The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Account Password List

Discussion in 'General Discussion' started by NetproHosting, Jan 24, 2003.

  1. NetproHosting

    NetproHosting Registered

    Joined:
    Jan 18, 2003
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I have a client page on my site to allow clients to log in, view their invoices, pay invoices, etc. I currently manually set up their user/password via WebProtect. But, if the user changes their account password, I don't have visibility to that change.

    Does anyone know if CPanel uses a .htpasswd for account passwords, and if so, where it's located? I'd like to point the .htaccess file in my directory to that password list.

    TIA.

    Jeremy Davis
    NetproHosting
    www.netprohosting.com
     
  2. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    yes it does... but it's smart about it and puts the passwords where a apache cant see them :)

    it puts them in /home/user/.htpasswds/passprotecteddir/passwd

    so for example...

    if you had a domain called jowblow.com and the username was joe and you where trying to password protect www.jowblow.com/authusers/ the path would be this....
    /home/jow/.htpasswds/authusers/passwd

    hope that helps.
     
  3. NetproHosting

    NetproHosting Registered

    Joined:
    Jan 18, 2003
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    What about main account passwords?

    Thanks, Shaun. I knew where the .htpasswds files were for directories created with WebProtect...Perhaps I wasn't clear. :)

    I resell accounts using WHM. When I set up an account, I create a temporary password. The user can change that password using CPanel.

    I have a directory www.tld/clients that I want to protect only for clients that I have set up. So...Is there a way that I can bind my .htaccess file in that directory such that it looks to ??? .htpasswd file that is updated when I create a user password or they change it in CPanel? Again, the main account password.

    Jeremy
     
  4. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    No can do, Jeremy.

    It would involve connecting to each individual account (for htpasswd) and that cannot be done. You would have to create/use your setup, similar to a Membership type script. This would allow each person to create their own password of course, but you would still have total control of everyone's login access plus, depending upon which type of script you use, other features as well.

    I do a somewhat similar thing with PerlDesk. I have all Clients using their &username& as for the account ID, but can use anything they want for their password. I still have total control over their access and they are free to change their &password& (but not username) -- same as they can do with their Cpanel access.
     
  5. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    You would have to access /etc/shadow with a suid script running as root... Too risky and you can avoid it by integrating your script with cpanel. Let Cpanel do the authentication for you and run the script from within cpanel.
     
Loading...

Share This Page