The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Issues with logging into cPanel using cookie authentication

Discussion in 'General Discussion' started by mindcruft, Jan 5, 2010.

  1. mindcruft

    mindcruft Member
    PartnerNOC

    Joined:
    Oct 6, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    I have having issues logging into cPanel, WHM, and Webmail. When I go to log in, it will take the correct password, but it will still keep prompting. It seems like it for some reason is having me log in for every object on the page. Has anyone had this issue before? It seems really weird to me. I have the following...

    cPanel 11.25.0-R42399 - WHM 11.25.0 - X 3.9
    CENTOS 5.4 x86_64 standard
     
  2. xrserver

    xrserver Well-Known Member

    Joined:
    Jan 18, 2008
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    can you post the output of

    Code:
    grep "FAILED LOGIN" /usr/local/cpanel/logs/login_log
     
  3. mindcruft

    mindcruft Member
    PartnerNOC

    Joined:
    Oct 6, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    I get a bunch of the following errors. I am assuming my connection is being load balanced on the way out and cPanel doesn't like this?

    I proxied the connection so I can have the same IP every time and that seems to have resolved the issue.
     
    #3 mindcruft, Jan 11, 2010
    Last edited: Jan 11, 2010
  4. xrserver

    xrserver Well-Known Member

    Joined:
    Jan 18, 2008
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    for anyone else having this problem, you can also disable "Validate the IP addresses used in all cookie based logins" in tweak settings under security in your whm.
     
  5. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Thank you for the resolution detail. Out of curiosity, do you know if the Internet connection being used utilizes a dynamically-assigned IP address? I could imagine that if the IP address changed frequently this may also trigger the IP validation security mechanism.

    While disabling IP validation will work I caution that it would come at the cost of reduced security; however, to augment the suggested alternative, if disabling IP validation I would, at minimum, ensure that security tokens are enabled. Security tokens may be toggled using WHM Tweak Settings via the following menu path: WHM: Main >> Server Configuration >> Tweak Settings >> Security. When considering security changes or re-evaluating security configurations I recommend taking into account the desired or required levels of security versus that of convenience.
     
    #5 cPanelDon, Jan 15, 2010
    Last edited: Jan 15, 2010
  6. satsuke

    satsuke Registered

    Joined:
    Dec 23, 2010
    Messages:
    0
    Likes Received:
    0
    Trophy Points:
    0
    Thanks for this. :)
     
  7. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I have a customer who has been with me for several years and just started experencing this same exact problem during the past few weeks.

    Any time they log into their cPanel and attempt to navigate around they are constantly presented with a login prompt and have to re-login.

    And the same type of errors show in my logs for them like this:

    xx.xxx.xx.xxx - xxxxxxx [01/17/2011:21:46:13 -0000] "GET /cpsess9940196709/ HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed

    xx.xxx.xx.xxx - xxxxxxx [01/17/2011:21:47:04 -0000] "GET /cpsess6567700538/frontend/x3/stats/awstats_landing.html HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed

    I have yet to find a solution other than turning off IP Validation which I do not want to do.

    The user is running Windows Vista with IE7

    The server is running WHM/cPanel 11.28.64 REDHAT Enterprise 4

    So far, only one customer is experiencing this and their connection IP address is very dynamic, changing by the minute.
     
    #7 Metro2, Feb 7, 2011
    Last edited: Feb 7, 2011
  8. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Some ISPs are have very short DHCP life times. This can cause the behavior described. In cPanel & WHM version 11.28 we added a new option to the Cookie IP validation setting. Change this setting to 'loose' and it should cause the reauthentication frequency to diminish or go away.
     
  9. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks for the tip!
     
Loading...

Share This Page