NetproHosting

Registered
Jan 18, 2003
3
0
151
I have a client page on my site to allow clients to log in, view their invoices, pay invoices, etc. I currently manually set up their user/password via WebProtect. But, if the user changes their account password, I don't have visibility to that change.

Does anyone know if CPanel uses a .htpasswd for account passwords, and if so, where it's located? I'd like to point the .htaccess file in my directory to that password list.

TIA.

Jeremy Davis
NetproHosting
www.netprohosting.com
 

shaun

Well-Known Member
PartnerNOC
Verifed Vendor
Nov 9, 2001
702
1
318
San Clemente, Ca
cPanel Access Level
DataCenter Provider
Twitter
yes it does... but it's smart about it and puts the passwords where a apache cant see them :)

it puts them in /home/user/.htpasswds/passprotecteddir/passwd

so for example...

if you had a domain called jowblow.com and the username was joe and you where trying to password protect www.jowblow.com/authusers/ the path would be this....
/home/jow/.htpasswds/authusers/passwd

hope that helps.
 

NetproHosting

Registered
Jan 18, 2003
3
0
151
What about main account passwords?

Thanks, Shaun. I knew where the .htpasswds files were for directories created with WebProtect...Perhaps I wasn't clear. :)

I resell accounts using WHM. When I set up an account, I create a temporary password. The user can change that password using CPanel.

I have a directory www.tld/clients that I want to protect only for clients that I have set up. So...Is there a way that I can bind my .htaccess file in that directory such that it looks to ??? .htpasswd file that is updated when I create a user password or they change it in CPanel? Again, the main account password.

Jeremy
 

Website Rob

Well-Known Member
Mar 23, 2002
1,501
1
318
Alberta, Canada
cPanel Access Level
Root Administrator
No can do, Jeremy.

It would involve connecting to each individual account (for htpasswd) and that cannot be done. You would have to create/use your setup, similar to a Membership type script. This would allow each person to create their own password of course, but you would still have total control of everyone's login access plus, depending upon which type of script you use, other features as well.

I do a somewhat similar thing with PerlDesk. I have all Clients using their &username& as for the account ID, but can use anything they want for their password. I still have total control over their access and they are free to change their &password& (but not username) -- same as they can do with their Cpanel access.