Symptoms
A single cPanel account can be accessed through several passwords available on the server.
Description
By default, the "Accounts that can access a cPanel user account" Tweak Settings option is set to "Root, Account-Owner, and cPanel User." This setting means that root's password can be used to access any cPanel account, and a reseller's password can be used to access any cPanel accounts they own. Because of this, a cPanel account can be accessed through three passwords.
Workaround
- Log into WHM as the 'root' user.
- Navigate to "Home / Server Configuration / Tweak Settings."
- Click on the "System" tab.
- Change the "Accounts that can access a cPanel user account" from "Root, Account-Owner, and cPanel User default" to "cPanel User Only."
- Scroll to the bottom of the page.
- Click the "Save" button.