Skip to main content

Assigning Cpanel User to wheelhouse

Comments

5 comments

  • ffeingol

    First, completely disabling SSH just seems like  really bad idea.  "Somewhere" along the line you'll need to access shell to fix something.  If you have another way to do that (some sort of remote console) great.  It, not, I'd suggest simply locking down SSH to a few IP that you know you can access from.

    If you just want to give your cPanel account full WHM access why not just make it reseller and grant it "Everything" access?  That would allow it to do anything in WHM doing it the "cPanel" way,.

    1
  • cPRex Jurassic Moderator

    Hey there!  On modern cPanel systems, FTP is disabled by default, so that part is already done for you.

    While you're welcome to disable SSH, there is no way to login to WHM without root - you have to use the root user to access WHM.  Disabling root logins for SSH has no affect on the WHM service.

    In theory you could create a reseller with all permissions on the server, effectively making them a root user, but that wouldn't be any more secure - you'd just be using a different username that has full root access to the machine.

    There is no reason you would need to add an A record or change DNS to access cPanel or WHM.

    Let me know if that helps clear things up!

    1
  • durangod

    Ok thanks, yeah i think in the old days we used to be able to disable root login, i know because i locked myself out of my server way back then lol   But i guess that has changed. Back then we used to just use sudo via SSH to log into our sub user and then sudo over to the root in SSH.   But im sure there used to be a way back then to disable root login to WHM.   Anyway ok that has changed now its ok.  

    So what i did was i added my cpanel to the wheelhouse and then i set the cpanel user as a reseller and then went into reseller and gave them full privies.    So now i can jump over to WHM from the cpanel GUI.    

    Ok yeah i see it really does me no good security wise to do that because the root still has a WHM login, even if SSH and FTP is disabled.  

    Well the only thing i can do then is try to get a static ip and set access to only that IP,  i think if its static the chance of me being locked out would be slim, though i do understand it could happen if my ISP changes things.  Risk is known.   Thanks for all :)

    0
  • cPRex Jurassic Moderator

    You're very welcome!

    0
  • durangod

    Also thank you  ffeingol, did not want to go without saying thanks also. 

    Also there is  one caveat to doing this, when you jump from cpanel over to WHM using the WHM link in cpanel,  it logs you off of cpanel.  It used to be you could have both open in the same browser tabs but i guess that has changed as well.  :)   Just a heads up...   

    I also just got a dedicated IP from my ISP, so looks like i got this covered now.   :)

    0

Please sign in to leave a comment.