Account Password List

NetproHosting · Jan 24, 2003

I have a client page on my site to allow clients to log in, view their invoices, pay invoices, etc. I currently manually set up their user/password via WebProtect. But, if the user changes their account password, I don't have visibility to that change.

Does anyone know if CPanel uses a .htpasswd for account passwords, and if so, where it's located? I'd like to point the .htaccess file in my directory to that password list.

TIA.

Jeremy Davis
NetproHosting
www.netprohosting.com

shaun · Jan 24, 2003

yes it does... but it's smart about it and puts the passwords where a apache cant see them

it puts them in /home/user/.htpasswds/passprotecteddir/passwd

so for example...

if you had a domain called jowblow.com and the username was joe and you where trying to password protect www.jowblow.com/authusers/ the path would be this....
/home/jow/.htpasswds/authusers/passwd

hope that helps.

NetproHosting · Jan 24, 2003

What about main account passwords?

Thanks, Shaun. I knew where the .htpasswds files were for directories created with WebProtect...Perhaps I wasn't clear.

I resell accounts using WHM. When I set up an account, I create a temporary password. The user can change that password using CPanel.

I have a directory www.tld/clients that I want to protect only for clients that I have set up. So...Is there a way that I can bind my .htaccess file in that directory such that it looks to ??? .htpasswd file that is updated when I create a user password or they change it in CPanel? Again, the main account password.

Jeremy

Website Rob · Jan 25, 2003

No can do, Jeremy.

It would involve connecting to each individual account (for htpasswd) and that cannot be done. You would have to create/use your setup, similar to a Membership type script. This would allow each person to create their own password of course, but you would still have total control of everyone's login access plus, depending upon which type of script you use, other features as well.

I do a somewhat similar thing with PerlDesk. I have all Clients using their &username& as for the account ID, but can use anything they want for their password. I still have total control over their access and they are free to change their &password& (but not username) -- same as they can do with their Cpanel access.

Juanra · Jan 25, 2003

You would have to access /etc/shadow with a suid script running as root... Too risky and you can avoid it by integrating your script with cpanel. Let Cpanel do the authentication for you and run the script from within cpanel.

Thread starter	Similar threads	Forum	Replies	Date
M	History / log of password change for an email account ?	Security	2	Aug 26, 2020
C	How do I change the username and password for my reseller account (master login to cpanel)	Security	2	Jun 18, 2020
M	New Account Creation Chrome warning popup “Your password may be compromise”	Security	1	May 8, 2020
A	Unable to change cPanel account password	Security	1	Oct 24, 2019
D	Child account with same password as root has root access	Security	6	Dec 3, 2018

Search

Search

Account Password List

NetproHosting

Registered

shaun

Well-Known Member

NetproHosting

Registered

Website Rob

Well-Known Member

Juanra

Well-Known Member