Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Logging into any reseller account using root's password

Discussion in 'Security' started by Rafcio, Dec 8, 2017.

Tags:
  1. Rafcio

    Rafcio Registered

    Joined:
    Dec 8, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Poland
    cPanel Access Level:
    Root Administrator
    Hello,

    today I have noticed that I am able to login into any reseller (WHM) account using root's password.
    I don't know if it's a bug or a feature :)
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,073
    Likes Received:
    349
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    WebHost Manager »Server Configuration »Tweak Settings, System tab:
     
  3. Rafcio

    Rafcio Registered

    Joined:
    Dec 8, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Poland
    cPanel Access Level:
    Root Administrator
    So it's ok that I can go into WHM login page and type login: resellername password: rootpassword and log in?
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,073
    Likes Received:
    349
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    My apologies I misread your post. With root password you can login to any account.
     
  5. Rafcio

    Rafcio Registered

    Joined:
    Dec 8, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Poland
    cPanel Access Level:
    Root Administrator
    No problemo, thank you for quick reply. I thought that it might be a bug causing potential security risk but with strong root password it should not be a problem. Anyway, is there any way to disable this feature?
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,073
    Likes Received:
    349
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Adding Two Factor Authentication can add another layer of security to your system and accounts.
     
Loading...

Share This Page