Infopro
Well-Known Member
This isn't a token issue. But, I believe this is the answer to your issue:
Re: Third-party Perl scripts not working in 11.36 - cPanel Forums
Re: Third-party Perl scripts not working in 11.36 - cPanel Forums
This isn't a token issue. But, I believe this is the answer to your issue:
Re: Third-party Perl scripts not working in 11.36 - cPanel Forums
Security Tokens are the addition of a unique ID to the URL when using cPanel & WHM. It usually is in the form of cpsessXXXXXXXXXXX where the Xs are numbers. Once logged in, you are only asked to reauthenticate if that ID disappears from the URL. Usual causes for the ID disappearing are custom themes and applications that are not updated to use security tokens. Security Tokens prevent XSS and XSRF attacks.
We also have a feature called Source IP Check. That feature tracks the IP addresses you use to connect with. Every time you connect from a different IP address, you are challenged to answer several questions.
The behavior you describe sounds more like source IP check, to me, rather than security tokens.
Security tokens are always on and are no longer allowed to be disabled, as of version 11.38. If you continue to experience problems with this feature, please open a support ticket so we can take a closer look:In my case http authentication is not enabled, and we get the security token page every time we touch any sort of management in WHM, it is a real problem for us.
Is there any way to switch this off?
Please see my previous response on this thread for an answer to this question.Hi,
I have problems, too. How to disable token security when login?
Regards,
I totally agree with you. It is cpanel obligation to give this option for security purposes, but it is also our option to use it or not, as in hundreds of other options cpanel has.Seriously, put the disable option back! Tokens are major pain. I didn't ask for them and I don't want to deal with them in situations where the exploits you keep saying they prevent are simply not relevant. YOU don't get to decide how I run my security. *I* do.