The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Who's Been In Cpanel?

Discussion in 'General Discussion' started by Coffeymate, Mar 14, 2008.

  1. Coffeymate

    Coffeymate Active Member

    Joined:
    Jun 27, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Atlanta
    Is there a script that records who has entered a given Cpanel area during the month? I need to be able to tell if someone has entered a client Cpanel or not.

    AWStats and the logs appear to fail to register this sort of information.

    Am I missing something here that's already available but I don't know where to locate it? My client needs to be able to tell if his staff is actually even attempting to do what they were hired to do. Thus far their IT guy is claiming that CPanel does not have the tools he needs to control their spam problem (which isn't that significant actually). Then he claims he can't change the MX record using Cpanel so he needs ownership of the domain name itself. He's convinced the guy he has to buy an offsite mail service through him (at Godaddy) since Cpanel can't do what is necessary.

    It is sort of insane actually. I seriously doubt the fellow has even gone into their Cpanel to attempt anything after talking to him. :rolleyes:

    So it would at least be helpful if there were easy proof his employer could look up in his Cpanel to see if this "professional" ever even went into his Cpanel to make an attempt at any of his tasks.

    What do you think?
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Yes, and it logs every page in the cPanel/WHM interfaces they visited and from that you can determine what they have done. This log is located at:

    /usr/local/cpanel/logs/access_log

    What tools does he desire? We've been doing a lot with adding new spam protection functionalities to cPanel/WHM lately so we may have recently added support for what they desire.

    Simply click on the MX Entry in the cPanel interface to change the MX entry. It is located in the box labeled Mail if you are using the x3 theme.
     
  3. Coffeymate

    Coffeymate Active Member

    Joined:
    Jun 27, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Atlanta
    But that is something I'd have to access via ssh, right? This isn't something accessible straight from their Cpanel? Thing is proving to the boss that his fair haired techie guy is being less than honest. He'd have to have access himself to the log. I downloaded the raw access logs and couldn't find any reference to anyone being in Cpanel, not even myself. Since it never occurred to me to look for this before, that came as a disappointment.




    He has never responded to our questions about what tools he plans to use elsewhere or what he wants to use. Also he has never bothered to enable spamassasin or configure the filters. He never asked us to work with him to resolve the issue. He only called up out of the blue last Friday demanding the MX record change so he could host their mail over on Godaddy. HE introduced himself as their "IT professional" and was tasked to fix their spam problem and this was what he determined needed to be done.


    Like, I know. How hard is that? When my partner emailed him with the location of the MX record change in his Cpanel the guy came back two days later with a response that he couldn't do it from there and the only way he could do it would be if we transferred the domain to his Godaddy account. We still have not heard from the owner authorizing us to turn his domain name over to this joker. But the "IT professional" claims he received the OK from his boss. Not good enough in our estimation.

    We're firm believers in the beauties of Cpanel even with its occasional quirks. And we truly appreciate the team spirit and energy of the Cpanel staff. That's the kind of people you can count on and work with.

    However, proving this guy is a snake in the grass is going to be tricky. I am hoping to find a way to link to that log via a browser so the "boss" can view it himself and know I am not making it up or printing something out that is bogus.

    If the client had simply picked up the phone or emailed us to let us know there was a spam problem we could have had this resolved a week ago. I can only assume the boss was trying to find a way to utilize somebody on his payroll more effectively. :rolleyes: As it is, we're afraid to do anything ourselves and the boss has been out of town.
     
  4. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    This is only accessible via SSH. Keep in mind that cPanel/WHM/Webmail is served by cpsrvd, not Apache. Therefore Apache logs would not have any logs for for data served by cpsrvd.
     
  5. electric

    electric Well-Known Member

    Joined:
    Nov 5, 2001
    Messages:
    697
    Likes Received:
    1
    Trophy Points:
    18
    It would be nice to have the ability for customers to be able to see the cpanel access log from within cpanel itself. This would be very beneficial from a security and 'what has been done' standpoint.

    We frequently receive requests from customers who are convinced someone has hacked their cpanel or an employee has done something wrong, and they want a record of all cpanel activity for the last "x" months, etc...

    It would be absolutely awesome if we could simply point them to the "cpanel actvity log" icon, and they can see a detailed list of what has been done in their cpanel.

    Thanks.
     
  6. Silver_2000

    Silver_2000 Well-Known Member

    Joined:
    Mar 31, 2002
    Messages:
    338
    Likes Received:
    1
    Trophy Points:
    18
    I think if he turns on spamassasin and uses it correctly the issues will be reduced to a trickle
     
  7. Coffeymate

    Coffeymate Active Member

    Joined:
    Jun 27, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Atlanta

    I totally agree and second that notion! :)
     
  8. Coffeymate

    Coffeymate Active Member

    Joined:
    Jun 27, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Atlanta
    We know that, but the "boss" has become convinced this kid can do no wrong. We've done a little research into his claims, since he's filled a couple of emails with all kinds of claims of his years of expertise and what he owns. He claims he is the owner and founder of comptroub.com. :rolleyes: He does have a little franchise with them. He claims to have been in the business for 8 years (which we have and our domain names can prove it - design longer than that) his own domain name shows it was created 4 years ago. It's total focus is hosting and web design. He kept claiming he wasn't trying to steal our business from us - then saying that the boss does not want to change hosts or lose the web design we created for him. How would he know unless he's already pushed him to hire him for that too? He insisted on owning the boss's domain name. The boss believes him that that is the only way he can solve his spam problems. So we created an account at Godaddy for the boss himself. Told him we could not legally transfer the domain name to a third party but we turned it over to his new account, gave him full control of it and told him he was free to do whatever he wanted with it. We're out of that picture. And, we made it clear we could no longer guarantee that his domain name would point to our server, or resolve as efficiently because his "IT professional" refuses to divulge just what he plans to do to the domain name after he gains control. He has the same Godaddy type of account we do with the same domain name control panel. The only way he can use Godaddy to change MX records is if the domain is hosted on a Godaddy server. And we pointed that out several times.

    By now, I could care less about proving whether or not the kid ever attempted to do anything in Cpanel. After years of good relations with this client, often doing him favors free of charge to fix some little thing or other for him, to let this kid come in who set up their network and virus protection on their computers suddenly take over in our lane does not generate any sense of loyalty. For years the boss had even asked me not to approach his competitors in the area to sell them my designs because he wanted to show them all up. I'm creating brochures now! :cool:

    But it would have been nice when this first started if I could have sent a link to the boss to show him the kid never even tried to use Cpanel. It's too late now. Oh well.
     
  9. dpbuk

    dpbuk Member

    Joined:
    Jul 7, 2007
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    AW Stats gone missing!

    Hi,

    along the lines of AW STATS I have a small problem that they are not displaying although WHM says that they should be can anyone help?

    Daren
     
  10. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Feel welcome to submit an official feature request to http://bugzilla.cpanel.net and paste a link to it here so others can vote for it.

    Just a "head's up" that the access log looks more like an Apache web log than "Bob created a database named bob_db 5 minutes ago." As a result, some logs may be easily mis-interpreted. For example, someone may misinterpret someone visiting the page to add an email account as someone actually adding an email account, which would trigger a different URL in the log entry.

    See for yourself in /usr/local/cpanel/logs/access_log
     
  11. Coffeymate

    Coffeymate Active Member

    Joined:
    Jun 27, 2003
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Atlanta
    Did you set this as user configurable in WHM? Did you turn on that option then inside that users Cpanel? So many details, is easy to overlook something.
     
Loading...

Share This Page