Issues with logging into cPanel using cookie authentication

mindcruft

Member
Oct 6, 2003
8
0
151
I have having issues logging into cPanel, WHM, and Webmail. When I go to log in, it will take the correct password, but it will still keep prompting. It seems like it for some reason is having me log in for every object on the page. Has anyone had this issue before? It seems really weird to me. I have the following...

cPanel 11.25.0-R42399 - WHM 11.25.0 - X 3.9
CENTOS 5.4 x86_64 standard
 

xrserver

Well-Known Member
Jan 18, 2008
47
0
56
can you post the output of

Code:
grep "FAILED LOGIN" /usr/local/cpanel/logs/login_log
 

mindcruft

Member
Oct 6, 2003
8
0
151
I get a bunch of the following errors. I am assuming my connection is being load balanced on the way out and cPanel doesn't like this?

x.x.x.162 - username[01/11/2010:17:23:40 -0000] "GET /images/awstats/flags/it.png HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed
x.x.x.61 - username[01/11/2010:17:23:40 -0000] "GET /images/awstats/flags/nl.png HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed
I proxied the connection so I can have the same IP every time and that seems to have resolved the issue.
 
Last edited:

xrserver

Well-Known Member
Jan 18, 2008
47
0
56
for anyone else having this problem, you can also disable "Validate the IP addresses used in all cookie based logins" in tweak settings under security in your whm.
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,544
11
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Twitter
I get a bunch of the following errors. I am assuming my connection is being load balanced on the way out and cPanel doesn't like this?
Code:
x.x.x.162 - username[01/11/2010:17:23:40 -0000] "GET /images/awstats/flags/it.png HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed
x.x.x.61 - username[01/11/2010:17:23:40 -0000] "GET /images/awstats/flags/nl.png HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed
I proxied the connection so I can have the same IP every time and that seems to have resolved the issue.
Thank you for the resolution detail. Out of curiosity, do you know if the Internet connection being used utilizes a dynamically-assigned IP address? I could imagine that if the IP address changed frequently this may also trigger the IP validation security mechanism.

for anyone else having this problem, you can also disable "Validate the IP addresses used in all cookie based logins" in tweak settings under security in your whm.
While disabling IP validation will work I caution that it would come at the cost of reduced security; however, to augment the suggested alternative, if disabling IP validation I would, at minimum, ensure that security tokens are enabled. Security tokens may be toggled using WHM Tweak Settings via the following menu path: WHM: Main >> Server Configuration >> Tweak Settings >> Security. When considering security changes or re-evaluating security configurations I recommend taking into account the desired or required levels of security versus that of convenience.
 
Last edited:

Metro2

Well-Known Member
May 24, 2006
462
43
178
USA
cPanel Access Level
Root Administrator
I have having issues logging into cPanel, WHM, and Webmail. When I go to log in, it will take the correct password, but it will still keep prompting. It seems like it for some reason is having me log in for every object on the page. Has anyone had this issue before?
I have a customer who has been with me for several years and just started experencing this same exact problem during the past few weeks.

Any time they log into their cPanel and attempt to navigate around they are constantly presented with a login prompt and have to re-login.

And the same type of errors show in my logs for them like this:

xx.xxx.xx.xxx - xxxxxxx [01/17/2011:21:46:13 -0000] "GET /cpsess9940196709/ HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed

xx.xxx.xx.xxx - xxxxxxx [01/17/2011:21:47:04 -0000] "GET /cpsess6567700538/frontend/x3/stats/awstats_landing.html HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed

I have yet to find a solution other than turning off IP Validation which I do not want to do.

The user is running Windows Vista with IE7

The server is running WHM/cPanel 11.28.64 REDHAT Enterprise 4

So far, only one customer is experiencing this and their connection IP address is very dynamic, changing by the minute.
 
Last edited:

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,582
59
308
cPanel Access Level
Root Administrator
I have a customer who has been with me for several years and just started experencing this same exact problem during the past few weeks.

Any time they log into their cPanel and attempt to navigate around they are constantly presented with a login prompt and have to re-login.

And the same type of errors show in my logs for them like this:

xx.xxx.xx.xxx - xxxxxxx [01/17/2011:21:46:13 -0000] "GET /cpsess9940196709/ HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed

xx.xxx.xx.xxx - xxxxxxx [01/17/2011:21:47:04 -0000] "GET /cpsess6567700538/frontend/x3/stats/awstats_landing.html HTTP/1.1" FAILED LOGIN cpaneld: cookie ip check: IP address has changed

I have yet to find a solution other than turning off IP Validation which I do not want to do.

The user is running Windows Vista with IE7

The server is running WHM/cPanel 11.28.64 REDHAT Enterprise 4

So far, only one customer is experiencing this and their connection IP address is very dynamic, changing by the minute.
Some ISPs are have very short DHCP life times. This can cause the behavior described. In cPanel & WHM version 11.28 we added a new option to the Cookie IP validation setting. Change this setting to 'loose' and it should cause the reauthentication frequency to diminish or go away.