The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel For Subdomains

Discussion in 'General Discussion' started by pkuk, Dec 1, 2002.

  1. pkuk

    pkuk Well-Known Member

    Joined:
    Nov 16, 2002
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    Hi Folks

    I want to create a demo account to allow customers to sample a cpanel, ideally as a subdomain of my main account, but obviously I need a separate cpanel which can be set as a demo. How do I set this up, if it's possible, as http://subdomain.domain.com/cpanel only works with the main domains username & password...


    Any Ideas
     
  2. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Give that subdomain it's own account and it will have it's own username and password.

    Some say it's not safe giving the public access to a sample cpanel because of what could be done if they know what they're doing.

    You could make the new account then use WHM to make it a demo cpanel. I'm not sure exactly what is changed when it's made a demo account.
     
  3. mpierre

    mpierre Well-Known Member

    Joined:
    Jun 30, 2002
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    You say :

    Some say it's not safe giving the public access to a sample cpanel because of what could be done if they know what they're doing.


    Why is that so ? Is it really dangerous ?
     
  4. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    I'm not sure what the risks are but I think I read elsewhere that a good programmer can use cpanel to install a program to do whatever he wants. I don't remember where I heard that, but it seems to make sense. If any visitor has access to a fully working cpanel, they could upload anything they want including scripts.

    Hopefully we will get a reply from someone who knows more in this area ;) but personally I'd rather give a non working sample just in case.
     
  5. pkuk

    pkuk Well-Known Member

    Joined:
    Nov 16, 2002
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    That makes sense, but surely if the account you created had 0 everything and no disc space and was set to demo mode in whm, the cpanel would appear to function in terms of how poeple moved round it, but would actually be useless to a potential intruder, as they would have no resources to play with...

    One other point mind - what exactly does demo mode restrict...
     
  6. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    [quote:18957d3939][i:18957d3939]Originally posted by pkuk[/i:18957d3939]

    That makes sense, but surely if the account you created had 0 everything and no disc space and was set to demo mode in whm, the cpanel would appear to function in terms of how poeple moved round it, but would actually be useless to a potential intruder, as they would have no resources to play with...[/quote:18957d3939]

    Makes sense to me. I don't think there would be too much risk there.

    [quote:18957d3939]One other point mind - what exactly does demo mode restrict...[/quote:18957d3939]

    I'm curious about this myself.
     
  7. pkuk

    pkuk Well-Known Member

    Joined:
    Nov 16, 2002
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    I'll try it, after all, if shell access is disabled, along with 0 everything on the cpanel, I doubt anyone can do any harm, after all, that's why the option appears in whm...
     
  8. JustinK

    JustinK Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    251
    Likes Received:
    0
    Trophy Points:
    16
    Most gets disabled and I think the DarkOrb crew are nailing it down pretty well now, but nothing's safer than plain html or screenshots.
     
  9. mrprez

    mrprez Well-Known Member

    Joined:
    Jun 14, 2002
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    16
    You have to be careful with the file manager. If this is active they can upload anything and then run it.

    John
     
  10. moronhead

    moronhead Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    706
    Likes Received:
    0
    Trophy Points:
    16
    Another effective method is to remove any theme files that you don't wan't your visitors to access even if they knew the URL for it.

    Regards,

    Norman
     
Loading...

Share This Page