Jul 25, 2008

Security Issue
Free Web Hosting, No Ads > General > Hosted Members Area

free web hosting

Security Issue

AlternativeNick
Dec 8 2006, 07:24 AM
Hey all, i think this is a major problem.

it costs 10 credits to change youre cpanel password.

What is up with that? if someones password is compromised, and they dont have the credits, it could take a while for them to get the credits high enough to change it, and in that time its very possible that someone could take advantage of the site/cpanel etc.

I really think this should be changed, if anything make it cost 1 credit, because im sure everyone has that.

Personally, i have a hard time posting on forums (i cant usually think of anything to say) so my credits are almost always below 10.

Anyways, im just saying, for the sake of safety, it shouldnt cost that much to change youre password, being able to change passwords in a flash is very important if you ask me smile.gif

Reply

BuffaloHELP
Dec 8 2006, 07:32 AM
There's also a disadvantage of allowing changing cPanel password in a flash... what if someone has the access of seeing your forum password? Without you knowing a password can be changed to both accounts--the forum and your cPanel.

Allowing credits to be used serves as a buffer if your cPanel password needs to be changed other than you. If you have only 9 credits, someone else cannot change your cPanel password immediately unless gaining additional credits needed.

But before we discuss what ifs... let's discuss about preventing it from happening in the first place.

You can change your cPanel without any hosting credits. This is done through your cPanel. So the very first step is to protect and complicate your password to your cPanel. Mix numbers and letters. Make it longer than 6 characters (128 is max). Make sure you do not have keylogger or spyware in your computer used to access your cPanel. Do not, I repeat, do not use public computer that you do not use often to access your cpanel or FTP. They may be infected with who knows what.

If you are still worried about cPanel being compromised, change your password often. When you change your cPanel password, change your forum password as well. Email both passwords to your "secure" email address OR memorize them. Do not write it down. If you have to write it down, chances are you will forget them.

QUOTE
Protect your password.
Don't write down your password - memorize it. In particular, don't write it down and leave it lying around where people can see it, and don't place it in an unencrypted file! Use unrelated passwords for systems controlled by different organizations. Don't give or share your password, in particular not to someone claiming to be from computer support or a vendor unless you are sure that are who they say they are. Don't let anyone watch you enter your password. Don't enter your password at a computer or to a site you don't trust. Use the password for a limited time and change it periodically.

Choose a hard-to-guess password that includes a variety of letters, numbers and special characters.
passwd will try to prevent you from choosing a really bad password, but it isn't foolproof; create your password wisely. Don't use something you'd find in a dictionary (in any language or jargon). Don't use a name (including that of a spouse, parent, child, pet, fantasy character, famous person, and location) or any variation of your per- sonal or account name. Don't use accessible information about you (such as your phone number, license plate, or social security number) or your environment. Don't use a birthday or a simple pattern (such as backwards, followed by a digit, or preceded by a digit. Instead, use a mixture of upper and lower case letters, as well as digits or punctuation. When choosing a new password, make sure it's unrelated to any previous password. Use long passwords (say 8 characters long). You might use a word pair with punctuation inserted, a passphrase (an understandable sequence of words), or the first letter of each word in a passphrase.

 

 

 


Reply

AlternativeNick
Dec 11 2006, 07:45 AM
oh, sorry about this then smile.gif

i wasnt aware that you could change youre cpanel password within cpanel smile.gif

thanks.

Reply


Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.

Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

(Maximum characters: 10,000)
You have characters left.
Confirm Code:

