cPanel loops back to login screen

PeteS

Well-Known Member
Jun 8, 2017
200
39
28
Oregon
cPanel Access Level
Root Administrator
Logging in to cpanel via http://cpanel.domain.tld authenticates (doesn't say "The login is invalid."), and appears to go to the cpanel URL (http://cpanel.domain.tdl/cpsess####.../index.html?login=1&post_login=##############) but still displays the login screen.

Logging in via https://cpanel.domain.tld works as expected.

Other cpanel accounts on my server don't do this; they work as expected with both http and https.

Where do I start looking for what's different with this account, causing this behavior? AFAIK it's set up the same as the other accounts.

-Pete
 

PeteS

Well-Known Member
Jun 8, 2017
200
39
28
Oregon
cPanel Access Level
Root Administrator
My guess without knowing more info is you have something in your .htaccess for that account that is creating the behavior
That's what I thought, and indeed the entire domain is redirected to a different domain, which I thought might have been confusing cPanel. So I removed the redirect and tested: no change; issue persists.

On a related(?) note: Typically I force https on all domains (via .htaccess), but this one was not not set to force https. (Others that are, work as expected regarding cPanel logins, and I did updated this .htaccess to now force https, still no change.) Something odd I Just noticed is that when forcing https for an entire domain (on all domains I tested for this), it will force it for subdomains as well, BUT not cpanel.domain.tld, which makes no sense to me. They are all A records (cpanel. and some-sudomain.)
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,254
313
Houston
Hi @PeteS

Can you please open a ticket using the link in my signature? Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved.


Thanks!
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,254
313
Houston
Hi @PeteS

Thanks for posting the ticket ID. I took a look at the ticket and if you could please add the cPanel account password in the Server Information portion of the ticket, this will help expedite things as the analyst won't have access to the password for the account without requesting this info.

Thanks!
 

PeteS

Well-Known Member
Jun 8, 2017
200
39
28
Oregon
cPanel Access Level
Root Administrator
Hi @PeteS

Thanks for posting the ticket ID. I took a look at the ticket and if you could please add the cPanel account password in the Server Information portion of the ticket, this will help expedite things as the analyst won't have access to the password for the account without requesting this info.

Thanks!
Added it under server notes.
 
  • Like
Reactions: cPanelLauren

PeteS

Well-Known Member
Jun 8, 2017
200
39
28
Oregon
cPanel Access Level
Root Administrator
The problem was resolved by clearing browser cache. I thought I had ruled that out by trying a different browser that I (erroneously) thought had never been used on that account. Here's the Support Ticket explanation:

"The behavior is actually the result of a cookie being set after logging in over HTTPS which forces requests to be made using SSL. Upon logging out, the cookie is not properly removed so the next time that you try to log in to cPanel/WHM over an insecure connection, you get redirected back to the login page erroneously.

Once the cookies have been cleared, so long as you don't login over HTTPS you will be able to login over HTTP. If you do login over HTTPS at any time in the future, you would need to clear the cookies for the cPanel/WHM domain before you would be able to connect again over HTTP."

Clearing the cache does indeed solve the issue.

-Pete
 
  • Like
Reactions: cPanelLauren

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,254
313
Houston
Hi @PeteS

I should also point out that he has a case open for this behavior as well CPANEL-17121 you can check the Changelogs here:Change Logs - Change Logs - cPanel Documentation for updates when the case is resolved. Until then the workaround is as he noted in the ticket, you need to clear the cache if you log in over https and then need to go back to http.

Thanks!
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,254
313
Houston
Hi @PeteS

I just checked in on this for you and it looks to be still in progress -it's assigned to a team just not completed yet. We'll update you here when it is though.

Thanks!
 
  • Like
Reactions: PeteS

cPSamuelM

Technical Analyst Team Lead
Staff member
Nov 20, 2019
196
37
103
USA
cPanel Access Level
Root Administrator
Hello again @Maulana-

Thank you for your reply. In that case, the issue you are observing is likely not related to the issue that was initially reported in this forum thread and filed in our internal case CPANEL-17121. I encourage you to open a new forum thread with the specific details and description of the issue you are observing.

Thank you!