Infopro
Well-Known Member
This isn't a token issue. But, I believe this is the answer to your issue:
Re: Third-party Perl scripts not working in 11.36 - cPanel Forums
Re: Third-party Perl scripts not working in 11.36 - cPanel Forums
The issue I have is with 11.38, not 11.36.
It appears to still be applicable although it worked fine in 11.36. Updated shebang to
#!/usr/local/cpanel/3rdparty/bin/perl
and relogged into the script for token.
It appears to still be applicable although it worked fine in 11.36. Updated shebang to
#!/usr/local/cpanel/3rdparty/bin/perl
and relogged into the script for token.
Last edited:
Often disconnected from WHM. Security Token
Hello
Often disconnected from WHM. Security Token
I'm going crazy.
It is very difficult to work.
When I:
1) I make server to server migration
2) Setting up accounts.
and etc...
Is there a solution?
This virtually impossible to work.
Any suggestion ???
Thank you!
Marcelo Konrath
Hello
Often disconnected from WHM. Security Token
I'm going crazy.
It is very difficult to work.
When I:
1) I make server to server migration
2) Setting up accounts.
and etc...
Is there a solution?
This virtually impossible to work.
Any suggestion ???
Thank you!
Marcelo Konrath
Re: Often disconnected from WHM. Security Token
Hello
Are you using browser bookmarks to access Web Host Manager, or do you encounter this problem when logging in by entering the URL in your browser's address bar? Do you have "HTTP Basic Authentication" enabled in "Tweak Settings"?
Thank you.
Hello
Are you using browser bookmarks to access Web Host Manager, or do you encounter this problem when logging in by entering the URL in your browser's address bar? Do you have "HTTP Basic Authentication" enabled in "Tweak Settings"?
Thank you.
Re: Often disconnected from WHM. Security Token
Hello cPanelMichael
entering using google chrome via IP in my browser's
HTTP Authentication is disable. I should enable?
I have frequent:
------------------------------
HTTP erro 401
Invalid security token
The requested URL does not contain your session’s correct security token.
You may have reached this error by copying and pasting a URL from a different cPanel, WHM, or Webmail session into your browser’s address bar. To resolve this situation, please take one of the following steps:
Go back one page and reload the URL, making sure that the /cpsess.../ section of the URL remains the same.
Re-enter your account’s password below. This will assign your session a new security token. This new token will prevent you from using other pages of this application that may be open in other tabs.
------------------------------
What should I do? It is very difficult to work.
Thank you
Marcelo Konrath
Hello cPanelMichael
entering using google chrome via IP in my browser's
HTTP Authentication is disable. I should enable?
I have frequent:
------------------------------
HTTP erro 401
Invalid security token
The requested URL does not contain your session’s correct security token.
You may have reached this error by copying and pasting a URL from a different cPanel, WHM, or Webmail session into your browser’s address bar. To resolve this situation, please take one of the following steps:
Go back one page and reload the URL, making sure that the /cpsess.../ section of the URL remains the same.
Re-enter your account’s password below. This will assign your session a new security token. This new token will prevent you from using other pages of this application that may be open in other tabs.
------------------------------
What should I do? It is very difficult to work.
Thank you
Marcelo Konrath
Re: Often disconnected from WHM. Security Token
It's normal for "HTTP Authentication" to be disabled, as that is the default configuration. Please open a support ticket for this so we can check to see if it's a user-based issue, or a problem with our software.
Submit A Ticket
You can post the ticket number here so we can monitor the support request.
Thank you.
It's normal for "HTTP Authentication" to be disabled, as that is the default configuration. Please open a support ticket for this so we can check to see if it's a user-based issue, or a problem with our software.
Submit A Ticket
You can post the ticket number here so we can monitor the support request.
Thank you.
Re: Often disconnected from WHM. Security Token
Hello cPanelMichael
I will first enable HTTP Authentication and work to test.... If problem continues, I will open a ticket.
I have this problem with all servers.
Thank you again per your response.
Marcelo Konrath
Hello cPanelMichael
I will first enable HTTP Authentication and work to test.... If problem continues, I will open a ticket.
I have this problem with all servers.
Thank you again per your response.
Marcelo Konrath
Security tokens in 11.38
After upgrade to 11.38 customers are calling about security tokens on their links to Horde webmail for example.
Is there anyway we can disable security tokens for accounts/server somewhere?
I remembered I read that security tokens are not possible to disable?
After upgrade to 11.38 customers are calling about security tokens on their links to Horde webmail for example.
Is there anyway we can disable security tokens for accounts/server somewhere?
I remembered I read that security tokens are not possible to disable?
Re: Security tokens in 11.38
Yes, that was turned on somehow.
