SOLVED Customers confused when changing cpanel/mysql password, website fails

jndawson

Well-Known Member
Aug 27, 2014
343
37
78
Western US
cPanel Access Level
DataCenter Provider
We have a customer that has been complaining about their site failing when they change the cPanel password. They finally realized that the mysql password was changing when they did so (props to them - not an easy troubleshoot). There is NOTHING in the process nor the related cPanel doc (Password & Security | cPanel & WHM Documentation) that tells the customer that will happen. There is a note in WHM doc (Password Modification | cPanel & WHM Documentation) about it:
3. Select Synchronize MySQL password to use the same password for both MySQL® and the cPanel account.
Note:
This option only appears if the the .my.cnf file exists in the /home/USERNAME directory where USERNAME represents the account’s username.
There is no .my.cnf file. How is that file supposed to be created? How is the customer supposed to know both passwords are related without the file triggering the Synchronize MySQL password option?
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
Hey there! I wasn't able to reproduce this issue on a cPanel version 102 server. It would also be odd to me that their site is using a main cPanel user for a MySQL connection on a public website.

Could you submit a ticket to our team so we can check this on our end? Normally I'd expect any site (such as a WordPress site) to have a separate MySQL user and password, and that would be unrelated to the cPanel password.
 
  • Like
Reactions: quietFinn

ffeingol

Well-Known Member
PartnerNOC
Nov 9, 2001
765
310
363
cPanel Access Level
DataCenter Provider
My guess is that they are using the kind of hidden cPanel-userid MySQL user that is generated instead of actually creating a MySQL user (and granting it permissions etc.). If they use that userid and they change their cPanel password, their site will in fact be broken. We have had a few client over the years do that. We just explain how to create/grant access to a MySQL user and have them update their config files and then things are good forever.
 
  • Like
Reactions: quietFinn and cPRex

jndawson

Well-Known Member
Aug 27, 2014
343
37
78
Western US
cPanel Access Level
DataCenter Provider
Hey there! I wasn't able to reproduce this issue on a cPanel version 102 server. It would also be odd to me that their site is using a main cPanel user for a MySQL connection on a public website.

Could you submit a ticket to our team so we can check this on our end? Normally I'd expect any site (such as a WordPress site) to have a separate MySQL user and password, and that would be unrelated to the cPanel password.
This a very old site dating back to (possibly) 2007 which was moved to a new server recently. It's conceivable that the wp mysql user and cpanel user were the same. Customer has created a new user just for WP.

The question I need answered is, "There is no .my.cnf file. How is that file supposed to be created?"
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
cPanel hasn't created a .my.cnf for the user for some time. There is no reason it has to be present on a system for things to work.

You can always manually create that file if you need it, although I would have expected that to get moved over as part of a migration if it was necessary for the account to function. In general, this file is no longer used.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
I did some more digging on this, and that file used to be created back when it was necessary to have it in place so the cPanel user could access PHPMyAdmin. Since the file stored the cPanel user's password in plain text, that was removed and is now considered a security risk.
 
  • Like
Reactions: quietFinn

jndawson

Well-Known Member
Aug 27, 2014
343
37
78
Western US
cPanel Access Level
DataCenter Provider
I did some more digging on this, and that file used to be created back when it was necessary to have it in place so the cPanel user could access PHPMyAdmin. Since the file stored the cPanel user's password in plain text, that was removed and is now considered a security risk.
Thanks for the info. Perhaps the docs need to be updated to reflect that rather than point to a non-existent file.
3. Select Synchronize MySQL password to use the same password for both MySQL® and the cPanel account.
Note:
This option only appears if the the .my.cnf file exists in the /home/USERNAME directory where USERNAME represents the account’s username.