The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Forbidden Usernames on WHM

Discussion in 'General Discussion' started by scottyuk, Mar 24, 2004.

  1. scottyuk

    scottyuk Member

    Joined:
    Nov 23, 2003
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Hi

    Im making a script , Web Host Management, it creates accounts automatically in WHM, using phpAccounting, we have found some forbidden usernames like test.

    We are adding validation to stop usernames beginning with these forbidden names.

    So what usernames are forbidden, e.g - test


    If you could help it would be great.

    Thanks
    Scott - Accounts Dept.
    GalaxyHost Management Team
    http://www.galaxyhost.co.uk
     
  2. elleryjh

    elleryjh Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    479
    Likes Received:
    0
    Trophy Points:
    16
    I don't know of any, but you obviously want to avoid these system usernames:

    "root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "news", "uucp", "games", "operator", "gopher", "ftp", "rpm", "vcsa", "nscd", "sshd", "rpc", "rpcuser", "nfsnobody", "mailnull", "smmsp", "pcap", "xfs", "ntp", "desktop", "apache", "webalizer", "squid", "postfix", "named", "netdump", "mysql", "admin", "cpanel", "mailman", "mail", "httpd", "nobody");
     
    #2 elleryjh, Mar 26, 2004
    Last edited: Mar 27, 2004
  3. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Nice list, elleryjh, and thanks for sharing it with us.

    I will also confirm that not only 'test' is reserved, but anything starting with 'test' will not be allowed, as an accountID.
     
  4. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    I must be misunderstanding something here because I use test frequently. Anytime I'm working on a script that works with whm's account creation, I create a test account using test.com and username test.
     
  5. elleryjh

    elleryjh Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    479
    Likes Received:
    0
    Trophy Points:
    16
    yeah, accounts with test work for me too.
     
  6. bamasbest

    bamasbest Well-Known Member

    Joined:
    Jan 10, 2004
    Messages:
    531
    Likes Received:
    0
    Trophy Points:
    16
    I agree. Wihtout seeing the errors generated by the script, it is hard to tell where/what the problem may really be.
     
  7. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Update

    I was on 9.1.0-RELEASE_72 and just upgraded to 9.1.0-RELEASE_85 and found out what he's talking about.

    The recent wwwacct script, (the script that creates accounts), now has the following:


    Code:
    if ($user =~ /^test/) {
            deaderror("Sorry, test* is a reserved username");
    }


    To answer scottyuk's question, test is the only reserved word.
     
  8. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    WHM 9.1.0 cPanel 9.1.0-E198
    RedHat 9 - WHM X v2.1.2

    Create a New Account
    Username: testhos

    Results of your request
    Sorry, test* is a reserved username
     
  9. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    That's because it starts with test. Test is the only reserved word, but that means anything starting with it.

    Where the line says:
    if ($user =~ /^test/) {
    the ^test means matching anything starting with that.

    The name testkljklghjjkghfdj will not work, but dhjkdhfjktest or hkjhtestjkhjkh will work.
     
  10. elleryjh

    elleryjh Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    479
    Likes Received:
    0
    Trophy Points:
    16
    if they were under 8 characters.
     
  11. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Minor technicality. :D
     
  12. spiff06

    spiff06 Well-Known Member

    Joined:
    Jan 17, 2004
    Messages:
    87
    Likes Received:
    0
    Trophy Points:
    6
    Transferring an account of the form test*

    Well, that's convenient...

    I'm trying to transfer an account that has "test" in it (hahaha), and it fails just after extracting the tarball...

    Code:
    Archive Recombine in progress (part 1).....
    Tarball copy ok!
    Extracting tarball...................
    ...............
    ...............
    ...............
    ...............
    ...............
    ...............
    Done
    Extracting Domain....Done
    Generating Account....
    Sorry, test* is a reserved username
    
    Should I revert to an earlier version of WHM just to copy that single account? Actually, doing a temporary modification of the account transfer script commenting out the "test*" check would be easier. Has this check only been implemented in /etc/wwwacct?

    How would you do it?
    -e
     
    #12 spiff06, May 8, 2004
    Last edited: May 8, 2004
  13. spiff06

    spiff06 Well-Known Member

    Joined:
    Jan 17, 2004
    Messages:
    87
    Likes Received:
    0
    Trophy Points:
    6
    Ok, that did it:

    Opened the file /scripts/wwwacct, and commented out the following lines (368-370):

    Code:
    #if ($user =~ /^test/) {
    #        deaderror("Sorry, test* is a reserved username");
    #}
    
    Then transferred the account successfully, and reverted the script back to the original.

    Why is it a bad idea to have an account of the form test*? Any security issues involved?

    Eric
     
  14. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    test and/or test with anything after it
    anything greater than 8 characters
    anything that begins with a number
    anything that contains a dash
    anything that contains an underscore
    anything that begins with a dot
     
  15. elleryjh

    elleryjh Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    479
    Likes Received:
    0
    Trophy Points:
    16
    no other symbols are allowed either.

    I found that if the account 'test' has mysql databases, these are available to be read and edited by everyone in phpmyadmin.
     
  16. scottyuk

    scottyuk Member

    Joined:
    Nov 23, 2003
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for all your replies, i have built a IPB MOD that allows users to signup for hosting when they have enough points :)

    Just coming on to the WHM part, so now all i do is, if username is greater than 8, or contains test then fail signup :P
     
  17. scottyuk

    scottyuk Member

    Joined:
    Nov 23, 2003
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    PHP:
    if ($user =~ /^test/) {
            
    deaderror("Sorry, test* is a reserved username");
    }

    That means my signup uses:

    PHP:
    if ($user == ~ /^test/) {
    $checkme FALSE;
    $errors .= '<p align="center"><font color="#CC0000"><b>Hosting account usernames cannot begin with Test</b></font></p>';
    } else {
    $checkme $_POST['username'];
    }


    Thanks for all your help!
     
  18. scottyuk

    scottyuk Member

    Joined:
    Nov 23, 2003
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Update

    Hey

    Just added the code to ma script, got a parse, so messed with it a bit :)

    Now i get :

    using:
    PHP:
    if ($user =~ "/^test/") {
    $checkme FALSE;
    $errors .= '<p align="center"><font color="#CC0000"><b>Hosting account usernames cannot begin with Test</b></font></p>';
    } else {
    $checkme $_POST['username'];
    }


    Thanks!
     
  19. Jeremia

    Jeremia Member

    Joined:
    Mar 11, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    auto insert characters in front of test

    If a user wants to register the domain testeroodle.com they can't because it would violate the "user test already taken" rule.

    Does anyone know of a script that would automatically take care of this situation by changing the username in some way "on the fly".
    Perhaps insering some charaters in front eg. xxxtest

    There are a lot of domains that could start with test and I would like my automated account creation system (WhoisCart) to be able to accept them.

    Any ideas appreciated.
     
  20. as_pavlov

    as_pavlov Member

    Joined:
    Dec 10, 2006
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    I want restore an cPanel full backup, account username files.
    When i restore there are an error:
    Account Creation Status: failed (Sorry, that username is reserved.)
    Why files now reserved.
    Why before not reserved?
     
Loading...

Share This Page