Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

password protect security problem

Discussion in 'Security' started by Snowman30, Jul 17, 2007.

  1. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    679
    Likes Received:
    0
    Trophy Points:
    316
    cPanel Access Level:
    DataCenter Provider
    I have just been notified by a client that the .htaccess password protect function is playing up on accounts on one of our servers

    lets say you password protect the folder /public_html/admin

    and you set a user as "admin" with a pass of say "foobar"

    well we have found that foo, foob, fooba and foobars all let the user login

    this is very wrong anyone have any ideas as to whats going on?

    we are using the latest CPanel 11 R release
     
    #1 Snowman30, Jul 17, 2007
  2. Gausar

    Gausar Registered

    Joined:
    Oct 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Cannot reproduce your problem

    I tested on couple of my server and could not reproduce this issue.
    You sure it is not something else.
     
    #2 Gausar, Jul 17, 2007
  3. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    679
    Likes Received:
    0
    Trophy Points:
    316
    cPanel Access Level:
    DataCenter Provider
    well i dont knwo what else it could be, its just a htaccess password protected directory
     
    #3 Snowman30, Jul 18, 2007
  4. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,131
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    New York


    Which version of Apache are you running ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 nyjimbo, Jul 18, 2007
  5. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    679
    Likes Received:
    0
    Trophy Points:
    316
    cPanel Access Level:
    DataCenter Provider
    still running 1.3

    I cant recreate the error other than on this one server which has me completely stumped
     
    #5 Snowman30, Jul 19, 2007
  6. Frimon86

    Frimon86 BANNED

    Joined:
    Jun 4, 2007
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    156
    This could be a setting inside of your server whm config I think. Have you tried checking your server whm?!?
     
    #6 Frimon86, Jul 19, 2007
  7. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,131
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    New York
    If you can get one of the offending .htaccess files and upload it here (don't change anything except stuff that might expose your server) that would help.

    Its possible one or more lines is messed up, especially the "require" statement. Its a long shot, but that would explain the error you are seeing.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #7 nyjimbo, Jul 19, 2007
  8. onaweb

    onaweb Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    156
    Hello,
    I am experiencing the same issue. I have a password of user2007 and you can enter user200, user2008, user2009, user20 - they all let you log in.

    Did anyone find a solution to this issue?

    Thanks,
    Andy
     
    #8 onaweb, Nov 29, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - password protect security
  1. Kijanne

    Password protect newsletters and database

    Kijanne, Sep 11, 2018, in forum: General Discussion
    Replies:
    1
    Views:
    45
    cPanelLauren
    Sep 12, 2018
  2. darroosh

    Password protected directory issue

    darroosh, Jan 13, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    488
    24x7server
    Jan 15, 2018
  3. jtgroup

    Password Protected Directories

    jtgroup, Dec 11, 2017, in forum: Security
    Replies:
    2
    Views:
    280
    jtgroup
    Dec 14, 2017
  4. jeffstu

    Auto SSL and Password Protected Directory

    jeffstu, Nov 16, 2017, in forum: Security
    Replies:
    3
    Views:
    569
    cPanelMichael
    Dec 4, 2017
  5. Greg M

    How to password protect root / default webpage

    Greg M, Jul 31, 2017, in forum: General Discussion
    Replies:
    8
    Views:
    792
    Greg M
    Aug 11, 2017

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice