Need a second Admin account for our developer
Hi,
I need help setting up a second admin account for for my developer. All I see online is that you have to give the developer your main account login details, but that can't be right. If this is true, it's a horrible policy. No security protocol on earth would ask someone to give their developer the only admin user id and password for their account which would allow the developer to lock out our service (and also, what happens if something happens to the developer and the only account available has been changed?)
Can someone please point me to a way to add a second admin account for our developer?
Thank you for your help! I have 20+ years of IT experience, but not in this area.
-
Hey there! It would depend on what level of access they need and to what resources. If they need access to specific areas of WHM you could create a reseller account as that would provide them with a WHM log in. If they need access to cPanel, providing access to the entire cPanel account is the best way to do that. You could further restrict access by creating an FTP user, so they could only connect to a certain directory within the account's file structure, but if they need access to the cPanel interface they would have to use the main cPanel username and password. 0 -
No offense, I appreciate the help, but what your answer tells me is that cPanel is run by idiots. I see the upvotes for this feature are over 600 and I also see the response from cPanel from over 2 years ago with zero update. So it's clearly not going to happen. What the actual.... This is the most basic of features. I guess I'll have to look for an alternative and convince my developer to switch. He's hesitant since cPanel kind of owns the market, but our security team is simply not going to approve a policy where there is only one admin account and no way to have a type of super user that can add/revoke admin rights. c'mon. It can't be that hard to implement. I don't even know of a legit product in the market that doesn't have it in some form. Super User = full admin and the ability to add admins with different IDs and passwords. Admin = full admin, but their rights can be revoked by the Super User. How hard is that? Every have someone leave the company? Need to give access to a contractor and then revoke it when they finish their work? Have some risk issue where the rights need to be revoked? All covered with such a simple design change. Oh, but you could just change the password right? Well no, not if an employee or contractor decides to go rogue change it before the owner can. Maybe one day cPanel will hire a security team/person who can build this basic functionality. 0 -
I think the issue here (for the idea of super admin vs admin) is that if a user has root access, they can do anything, including change root's password. I love the idea, and I appreciate how Google Workspace (for instance) has this build in, but in cases like that they aren't dealing with a whole server's user access, just access to a an application. I don't think it can be done in WHM, for the same reason you can't safely give root access to a user you don't completely trust to work on the server, and to keep that login secure. I assume in the reseller privileges (correct me if I'm wrong) that certain things require full root access are disallowed unless "Everything" (root access) is checked. If so, then that ACL, and @cPRex's suggestions, are the closest we can come to what we are wishing for: 1 - reseller (w/ or w/o a domain) a - with root privileges b - without root privileges and other privileges as appropriate 2 - cPanel login, might have to be shared among users*, but doesn't risk whole server access/compromise 3 - FTP, limited as appropriate I use this strategy, mostly 3 and 2, and 1b if required. 1a would be an extreme case. * This is the 600+ upvote, 9 y/o feature request mentioned above ( 0 -
That feature request is happening VERY soon :D 0 -
That feature request is happening VERY soon :D
Which feature, multiple cPanel account logins or WHM admin accounts?0 -
Multiple cPanel accounts. 0 -
Multiple cPanel accounts.
Ah, ok, that's what I would have guessed. Great! So is my understanding/assessment of the WHM multiple admin issue correct, or am I missing something?0 -
No, that all sounded correct to me. 0
Please sign in to leave a comment.
Comments
8 comments