Similar Topics

Keywords : security, issue

  1. I Can && Cannot Acces My Website
    Confusing issue. (4)
  2. Can't Access My Site....weird Issue
    (5)
    Okay, so last night everything worked fine. I loaded up cpanel, fixed issues with the site after the
    database move, etc. Today I'm unable to load up the site. It just keeps giving me ping
    timeouts. With what I'm being told by others it is only me having this issue with my site, and
    yet there have been 0 changes to my pc between it working and not. I have tried multiple times
    during the day with no luck. Along with this, if I load my website using a proxy service then I do
    not have any issues. The only time it will not allow me to access it is if I am "using" my....
  3. Open_basedir Issue
    (6)
    I use my trap17 account for a website and a forum. Both are a big part of the site, and community
    based. Members can add content to the website as well, and post on the forums. I need both
    softwares to be integrated, so members can register on the forums and be able to use their account
    for both the forum and the website. That is not the issue though, I have had them integrated, but
    since open_basedir was enabled, I'm obviously getting an error. For the forum to access the
    necessary files from the website, it needs to access them in a higher directory, which open....
  4. My Ftp Issue. Forum Nonviewable.
    (7)
    My situation: I started the cpanel process and clicked on fantastico to begin downloading phpBB2
    automatically on it. It had told me it couldn't continue the process because there were items
    that needed to be deleted, so I deleted everything, the mail regenerated itself fortunately, when I
    reinstalled the phpBB2 discussion board via fantastico I looked at the ftp folder and then tried to
    access the site via IE web browser. I got a 404 page. "Not Found The requested URL / was not found
    on this server. Additionally, a 404 Not Found error was encountered while trying....
  5. New Issue
    File manager (4)
    First of all, thank you a lot for resolving the password issue. Today I encountered a new one once I
    tried to upload a file using cpanel file manager - the window refreshed, but the "upload status"
    frame remained unchanged, and the file did not appear on the list. What could be a reason for that?....
  6. Security Check Php Register_globals
    When installing Joomla on trap17 (7)
    Joomla shows this warning QUOTE Following PHP Server Settings are not optimal for Security
    and it is recommended to change them: * PHP register_globals setting is `ON` instead of
    `OFF` Well it shows two warnings but the other one i can change. Is this something
    i, or you should be woried about or is it normal.......
  7. Site Redirection Issue
    (1)
    Okay, here's the deal. My new portfolio system has my sigs located in a really deep directory:
    http://www.brooksrockett.com/portfolio/content/Sigs/Self/ I want to set up a subdirectory
    so that I can just go to: http://sigs.brooksrockett.com/ And be able to view the same image.
    I'm sure that it's somehow possible through cPanel, but I'm having a tough time figuring
    it out. Also, the domain brooksrockett.com is one that's parked on my trap17 site, and my cPanel
    actually shows plusone.trap17.com. I'm not sure if that makes a differe....
  8. Coppermine Photo Gallery - Security Alert
    For members using this script (1)
    As reported: QUOTE TITLE: Coppermine Photo Gallery Multiple File Extensions Vulnerability
    SECUNIA ADVISORY ID: SA20211 VERIFY ADVISORY: http://secunia.com/advisories/20211/ CRITICAL:
    Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: Coppermine Photo Gallery
    1.x http://secunia.com/product/1427/ DESCRIPTION: A vulnerability has been reported in Coppermine
    Photo Gallery, which can be exploited by malicious users to compromise a vulnerable system. The
    vulnerability is caused due to an error in the handling of file uploads where a filenam....
  9. Ibproarcade 2.5.2 (acp Issue)
    Usage - IPB 2.0.0 Final (8)
    I recently installed the IB ProArcade for my forums. I use IPB 2.0.0 Final ... and I keep getting
    an error when I view the ACP. I posted at the IB Arcade forums and they could care less about
    anybody that has a pre-2.1.x version. I have the right download and stuff and HAVE tried mulitple
    ways of installation and nothing is working. And this is the last place I will post before deleting
    the stupid thing. /mad.gif" style="vertical-align:middle" emoid=":angry:" border="0" alt="mad.gif"
    /> Main ACP Window CODE IPB WARNING [2] Invalid argument supplied fo....
  10. For Admins : Important Issue About Invision Power Boards
    (6)
    I have Invision Power Board 1.3 setup files and I want to install on my hosting on trap17.It was an
    open source on that time and it was free of cost.So i can install it and i hope it is not involving
    any legal issues and no any moderator / server admin should have any problem.But just wanted to let
    admin know , so that it wont create any problem with my account later.....
  11. Transfering Credits Issue
    Its says i have less than what i show.. (3)
    Ok, well just a second ago i tryed to transfer credits to a friend of mine..but it says that i only
    have 3.45 or somthing credits to transfer (i am trying to transfer 10) but on the Xisto Page It
    says that i have 33.75.... i know that the credit sytem has been modifyed a little but can that be
    interupting with the transfer at all? i have transfered credits to him before and im wondering if
    there is a limit on what i can tranfer to him? it also says i must have credits in the bank, and i
    also wonder what bank because i have looked everywhere and cannot find one? lol....
  12. Concerned Security With Hosting Application Info
    Spam bots can harvest emails in requests (5)
    I was looking around at the posts in the free hosting request section (just for fun), and noticed a
    major problem with the applications. For every application that is made, the email address of that
    applicant is shown to the world, including SPAMBOTS!!! This is a major flaw in the
    aplication process, and will lead to increase levels of spam in every member's inbox. This is
    the only thing that is wrong with any part of the Trap17 site. Editing topic title ....
  13. Cpanel Login Issue
    error finding a page (4)
    I have like a major problem: The server was not able to find the document
    (./frontend/rvblue/files/index.html) you requested Please check the url and try again. You might
    also want to report this error to your webhost. You really have to understand how important
    topic title and description are! This is your last friendly warning. Edited to fit the topic. ....
  14. Security Problem?
    (4)
    Ok mods...you can move this post if you want to. I really did not know where to post it. I am
    concerned. The past week or so, my page views have skyrocketed. But what is interesting, the
    number of unique visitors has not changed. And sure, I want the traffic. But it was such a
    dramatic increase, I don't think that my visitors were just viewing more pages. (It was about
    10X the number of page views I usually get). Any ideas what this is? Sunkist....
  15. Advanced Guestbook 2.3.1 Spam Issue
    Anyone has this problem? (2)
    I use the Advanced Guestbook script for my site guestbook and lately I've been getting lots of
    spam. I looked through the files and noticed there doesn't seem to be a way to stop this; even
    the guestbook on the Advanced Guestbook site itself contains tons of spam. Does anyone know of a
    way to prevent this? Or do I have to change guestbooks... Again?? /sad.gif' border='0'
    style='vertical-align:middle' alt='sad.gif' /> My friends are all going to be really tired of me
    asking them to repeatedly sign again and again /tongue.gif' border='0' style='vertical-alig....
  16. System security alert from Microsoft
    (2)
    I have the same problem. I have tried alot of times and nothing seem's to work
    heeeeeeeeeelp!....
  17. Security Codes Help Please
    (6)
    Hey folks, for some reason, my security code doesnt show up anymore. Does anybody know why is that?
    It used to work fine. Now on the login block of php-nuke, all it has is nickname and password, the
    security code part is gone... Thanks in advance!!....


      18. Looking for security, issue

Searching Video's for security, issue
advertisement



Security Issue



 

 

 

 

ADD REPLY / Got an Opinion! Remove these ADs! RAPID SEARCH! Free Web Hosting [X]
Express your Opinions, Thoughts or Contribute more info. to help others.
Ask your Doubts & Queries to get answers, So that "Together We can help others!" 		Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP.
500MB Space *No Ads*, CPanel, FTP, PHP, MySQL, EMails - 100% FREE