The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Remote IP address no longer appearing in notices of 'root login' using su

Discussion in 'Security' started by ottdev, Mar 1, 2015.

  1. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    63
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    WHM 11.48.1 (build 2)

    Since the email notifications changed from plain text to HTML after a recent update, the new messages show only 0.0.0.0/"local machine" for the following alert for login via su - it used to show a valid IP (of my ISP, for example if I was the one logging in).

    This new HTML style one for root login to whostmgrd does get the IP okay
    Here is the older plain text version for login via su last seen before we updated on Feb 9th:
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  3. ottdev

    ottdev Well-Known Member

    Joined:
    Oct 1, 2013
    Messages:
    63
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Case numbers: 173073 and 173085
    Thank you!
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Internal case number 173085 is open to address the issue that occurs when logging in as a user and then using su to switch over to root. The IP provided shows logins from 0.0.0.0 instead of your actual IP address when this occurs. You can monitor our change log for the inclusion of this case number:

    cPanel Change Logs

    Note that this issue might be addressed by internal case 173073, so look for that number as well.

    Thank you.
     
Loading...

Share This Page