? :$ - embarassed smiley

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode