Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Change Password has important issues

Discussion in 'General Discussion' started by DJMaze2, Jun 14, 2005.

  1. DJMaze2

    DJMaze2 Member

    Jun 10, 2005
    Likes Received:
    Trophy Points:
    cPanel 10.2.0-R82
    RedHat 9 i686

    If someone logs into his cPanel account and changes his password (http://domain:2082/frontend/x/passwd/index.html) then only the password of the account is changed.

    Services like FTP, Mail, MySQL, etc. don't get synchronized in any way unless the owner of the server changes the password thru WHM.

    I think this is a huge issue if someone his account is hacked and is used for mail spam, ftp warez or http replacement.
    Because if someone is hacked and changes his password afterwards, the "hacker" could still access the website in many ways with the old password.

    In my opinion the "change password" feature should be fixed in one of the following ways:

    a. run the sync commands
    b. remove completely (and force custom ftp, sql, mail login accounts to prevent overall damage)
    c. replace by: commit to server owner a "change password" request
    d. suspend account untill the 'root' has synced the services
    #1 DJMaze2, Jun 14, 2005
    Last edited: Jun 14, 2005
  2. chirpy

    chirpy Well-Known Member

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    You should log it in bugzilla if it's a reproducable bug, if it doesn't already exists there.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice