My WHM account access was stolen

arlindmurati

Registered
Jul 7, 2020
4
3
3
cPanel#21Lindi#@!
cPanel Access Level
Root Administrator
I'm not sure if I understood correctly, however if someone has your WHM access they shouldn't be able to buy something from the cPanel store as they would need your cPanel store logins, or they would require your login details for the billing platform of your host to do any harm.
 
  • Like
Reactions: cPRex

arlindmurati

Registered
Jul 7, 2020
4
3
3
cPanel#21Lindi#@!
cPanel Access Level
Root Administrator
I agree with @cPRex a migration is an immediate action you should take, even better from an offsite backup, after restoring please make sure to change WordPress login details, database names, database users passwords, cPanel passwords, disable mysql remote connection etc..
 
  • Like
Reactions: cPRex

rinrikun2021

Registered
Aug 11, 2021
4
1
3
NYC
cPanel Access Level
Root Administrator
So, all purchases must use the cpanel store website, right?

Is it possible to make a purchase on my domain or IP address?


My way to view connected accounts is using the "Manage External Authentications" menu, correct?
 
Last edited:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,519
1,031
313
cPanel Access Level
Root Administrator
All purchases do need to go through the cPanel store, whether that happens directly from the store URL or through the WHM interface.

I'd be much more concerned about the server being compromised and getting the data migrated than of a user making random purchases on your account.

"Manage External Authentications" is used for tools that are allowed to log in to your server. You can find more details on that here: Manage External Authentications | cPanel & WHM Documentation