Account Transfer: careful of Security Questions (security policy on the remote server forbids it)

nlaruelle

Active Member
Sep 4, 2017
37
16
58
Belgium
cPanel Access Level
Website Owner
Hello,

Here another "Security Questions" story :)

I just took almost 2 hours to figure out why I got an error during cPanel Account Transfer between remote servers.

Common check for troubleshooting : The TCP ports 2083/2087 was opened in CSF. Tried to temporarily disabling Imunify360/CSF. Whit-listing everywhere (even cPHulk), except…
(my bad) the security policy and cPanel Security Questions can be met there also!

I feel like I am the only one in earth using Security Questions in my core servers (such a good feature for security), because I did not meet anybody on Google sharing the solution to my issue.

So, for the next Google searchers, I copy paste the full report I got from the Failed Report.

The most interesting parts are :

- Downloading “backup-6.6.2022_05-35-28_username.tar.gz” …
Could not download backup file; SECURITY POLICY on the remote server forbids it.

- Cpanel::Exception::HTTP::Network/(XID efvg55) The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “https://host.example.com:2083/download/backup-6.6.2022_06-11-00_username.tar.gz” because of an error: Died at /usr/local/cpanel/scripts/getremotecpmove line 272.


Code:
Starting “TRANSFER” for “Account” “username”.
Attempting to copy “username” from “host.example.com”.
Trying to fetch cpmove file via cPanel API!
debug: Established cpanel session
Fetching current backups from remote server … 0 backups found.
… done.
Starting the backup …
… done.
Checking remote server for backups … 1 backup found.
The remote server is creating the backup file “backup-6.6.2022_06-11-00_username.tar.gz”.
The backup file, backup-6.6.2022_06-11-00_username.tar.gz, is still being generated on the remote server “host.example.com”.
…15…
Downloading “backup-6.6.2022_06-11-00_username.tar.gz” …
Could not download backup file; security policy on the remote server forbids it.
Cpanel::Exception::HTTP::Network/(XID efvg55) The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “https://host.example.com:2083/download/backup-6.6.2022_06-11-00_username.tar.gz” because of an error: Died at /usr/local/cpanel/scripts/getremotecpmove line 272.
at /usr/local/cpanel/Cpanel/HTTP/Client.pm line 115.
Cpanel::HTTP::Client::request(Cpanel::HTTP::Client=HASH(0x1bb9350), "GET", "https://host.example.com:2083/download/backup-6.6.2022_"..., HASH(0x1b5ae78)) called at /usr/local/cpanel/scripts/getremotecpmove line 292
scripts::getremotecpmove::fetch_acct_by_cpanel(__CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__) called at /usr/local/cpanel/scripts/getremotecpmove line 57
scripts::getremotecpmove::script("scripts::getremotecpmove", "host.example.com", "username") called at /usr/local/cpanel/scripts/getremotecpmove line 30
Failed: Error while executing “/usr/local/cpanel/scripts/getremotecpmove”. The “/usr/local/cpanel/scripts/getremotecpmove host.example.com username” command (process 29412) reported error number 255 when it ended.: debug: Established cpanel session Cpanel::Exception::HTTP::Network/(XID efvg55) The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “https://host.example.com:2083/download/backup-6.6.2022_06-11-00_username.tar.gz” because of an error: Died at /usr/local/cpanel/scripts/getremotecpmove line 272. at /usr/local/cpanel/Cpanel/HTTP/Client.pm line 115. Cpanel::HTTP::Client::request(Cpanel::HTTP::Client=HASH(0x1bb9350), "GET", "https://host.example.com:2083/download/backup-6.6.2022_"..., HASH(0x1b5ae78)) called at /usr/local/cpanel/scripts/getremotecpmove line 292 scripts::getremotecpmove::fetch_acct_by_cpanel(__CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__, __CPANEL_HIDDEN__) called at /usr/local/cpanel/scripts/getremotecpmove line 57 scripts::getremotecpmove::script("scripts::getremotecpmove", "host.example.com", "username") called at /usr/local/cpanel/scripts/getremotecpmove line 30
SOLUTION :

Whitelist your server IP in the remote cPanel account, under the Security Policy tab.


It's funny to see that the Account Transfer Tool can Launch an archive backup through SSH, can read how many Backups are in the remote server, but cannot do a WGET to the file if "Security Questions" are enabled and IP is not yet in the cPanel individual whitelist (tab : security policy).

We learn something every day… Let's ThumbUp! of it helps ^^
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,793
1,878
363
cPanel Access Level
Root Administrator
Hey there! Just to confirm, you were performing this work as the root user on both systems, correct? And once you whitelisted the IP address in the Security Policies area, effectively negating the security questions, the transfer worked normally, correct?