1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Root login to cpanel... (Last login from)

Discussion in 'General Discussion' started by dexus, Oct 1, 2006.

  1. dexus

    dexus Member

    Joined:
    Jan 14, 2006
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    I just noticed that from cPanel version 10.9.0 IP logging is somehow changed. Now when I login as root to some of my clients cPanel it logs my IP adress. Before it was logging 127.0.0.1, and that was much better.

    I realy don't like that my clients can see from what IP we are logging, or worst to think that some "hacker" was logging to their cPanel, because we somethimes access from different locations and IP's, and to panic something about that. In previos versions of cpanel they would know that some of our staff was logging to their cPanel when they see 127.0.0.1 as last login.

    I think there should be some options about this, for example:
    1. to show real IP
    2. to show 127.0.0.1
    3. to show some custom message like "last login: support staff"
    4. not to log IP at all and that last login staies last client login


    Is there some way to change this root logging somehow to be like before 127.0.0.1?

    Thanks.
     
  2. jayh38

    jayh38 Active Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    use SSL login directive. You probably used that before. That will direct to the ssl port
    and provide 127.0.0.1 that you used to see.

    tweak settyings > system
    check this box

    Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc.


    OH, Sorry.. Chirpy did say a while back that the IP will eventually show. So I guess it now has arrived.
    Now login detection failure is easily trackable with ssl ports as well.
     
    #2 jayh38, Oct 1, 2006
    Last edited: Oct 1, 2006
  3. dexus

    dexus Member

    Joined:
    Jan 14, 2006
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    I was always logging on the same way to users cPanel by clicking on the cPanel icon on "List Accounts" page.

    This IP logging is just changed in new version of cPanel, and I realy hate something new that I don't like and don't have a option to change that.

    I hope that there is some way to change this.
     
  4. webignition

    webignition Active Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    WHM, cPanel and webmail SSL sessions were previously managed through stunnel, or so I believe. Due to limitations of this process that the 'last logged in from' IP could not be recorded.

    Newer versions of WHM/cPanel use cPanel's native (i.e. proprietory) SSL methods and this does allow the IP to be recorded. This has, in effect, resolved a previous 'undocumented feature'.

    However, you can choose to switch back to using stunnel.

    WHM > Tweak Settings > uncheck "Use native SSL support if possible, negating need for Stunnel"
     
  5. dexus

    dexus Member

    Joined:
    Jan 14, 2006
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    Yes, you are right...

    I always thought that "last login from: 127.0.0.1" was intentionaly for root logins, and that was not for root logins, it was a "bug" :)

    I would realy like to have some options about this in Tweak Settings, like I mentioned before.

    So what is the real difference between native SSL and stunel?

    Thanks.
     
  6. jayh38

    jayh38 Active Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    Good information, thanks.
     
  7. angelina_holy

    angelina_holy Member

    Joined:
    Aug 6, 2006
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    When you login to your client cpanel from whm>> list account , your ip gets recorded in .lastlogin file in file manager of that client .

    You can always remove your IP from there so that next time you again login it will show last login as none
     
  8. Major Tom

    Major Tom New Member

    Joined:
    Apr 25, 2005
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I second that request

    At least one can switch back to stunnel, but that's hardly a solution to have to go backwards.

    I second that request for an option to not show root or reseller logins, it is too cumbersome to delete from .lastlogin.

    This is a very important matter to some webhosts.

    Please someone log a feature request

    M.T.:)
     
  9. MaraBlue

    MaraBlue Member

    Joined:
    May 3, 2005
    Messages:
    335
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Carmichael, CA
    Bah, it's not cumbersome. Just plan ahead, "mv .lastlogin .lastlogin.old", then move it back when you're done.

    Not that that method is really...100% honest. Most things that need to be done can be done from the command line anyway...unless it's something a user is complaining about seeing in their cPanel GUI, in which case they should know you're going to access it.
     
  10. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,288
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Houston, TX
    You can submit an official feature request yourself by visiting http://bugzilla.cpanel.net

    Yay for resurrecting a 14 month old thread?
     
  11. MaraBlue

    MaraBlue Member

    Joined:
    May 3, 2005
    Messages:
    335
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Carmichael, CA
    Is it a possibility to freeze threads after a certain length of time of inactivity?

    Should I submit an official feature request? :D *ducks*
     

Share This Page