Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

copy encrypted cpanel login credentials

Discussion in 'Security' started by craigedmonds, Oct 19, 2013.

  1. craigedmonds

    craigedmonds Well-Known Member

    Joined:
    Oct 29, 2007
    Messages:
    112
    Likes Received:
    0
    Trophy Points:
    66
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Twitter:
    I am writing a bash script in order to lock down wordpress with htpasswd method.

    The script requires me to write htpasswd compatible credentials to a .htpasswd file. Currently I am putting in the username and a random password which works fine but would be easier for the end user if I could drop their cpanel login details to that file instead so they can enter in their cpanel details when they are prompted to login.

    Is it possible to copy the cpanel login credentials from somewhere for a user and copy the encrypted credentials to the .htpassd file?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Sys Admin

    Sys Admin Well-Known Member

    Joined:
    Apr 29, 2007
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    156
    cPanel Access Level:
    Root Administrator
    I discourage doing it in this way, It's highly insecure. However, CentOS and Redhat uses MD5 encryption by default. You can double check the file at /etc/login.defs and to do it you can just code the script to extract the entries for that specific user from /etc/shadow and to put it in their own .htpasswd , Again, This is insecure and is a bad and dangerous practice.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    I have moved this thread to the "Security" forum. You should get more input about this topic here. To note, it's likely a better idea to provide the user with credentials that are different than their cPanel username/password.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice