The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Permanently disable Copy account with account password

Discussion in 'General Discussion' started by cgilbert001, Jul 23, 2006.

  1. cgilbert001

    cgilbert001 Registered

    Joined:
    Jun 17, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Am trying to figure out how to permanently disable "Copy an account from another server with ACCOUNT PASSWORD" because I have proprietary (though non-copyrighted) files that I host, which I do not want other persons to be able just to transfer to a new server in 10 seconds and open their own hosting business.

    This is the last hole I need to plug so can anyone tell me a way to do this?

    Thanx
     
  2. HostMerit

    HostMerit Well-Known Member

    Joined:
    Oct 24, 2004
    Messages:
    160
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Jersey, USA
    cPanel Access Level:
    DataCenter Provider
    Why not protect the files through PHP encryption + protection to make sure it's running on your server?

    Perhaps you should not be giving access to CPanel but enable your users to edit the sites through another manner.

    What's preventing them from downloading files via FTP etc?

    So many ways to copy / move an account, perhaps you shouldn't be giving direct cpanel access...
     
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    The correct fix to this problem is to put your proprietary files into /usr/local/lib/php and include them (without a path) when you want to access them. The average user will have no idea what this means.

    This way, the accounts will not work if they are copied to another server, and your source won't go along with them. It also has the advantage (and caveat) that any change you make will immediately affect all the domains on the server - the advantage being that it's easy to upgrade and fix security problems, the caveat being that it's much easier to break every account on the server.

    Of course, PHP encryption is also a really good idea, but this approach coupled with encryption makes it impossible for anyone to steal your ideas or your accounts!
     
Loading...

Share This Page