Forums



Results 1 to 2 of 2

Thread: Disable Http Authentication for cPanel/WebMail/WHM Logins (forces cookie authenticati

  1. 06-19-2011, 06:15 AM #1
    HVH - George
    HVH - George is offline
    Member
    Join Date
    Jun 2011
    Location
    UK
    Posts
    121
    cPanel/WHM Access Level

    Root Administrator

    Default Disable Http Authentication for cPanel/WebMail/WHM Logins (forces cookie authenticati

    Hi,

    I can't find the option "Disable Http Authentication for cPanel/WebMail/WHM Logins (forces cookie authentication.)" in Tweak Settings. I've been reading a guide, and it says it's mentioned there.

    Also mentioned here.
    Security - cPanel Inc.

    Any ideas where it is?

    Thanks.
    Reply With Quote Reply With Quote
  2. 06-19-2011, 03:18 PM #2
    cPanelTristan
    cPanelTristan is offline
    cPanel Staff cPanelTristan's Avatar
    Join Date
    Oct 2010
    Location
    somewhere over the rainbow
    Posts
    7,611
    cPanel/WHM Access Level

    Root Administrator

    Default Re: Disable Http Authentication for cPanel/WebMail/WHM Logins (forces cookie authenti

    In WHM > Tweak Settings, this is now labeled as the following:

    Enable HTTP Authentication [?]
    Enable HTTP Authentication for cPanel/WebMail/WHM Logins. This risks certain types of XSRF attacks that rely on cached HTTP Auth credentials. Disabling forces cookie authentication.
    cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
    -- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

    Submit a ticket | Check an existing ticket
    Reply With Quote Reply With Quote
« Difference b/t Dedicated and VPS control panel | Changing domains to run on their own mail IP »

Similar Threads

  1. Issues with logging into cPanel using cookie authentication
    By mindcruft in forum cPanel & WHM Discussions
    Replies: 8
    Last Post: 02-08-2011, 02:50 PM
  2. mpm-worker forces --disable-cgi PHP flag
    By pricejn2 in forum cPanel & WHM Discussions
    Replies: 0
    Last Post: 11-13-2010, 01:28 PM
  3. How to disable "Validate the IP addresses used in all cookie based logins." from SSH
    By oanielsen in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 06-11-2010, 01:29 PM
  4. Validate the IP addresses used in all cookie based logins exceptions?
    By Guire in forum Security
    Replies: 1
    Last Post: 04-08-2010, 02:42 PM
  5. Can you use cookie authentication without having to turn off http authentication?
    By bjdea1 in forum cPanel & WHM Discussions
    Replies: 0
    Last Post: 12-10-2004, 07:20 AM