The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Resellers able to install SSL Hosts to ANY IP, even without privs.

Discussion in 'General Discussion' started by summy, Jun 6, 2008.

  1. summy

    summy Active Member

    Joined:
    Jan 14, 2004
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    I've been having a play about with the "SSL Site Management" option under the Reseller ACL.

    It seems that when this option is enabled, the reseller is able to install an SSL cert/host to any IP he/she chooses on the server. Regardless of whether those IP's are in his/her pool. Also regardless of what IP the site is already on. For example, say the site is on x.x.x.34 (a shared ip) they could choose to set it up on x.x.x.35.

    When adding the cert/site no errors come up, apache restarts and WHM reports everything added ok on the IP chosen.

    Checking the IP usage from the WHM root account shows this to be true also.

    Surely this is not the desired behaviour, this must be a bug? I have searched the forum a bit but couldn't find anything related.

    What we want is for the reseller to only be able to install SSL cert/sites to IP's available in their pool. Maybe a drop down, rather than the textbox.

    Server details:

    WHM 11.23.0 cPanel 11.23.3-R25121
    CENTOS Enterprise 5 x86_64 on standard - WHM X v3.1.0

    If someone else could report their findings I would appriciate it, I'm not sure if this is a bug on our box or an oversight by cpanel :confused:
     
  2. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
  3. summy

    summy Active Member

    Joined:
    Jan 14, 2004
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    Indeed I have. I have tried:

    1) Selecting the "restrict" radio option and then no IP's from the checkboxes
    2) Selecting the "restrict" radio option and then a few IP's from the checkboxes

    Both give the same results. I.e. the reseller is able to install a cert/host to any IP they please.
     
    #3 summy, Jun 7, 2008
    Last edited: Jun 7, 2008
  4. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
    is it latest version of cpanel/WHM ?
    Iam running stable on many boxes and iam not able to replicate this ?
     
  5. summy

    summy Active Member

    Joined:
    Jan 14, 2004
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    Version details in original post.
     
  6. summy

    summy Active Member

    Joined:
    Jan 14, 2004
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    what does it say when you try to install the host to an IP the reseller doesn't have priviledges for then?
     
Loading...

Share This Page