Need a second Admin account for our developer

wmu

Registered
Mar 17, 2021
2
0
1
America
cPanel Access Level
Root Administrator
Hi,

I need help setting up a second admin account for for my developer. All I see online is that you have to give the developer your main account login details, but that can't be right. If this is true, it's a horrible policy. No security protocol on earth would ask someone to give their developer the only admin user id and password for their account which would allow the developer to lock out our service (and also, what happens if something happens to the developer and the only account available has been changed?)

Can someone please point me to a way to add a second admin account for our developer?

Thank you for your help! I have 20+ years of IT experience, but not in this area.
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
4,912
607
273
cPanel Access Level
Root Administrator
Hey there! It would depend on what level of access they need and to what resources. If they need access to specific areas of WHM you could create a reseller account as that would provide them with a WHM log in. If they need access to cPanel, providing access to the entire cPanel account is the best way to do that. You could further restrict access by creating an FTP user, so they could only connect to a certain directory within the account's file structure, but if they need access to the cPanel interface they would have to use the main cPanel username and password.
 

wmu

Registered
Mar 17, 2021
2
0
1
America
cPanel Access Level
Root Administrator
No offense, I appreciate the help, but what your answer tells me is that cPanel is run by idiots. I see the upvotes for this feature are over 600 and I also see the response from cPanel from over 2 years ago with zero update. So it's clearly not going to happen. What the actual.... This is the most basic of features. I guess I'll have to look for an alternative and convince my developer to switch. He's hesitant since cPanel kind of owns the market, but our security team is simply not going to approve a policy where there is only one admin account and no way to have a type of super user that can add/revoke admin rights.

c'mon. It can't be that hard to implement. I don't even know of a legit product in the market that doesn't have it in some form. Super User = full admin and the ability to add admins with different IDs and passwords. Admin = full admin, but their rights can be revoked by the Super User. How hard is that? Every have someone leave the company? Need to give access to a contractor and then revoke it when they finish their work? Have some risk issue where the rights need to be revoked? All covered with such a simple design change. Oh, but you could just change the password right? Well no, not if an employee or contractor decides to go rogue change it before the owner can.

Maybe one day cPanel will hire a security team/person who can build this basic functionality.