Security problem

[ltchat]

Hello,

I have been following security advisor and enabled home security future which one do not let me to login to my website admin pag for some unknown reason. When i put login details i get blank page after hitting login button. I wanna figure out which security part is doing that? I tried find my self, but i could locate it. I know that before i have this problem with safe mode on, but this time i checked and safe mode is off. Did anyone had same problem and know how to solve it?

Thanks
Regards
ltchat

 

[cPanelMichael]

Hello

Could you elaborate on the specific security option you modified based on the recommendation in Security Advisor? Also, are there any error messages within the account's error_log or within /usr/local/apache/logs/error_log when the blank page appears?

Thank you.

 

[ltchat]

This is what enabled (have green tick mark) on my whm security advisor:
cPHulk Brute Force Protection is enabled.
Entropy Chat is disabled.
MySQL test database doesn't exist.
MySQL check for anonymous users
Password strength requirements are strong.
SSH password authentication is disabled.
Current SSH version is up to date: 5.3p1-94.el6
SCGI is disabled, currently using the recommended suEXEC.
The pseudo-user “nobody” is not permitted to send email.
Outbound SMTP connections are restricted.
Apache is being queried to determine the actual sender when mail originates from the “nobody” pseudo-user.

i just did them in the row did not thinking that they will make this change.

From cPanel error log i got this:

PHP Parse error: syntax error, unexpected 'GOTO' (T_GOTO) in /home/ltchatco/public_html/templates/stylish/login.php on line 13

nathing else.
It was working fine until i enable more security by security advice.

 

[edigest]

You have to setup auth keys before disabling password authentication.

Reverse this setting: "SSH password authentication is disabled"

 

[cPanelPeter]

Hello,

I'm fairly certain this error was not caused by anything you did via the Security Advisor.
That looks to be a simply syntax error in the login.php file (line 13). I recommend you look there and/or
perhaps restore that file from backup.

 

[cPanelMichael]

PHP Parse error: syntax error, unexpected 'GOTO' (T_GOTO) in /home/ltchatco/public_html/templates/stylish/login.php on line 13

I don't know that this is necessarily related to any security settings that you modified. Instead, it appears to be a syntax error with your script. Have you checked with the script developer to see how to potentially resolve that error?

Thank you.

 

[ltchat]

I don't know that this is necessarily related to any security settings that you modified. Instead, it appears to be a syntax error with your script. Have you checked with the script developer to see how to potentially resolve that error?

Hello,

I'm fairly certain this error was not caused by anything you did via the Security Advisor.
That looks to be a simply syntax error in the login.php file (line 13). I recommend you look there and/or
perhaps restore that file from backup.

That line is nathing to do with admin login proble. This error for users to login not admin. And yes, it is somthing to do with security related settings, i hade this problem before when i was playing with security setings and i got it now with diferent security setings, i just need to figure out witch one i need to turn it of to work proper.

You have to setup auth keys before disabling password authentication.

Reverse this setting: "SSH password authentication is disabled"

I will play with this settings later today and lett you know if problem have been solved.

Thanks to all of you for you replays and help.
Regards
Ltchat

 

[cPanelMichael]

That line is nathing to do with admin login proble. This error for users to login not admin.

Could you clarify if you mean that it's not an issue with your script but rather with accessing cPanel itself?

Thank you.

 

[ltchat]

Could you clarify if you mean that it's not an issue with your script but rather with accessing cPanel itself?

Thank you.

Hi Michael,

Im not saying that is not an script issue, but i know that i have same problem befor with safe_mode when i turned safe_mode on it was same problem, when i turned safe_mode off it back normal. This time i have been loged to my website admin page around 5 min befor i went to the WHM as root and falowed steps on security advisor and when i enabled few securities i needed to back to my website admin page, and then it became blank white page where nathing else just whithnes. So i thought thats an security issue because i have this problem before. I dod restore of my script from one, two weeks and month back, but the problem still there. Still working on it, but have little time now, so can't figure out what's causing this problem.

 

[cPanelMichael]

I don't see how any of the security settings you referenced changing would prevent a website from loading. However, feel free to open a support ticket using the link in my signature so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

Thank you.

 

[ltchat]

Hi all,

It seams the problem not just with admin login. I started receive support tickets from my members, that they can not delete or upload new photos to they account, i did tried to do that my self and i get error message "An error occurred during loading of a JPEG file. File may be corrupted. Please select other file!" and the files i tried to upload is JPEG and its not corrupted. I read somewhere that for some reason servers recognize pictures files like documents not the pictures, that's why it not aloud to upload to the server. I m sure that is not script fault, that's for sure, because i did restore up to 1 year ago, but the problem still there, so its not script fault for sure. I wanna know, how can i reset WHM settings to default, like it was before? is it possible and if it is, so can anyone tell me how to do this?

Thanks
ltchat

 

[cPanelMichael]

Were you ever able to open a support ticket so we could take a closer look? Let us know the ticket number if you have or decide to do so. You will find the "Default" text next to options in "Tweak Settings" so you can see if the values have been changed from default.

Thank you.