Skip to main content

Configuring cPanel for more than one user

Comments

15 comments

  • Eminds
    adding your friends account and restricting him to a limited access is quite easy, just go through the below documentation and you will be able to do it. Create a New Account - Documentation - cPanel Documentation
    0
  • Spork Schivago
    adding your friends account and restricting him to a limited access is quite easy, just go through the below documentation and you will be able to do it.
    0
  • Eminds
    with cpanel your friend will have access to his website, email, database and other stuff only, so a limited access. He will not have access to WHM by any means.
    0
  • Spork Schivago
    with cpanel your friend will have access to his website, email, database and other stuff only, so a limited access. He will not have access to WHM by any means.

    Same with DNS records, right? I create him a cPanel account, and when he goes to the domain zone editor, he won't see my domain / subdomains at all, right? That's the big thing. Essentially, I want it like he's renting a VPS and just gets a slice of mine, you know what I mean?
    0
  • cPanelMichael
    Hello, That's correct. cPanel accounts can not see the DNS records from domain names added to other accounts when using the "Zone Editor" option. Thank you.
    0
  • Spork Schivago
    Hello, That's correct. cPanel accounts can not see the DNS records from domain names added to other accounts when using the "Zone Editor" option. Thank you.

    So it'll be like when I rented a shared hosting server from GoDaddy then? I was sharing the server with other people, I didn't have access to their /home/ directories, but we all had access to the same system files, etc. I had my own cPanel setup, they had theirs....exactly the same? Down the road, if I wanted to charge money, like 5$ a month, for him to use it, would that violate any TOS's that I have with cPanel? Is it illegal to do that? Or can I rent out shares of my installation? The reason I ask, I don't have a huge amount of hard disk space, and if he was willing to pay a little, maybe I could upgrade the VPS to the next tier... Thanks!
    0
  • Infopro
    would that violate any TOS's that I have with cPanel?

    What you're asking about here is basic cPanel shared hosting. You're not breaking any rules setting up additional accounts on your server, this is what cPanel is used for, by most all of us. ;)
    0
  • Spork Schivago
    What you're asking about here is basic cPanel shared hosting. You're not breaking any rules setting up additional accounts on your server, this is what cPanel is used for, by most all of us. ;)

    Okay, Thank you! I thought most people used cPanel like I do, a central area for configuring most applications, hardening the server, etc. A lot of programs on the Linux side usually come with a text based config file. cPanel makes it a bit easier to get up and running fairly quick like, with pretty decent configuration defaults (from a security standpoint). I didn't realize most people rented a cPanel license and created new accounts for other people that paid the original renter money for it. It's nice that I won't have to pay extra per user and that it's just a per VPS or a per dedicated server situation. Thank you for your help!!!!!
    0
  • Infopro
    Your comment is interesting to me for some reason. Have you never seen this video? What is cPanel? :)
    ..like I do, a central area for configuring most applications, hardening the server, etc.

    So you're running a cPanel Powered Server for just your own site? That's not a bad thing, it's a great idea. It's certainly easier to just get hosting somewhere and let them manage the server issues if you've only got your own site to manage. I agree with you, cPanel makes most everything server related, easier to manage. That's why I use it, too. :)
    0
  • Spork Schivago
    Your comment is interesting to me for some reason. Have you never seen this video? What is cPanel? :) So you're running a cPanel Powered Server for just your own site? That's not a bad thing, it's a great idea. It's certainly easier to just get hosting somewhere and let them manage the server issues if you've only got your own site to manage. I agree with you, cPanel makes most everything server related, easier to manage. That's why I use it, too. :)

