Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Version control and any cPanel features that modify files like IP Blocker

Discussion in 'General Discussion' started by spaceman, Apr 5, 2019.

  1. spaceman

    spaceman Well-Known Member

    Joined:
    Mar 25, 2002
    Messages:
    505
    Likes Received:
    5
    Trophy Points:
    318
    Hi All,

    There are plenty of cPanel features/functions that allow the direct modification of files on a live ('production version') hosting account.

    The most obvious/dangerous one is File Manager which can pretty much allowed the CRUD of any file or folder.

    Less obvious, maybe, are features like IP Blocker that directly modify the .htaccess file. It probably wouldn't be hard to create a comprehensive list of all available cPanel feature that allow direct modification of hosting account files.

    Cutting to the chase: is it just me, or is this "power" fundamentally (often in the hands of less technical folk) at odds with any hosting account that is managed using version control? If files are modified directly on the live site, isn't this a recipe for such modified files to get overwritten (and the changes made by cPanel undone) the next time code is pushed to the hosting account from the code repository?

    How do others manage this situation, i.e. where the hosting account owner DOES want their cPanel control, but the site is under version control? Of course one answer is simply to disallow cPanel access to anyone whose site is under version control. Or is there some way for the two needs to happily co-exist?

    Thanks,

    Ross
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,529
    Likes Received:
    2,181
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello Ross,

    The File Restoration option in cPanel somewhat alleviates this concern because it allows cPanel users to restore individual files (as long as backups are enabled on the server). That said, I certainty understand your concern that cPanel users may modify or remove files via File Manager and request support when the files are unexpectedly returned to their previous state through the Git Version Control feature. A feature request for File Manager to display a warning when a cPanel user manages a file or directory that's part of a cPanel-managed repository could help increase awareness. Could you open the feature request and post the link here once it's submitted?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. spaceman

    spaceman Well-Known Member

    Joined:
    Mar 25, 2002
    Messages:
    505
    Likes Received:
    5
    Trophy Points:
    318
    Thanks for your feedback on this, cPanelMichael.

    I think your feature request suggestion for File Manager would chip away at the issue a little.

    But IMHO, optimal is to have such a warning for *any* cPanel feature that makes changes to any aspect of a hosting account that is vulnerable to getting overwritten by version control. File Manager is by far the most obvious tool, because it's obvious mission - maybe even to a non-tech user, is to make changes to a hosting account.

    So on one level I'm more concerned about features - like IP Blocker (and surely many others?) - where it's far from obvious, sometimes even to a more technical person, that changes are going to be made to the hosting account that are vulnerable to being overwritten *if* the account is managed with version control.

    Of course the ultimate protection against this issue is to 100% disallow (not just to warn) anyone - clients or developers - from using cPanel tools, or perhaps ONLY the tools that have the ability to make changes to the hosting account that are vulnerable to be overwritten by version control.

    Am I making sense, @cPanelMichael ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,529
    Likes Received:
    2,181
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @spaceman,

    Yes, that makes sense and I do see the value in what you are seeking. I recommend sharing or pasting that information into a new feature request and sharing the link here once it's approved so we can begin sending the link with other users reporting similar concerns/requests.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. spaceman

    spaceman Well-Known Member

    Joined:
    Mar 25, 2002
    Messages:
    505
    Likes Received:
    5
    Trophy Points:
    318
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice