SOLVED How can you disable two form authentication via root command?

WebHostPro · Mar 28, 2018

I have a customer that set up two form authentication and forgot the details. How do I disable it from the root command line?

cPanelMichael · Mar 28, 2018

Hello,

You can disable two-factor authentication with the following command:

Code:

whmapi1 twofactorauth_disable_policy

Thank you.

WebHostPro · Mar 28, 2018

Thanks for the quick reply!

WebHostPro · Apr 1, 2018

cPanelMichael said:
Hello,

You can disable two-factor authentication with the following command:

Code:

whmapi1 twofactorauth_disable_policy

Thank you.

Oh actually, I ran that and got:

# whmapi1 twofactorauth_disable_policy
---
metadata:
command: twofactorauth_disable_policy
reason: OK
result: 1
version: 1

Yet, it's still there. Is there more I need to do to disable it?

cPanelMichael · Apr 2, 2018

Hello,

Is this for a specific cPanel account? If so, you can use the following UAPI command to disable it for a specific user:

Code:

uapi --user=username TwoFactorAuth remove_user_configuration

The function is documented at:

UAPI Functions - TwoFactorAuth::remove_user_configuration - Developer Documentation - cPanel Documentation

Thank you.

WebHostPro · Apr 2, 2018

cPanelMichael said:
Hello,

Is this for a specific cPanel account? If so, you can use the following UAPI command to disable it for a specific user:

Code:

uapi --user=username TwoFactorAuth remove_user_configuration

The function is documented at:

UAPI Functions - TwoFactorAuth::remove_user_configuration - Developer Documentation - cPanel Documentation

Thank you.

Oh sorry it's for the WHM. It asks for 4 questions to access that where set by the previous webmaster that our customer used. Now the customer can't get in after letting their webmaster go.

cPanelMichael · Apr 3, 2018

WebHostPro said:
Oh sorry it's for the WHM. It asks for 4 questions to access that where set by the previous webmaster that our customer used. Now the customer can't get in after letting their webmaster go.

Hello,

That's actually the Security Questions feature enabled with the Limit Logins to Verified IP Addresses option in "WHM Home » Security Center » Configure Security Policies". We document how to disable this from the command line at:

Configure Security Policies - Version 70 Documentation - cPanel Documentation

Disable security questions via SSH
To disable security questions via the command line, perform the following steps:

Use SSH to log in to your server as the root user.

Open the /var/cpanel/cpanel.config file in your preferred text editor.

Change the value of the SecurityPolicy::SourceIPCheck option to 0.

Save and exit the file.

Run the /scripts/restartsrv cpanel command to restart cPanel & WHM.

Thank you.

WebHostPro · Apr 3, 2018

That did it! Thanks a million

Thread starter	Similar threads	Forum	Replies	Date
D	You must stop and disable firewalld when using csf	Security	2	May 20, 2021
G	Disable Automatically-Issued Hostnames in cPanel v7.9	Security	1	May 7, 2021
S	Shell Fork Bomb Protection Disabled	Security	8	Mar 30, 2021
	Disable Dovecot in mailserver config	Security	3	Mar 24, 2021
M	Disable ModSecurity on default vhost	Security	3	Mar 1, 2021

Search

Search

SOLVED How can you disable two form authentication via root command?

WebHostPro

Well-Known Member

cPanelMichael

Administrator

WebHostPro

Well-Known Member

WebHostPro

Well-Known Member

cPanelMichael

Administrator

WebHostPro

Well-Known Member

cPanelMichael

Administrator

WebHostPro

Well-Known Member