The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CPanel password protect directories, failure if symbols < or > are used

Discussion in 'General Discussion' started by thobarn, Mar 28, 2009.

  1. thobarn

    thobarn Well-Known Member

    Joined:
    Apr 25, 2008
    Messages:
    153
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    sanctum sanctorum
    If the password generated by CPanel >> Password Protect Directories >> Password generator contains less than (<) or greater than (>) symbols, then the password will not work. However, the generator routinely includes these if "Symbols" box is selected. If you want your passwords to work, exclude this symbol.

    Test case:
    1) Password protect a directory using CPanel interface
    2) Create a user with the user name: "test" and the password: "test>"
    3) Visit password protected resource and use credentials in step 2

    [FYI]
    Since neither man htpasswd nor the Apache AAA manual [1] gives such a limitation, this must be due to CPanel implementation, and I reckon it has something to do with input sanitization removing angled brackets.
    [/FYI]


    [1] http://httpd.apache.org/docs/2.2/howto/auth.html
     
    #1 thobarn, Mar 28, 2009
    Last edited: Mar 28, 2009
Loading...

Share This Page