    I've never seen that video before until today, that's cool! And yes, I'm currently running a cPanel powered server just for my site. Originally, I rented a shared server through GoDaddy and then upgraded to a Virtual Private Server from GoDaddy. I had access to cPanel with the shared, and with the VPS, access to both cPanel and WHM. When I made the switch to Linode, I had grown accustom to cPanel / WHM. I loved how easy it was to do stuff, but most importantly, I loved how there was this central location to configure most of everything that I needed configuring. At first, I thought it wasn't the greatest. For example, there are many options missing from the Apache configuration screen. There's many options in the real apache conf that aren't listed there. Some of these, you can set and configure via the include files. But there's some you simply cannot implement properly with an include file. Then I found I could change these values using the Apache templates. With RoundCube and Horde, I can install any version I want using overlay files, etc. It's highly configurable and I really love it. It's helped me so much. I would never want someone else to manage my server. I've used Linux since 8th grade and not only do I love it, I find it extremely fun to do this stuff. I couldn't imagine paying someone to do it for me. I think what I like so much is finding problems and then finding solutions to those problems. It's very rewarding. The default cipher list used for the cPanel services makes the various cPanel services vulnerable to the Sweet32 birthday attack. Removing the 64-bit block ciphers fixes this. When I run an audit and see that I'm vulnerable to the Sweet32 birthday attack, I say oh no! But when I fix it and run the audit again and see that it's removed from the list of vulnerabilities, there's a certain level of satisfaction that I find very rewarding and cannot seem to find other things in life that make me feel that way. I believe I found the answer to last piece of the puzzle. I was wondering how I could configure my server in such away where when people visited my domain, example.com, they'd see my website, but when they visited my friends domain, hisdomain.com, they'd see his website, having only one IPv4 address (we have many IPv6 addresses). I believe the answer is using name based virtual hosts. Currently, I'm using IP based virtual hosts. I think I'm all set for setting up another account on my VPS. Thanks.
    0
  • Tom Risager
    Web traffic to and from your server is packaged inside TCP segments, which in turn are transmitted in IP packets. These TCP segments are addressed to a port on your server, usually 80 (or 443 if SSL/TLS is used). So if the IP address of your server is 1.2.3.4, then the TCP address for web traffic sent to your server would be 1.2.3.4:80. There are usually other TCP addresses in use on a server, e.g. port 22 would be used for SSH connections. TCP segments containing SSH traffic to your server would then be sent to 1.2.3.4:22. Note how the server has no difficulty distinguishing traffic intended for the web server from SSH traffic - the same IP is used, but the port numbers are different. You can compare this to a number of people living in the same house, sharing the same street address. You can still send physical mail to a specific person in the house by putting the name of the recipient above the street address on the envelope. There is no problem determining who the letter is for (at least as long as no two individuals in the house happen to share the same name). Apache has a "virtual host" concept that basically corresponds to a website on the server. These virtual hosts can be IP-based, with each website on a different IP address, but they can also be based on domain names. With name-based virtual hosts, Apache looks for the domain name inside the payload of traffic arriving at 1.2.3.4:80 to determine which website it should be passed to. That is why you can have many websites sharing a single IP address.
    0
  • Spork Schivago
    Web traffic to and from your server is packaged inside TCP segments, which in turn are transmitted in IP packets. These TCP segments are addressed to a port on your server, usually 80 (or 443 if SSL/TLS is used). So if the IP address of your server is 1.2.3.4, then the TCP address for web traffic sent to your server would be 1.2.3.4:80. There are usually other TCP addresses in use on a server, e.g. port 22 would be used for SSH connections. TCP segments containing SSH traffic to your server would then be sent to 1.2.3.4:22. Note how the server has no difficulty distinguishing traffic intended for the web server from SSH traffic - the same IP is used, but the port numbers are different. You can compare this to a number of people living in the same house, sharing the same street address. You can still send physical mail to a specific person in the house by putting the name of the recipient above the street address on the envelope. There is no problem determining who the letter is for (at least as long as no two individuals in the house happen to share the same name). Apache has a "virtual host" concept that basically corresponds to a website on the server. These virtual hosts can be IP-based, with each website on a different IP address, but they can also be based on domain names. With name-based virtual hosts, Apache looks for the domain name inside the payload of traffic arriving at 1.2.3.4:80 to determine which website it should be passed to. That is why you can have many websites sharing a single IP address.

    I edited my post when I found the answer I think you read the original post, before it was edited. I found the answer, name based virtual host entries. I do know how ports work, but I think you made either a typo or a mistake with the SSH stuff. You say, "There are usually other TCP addresses in use on a server...", I believe you mean there are usually other TCP ports in use on a server. There are also UDP (User Datagram Protocol) ports as well. Thank you for explaining the name based virtual hosts though, I think you gave a great analogy. I was unaware of name based virtual hosts. I'm hoping when I setup a new cPanel user, cPanel will automatically switch over from using IP based virtual hosts to name based virtual hosts, otherwise, we might have an issue. Is there a config option in WHM somewheres to tell Apache to use name based virtual hosts? Or is it if I have more than one user, it automatically uses name based virtual hosts?
    0
  • Tom Risager
    The combination of ip address and port number is a "socket address" cpanel will configure name based virtual hosts for you without you having to do anything special.
    0
  • Spork Schivago
    Awesome! Thank you! So when you were saying, "There are usually other TCP addresses in use on a server...", you meant socket addresses? Thanks for the clarification.
    0
  • GroverQ
    adding your friends account and restricting him to a limited access is quite easy, just go through the below documentation and you will be able to do it.
    0

Please sign in to leave a comment.