Re-Authentication When Accessing WHMCS From cPanel
-
webhostingm shared this idea 5 years ago
- Client Area
- 1 Comment
1
Votes
Often customers want to give their developers or someone else access to their cPanel to help them out.
One can access the billing system from cPanel.
That also means that he or she can gain access to the billing information available on the billing system.
This is a security nightmare that should be fixed.
One way should be to require to re-authenticate when logging in to the billing system from cPanel.
One can access the billing system from cPanel.
That also means that he or she can gain access to the billing information available on the billing system.
This is a security nightmare that should be fixed.
One way should be to require to re-authenticate when logging in to the billing system from cPanel.
Featured Comment
Thanks for your suggestion.
In this scenario the client should disable the Single Sign-On option under the Security Settings page of the client area.
Requiring additional authentication when transitioning from cPanel to WHMCS would be contrary to the seamless experience offered by an SSO integration. As such don't plan on change the authentication flow due to the presence of an option to disable SSO upon demand.