Would that cause this problem? If we disable this customers will not get security token problem?
Update:
-Looks like that worked. Thanks
Yes, that was turned on somehow.
Would that cause this problem? If we disable this customers will not get security token problem?
Update:
-Looks like that worked. Thanks
Last edited:
I concur with others here, furthermore we use dual wan load balancer here between two different ISPs, so our IP address will change in mid-flight thus the Source IP Check will lock us out constantly.
And even without this (i.e. when we switch off the load balancer and just use a single modem), the invalid token page comes up several times even in the course of completing one simple task. It's as if the token times out in rapid fashion, e.g. within 30 seconds on occasion. This is vary quickly turning what should be an easy maintenance task, into a time consuming choir. And it's a little nerve racking to see that gray http 401 error page come up bazillions of times during the course of a single day.
With regard to promotions, if cPanel.net is looking for a way to generate a positive feeling amongst their users and managers for their software, then by removing this option to deselect security tokens, I think it is safe to say, they've gone in the opposite direction.
You (cPanel.net) should very definitely return the option for your customers to deselect this feature.
P.S. Regarding:
------------------------
Check this file:
/var/cpanel/cpanel.config
For this:
xsrftokens=0
------------------------
Switching this value from 0 to 1, then restarting cPanel with service cpanel restart, makes no difference, at least not for us.
Does anyone know of any other method to switch this feature off?
Last edited:
Security tokens are always on and are no longer allowed to be disabled, as of version 11.38. If you continue to experience problems with this feature, please open a support ticket so we can take a closer look:
Submit A Ticket
Thank you.
Submit A Ticket
Thank you.
Re: Security tokens in 11.38
Submit A Ticket
Please post the ticket number here so we can update this thread with the outcome.
Thank you.
Security tokens are always on and are no longer allowed to be disabled, as of version 11.38. If you continue to experience problems with this feature, please open a support ticket so we can take a closer look:
Submit A Ticket
Please post the ticket number here so we can update this thread with the outcome.
Thank you.
Re: Security tokens in 11.38
Hi,
I have problems, too. How to disable token security when login?
Regards,
Hi,
I have problems, too. How to disable token security when login?
Regards,
Seriously, put the disable option back! Tokens are major pain. I didn't ask for them and I don't want to deal with them in situations where the exploits you keep saying they prevent are simply not relevant. YOU don't get to decide how I run my security. *I* do.
Re: Security tokens in 11.38
Thank you.
Please see my previous response on this thread for an answer to this question.
Thank you.
Security Tokens in 11.38.0
I wanted to express my dislike for the Security Tokens tweak no longer being optional in 11.38.0 (Build 17).
I understand the security value for it, but it is a real inconvenience for me. I keep phpMyAdmin open all day, and after 20 or 30 minutes of inactivity, it requires me to re-enter my password.
My password isn't anything I can remember (it's a strong password with symbols, upper- and -lower case letters, and numbers), so I have to go find it and then type it in manually. I find myself doing this on a constant basis.
Worse, if I have to keep the password written on a note on my desk, it's more of a security risk than having Security Tokens turned off!
For future releases, I would request that you reinstate the option for Security Tokens in the Tweaks. Changing the default to "On" would be fine, but it would be nice to have the option to turn it off.
If I'm wrong, and there is such an option, please forgive my ignorance!
I wanted to express my dislike for the Security Tokens tweak no longer being optional in 11.38.0 (Build 17).
I understand the security value for it, but it is a real inconvenience for me. I keep phpMyAdmin open all day, and after 20 or 30 minutes of inactivity, it requires me to re-enter my password.
My password isn't anything I can remember (it's a strong password with symbols, upper- and -lower case letters, and numbers), so I have to go find it and then type it in manually. I find myself doing this on a constant basis.
Worse, if I have to keep the password written on a note on my desk, it's more of a security risk than having Security Tokens turned off!
For future releases, I would request that you reinstate the option for Security Tokens in the Tweaks. Changing the default to "On" would be fine, but it would be nice to have the option to turn it off.
If I'm wrong, and there is such an option, please forgive my ignorance!
Re: Security Tokens in 11.38.0
Hello
I have moved this thread over to the "Security" forum for discussion. While I understand your intention here is to express your dislike for the Security Tokens requirement, I did want to note that you may find a third-party application such as 1Password useful:
Agilebits.com - 1Password
Thank you.
Hello
I have moved this thread over to the "Security" forum for discussion. While I understand your intention here is to express your dislike for the Security Tokens requirement, I did want to note that you may find a third-party application such as 1Password useful:
Agilebits.com - 1Password
Thank you.
I totally agree with you. It is cpanel obligation to give this option for security purposes, but it is also our option to use it or not, as in hundreds of other options cpanel has.