The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Intercept WHM login page then load to Login page after Authentication?

Discussion in 'cPanel Developers' started by medfordite, Jun 7, 2012.

  1. medfordite

    medfordite Member

    Joined:
    Dec 13, 2011
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    This is related to the thread here:

    http://forums.cpanel.net/f42/integrate-yubikey-into-whm-login-249532.html#post1036031

    But more of a new question:

    I have made a PHP script (Actually modified the one provided by YubiKey in their PHP login scripts.) The script authorizes against the key and then provides a link to the WHM panel for login. Very similar to Two-Factor Login, but in reverse sort of.

    Is there a way to have WHM load said page first instead of the actual login page? Sort of like a redirect? If this is possible, then I would want to change the default port for WHM for my link.

    Very unusual question I am sure, but it must certainly be possible. :)
     
  2. cPanelDavidN

    cPanelDavidN Integration Developer
    Staff Member

    Joined:
    Dec 17, 2009
    Messages:
    571
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi medfordite,

    I don't have any direct experience with it, but you might want to consider implementing a custom Security Policy that would perform the YubiKey auth. Security Policies are executed after WHM authentication, but the end result would be the same: a two-factor authentication scheme.

    There's not much in the way of detailed documentation/examples/tutorials but you can find the white paper here: http://www.cpanel.net/secpolicy.pdf; it itemizes a few policies that ship with WHM so you might be able to start prototyping based on those, albeit in Perl.

    To answer your question directly, no. There is no way to have a 'pre-login' page that would be served by cpsrvd prior to the WHM login page. The only way to achieve such a user experience would be to setup some sort of proxy (which is what a few hosting companies have done)...but again, that wouldn't be served by cpsrvd itself.

    Regards,
    -DavidN
     
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page