Adding Accounts via script PHP without using root?


May 29, 2012
cPanel Access Level
Root Administrator
Hi there,

I wrote a script, which adds accounts on my whm-server. The problem is, that I'm using the root-user to gain access to all the information I need...

I need to count all registered accounts on a server,
and to add accounts,
but I don't want to use the root-user (security).

Is a reseller-account enough to perform this?
Or is there any other way to create a user with nearly root-privileges?

For creating accounts on my server, I use the following script:
// Add Account
    $script = "https://$rootname:[email protected]$server:2087/scripts/wwwacct";
    $params = "?plan={$package}&domain={$domain}&username=".$user."&password=".$pass."&contactemail={$mail}&language=de";
    $result = file_get_contents($script.$params);

and for list accounts, i use the following function:

    public static function getCntDomains($rootname, $rootpass, $ip) {

            $query = "https://".$ip.":2087/xml-api/listaccts";

            $curl = curl_init();
            # Create Curl Object
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
            # Allow self-signed certs
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
            # Allow certs that do not match the hostname
            curl_setopt($curl, CURLOPT_HEADER,0);
            # Do not include header in output
            curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
            # Return contents of transfer on curl_exec
            $header[0] = "Authorization: Basic " . base64_encode($rootname.":".$rootpass) . "\n\r";
            curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
            # set the username and password
            curl_setopt($curl, CURLOPT_URL, $query);
            # execute the query
            $result = curl_exec($curl);
            if ($result == false) {
                    error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
            # log error if curl exec fails

            $stripped = strip_tags($result);
            $count = substr_count($result, $ip);
            return $count;

And as you know, if you havn't the privileges to perform this action, whm throws an error...

help :(

I'm sorry, if this is the wrong place to post, but i used the search-function (maybe not good enough?)
and didn't find anything.

Thanks in advance,


Well-Known Member
Verifed Vendor
Jun 17, 2010
San Francisco, CA
cPanel Access Level
Root Administrator
You can add accounts via a reseller but they will be added under that reseller user rather than root. Also, when listing accounts as the user, you will only see the accounts owned by the reseller and not all accounts.

I'd recommend switching to /xml-api/createacct to create the account as cPanel doesn't guarantee that calling :2087/scripts/wwwacct will stay the same like /xml-api/createacct will.


Technical Product Specialist
Nov 29, 2006
Houston, TX
cPanel Access Level
Root Administrator
I usually create a reseller account on my server with a bogus domain and give it root access as not to have user root used for terribly much (after all, it's often the target of brute force attacks and thus blocked by cphulkd anyway). A root-level reseller can do this without restrictions about which reseller owns the account.