Security Issue? Cpanel name showing up in Information

I think that I understand why it is there, but isn't it a security risk having the cpanel username show up in your information on the side of a post??I think there should be a way to hide that information from regular users and have it only show up for mods, or leaders here at Xisto.....Just a thought......

Hmm...I didn't know the cpanel user name was manditory...Could have sworn it was optional..Or atleast I see many people without it lol...Eh though one of the reasons it could be there is incase you ever forget it or something...Not exactly sure...Maybe it's for identification...Take it up with the admins...I see no security hole inside the matter though... It's not like any of us have a brute forcer program...Or even if we did we wouldn't hurt our own hosting site...That would be pointless...But If somebody did attempt to do sucha thing...Well...I pitty them...Cuz revenge is sweet lol...l8r

I support what you are saying and think that management should consider making the change to hide the login name.If I had bad intentions it make it easier by having half my work done for me if I already know the login name. All I would have to tangle with is only the password.I have question it myself several times. ;)I went into my profile and removed it and it don't show any more. Also everything seem to be fine, no problems created.

Rudy, don't forget your password. If you do your'e ***** (I *** out that word use your imagination"

Cpanel Username

Username for your hosting account. ( must be filled after member is given a hosting account ). Warning : If you set this field incorrectly after getting your hosting account, Your account will be automatically Terminated. [ 8 CHARS MAXIMUM - NO NUMBE

Talk to OpaQue on hiding it from other users bur I think that is whats you hosting ID and it can be different from your user ID here.

Nils

I was just thinking...I don't see it as a major problem, more of a big annoyance...but hey, I am just a peon here, so I shall return to the peanut gallery...

well, most of the time the name seems to be the same as the username on the forum. in the end, it's up to you to get yourself a decent password off course. besides, can't you change it? or does it change here too if you do so?

But even if you change it the new name will show. It seems that some people did not put in one when they filled out their profile and that is why one does not show for them.I am not worrying about it any more because the administrators don’t see it to be a problem.

All hosted users have a cPanel username. Those who deleted it will loose their hosting account when we prune and update. If the name is removed or changed the hosting will be deleted and the user are out off luck.That happened last time the script was run. All users with no cPanel name lost the hosting accounts that they had worked for. As another user said, the cPanel user name and the username here are for the most part the same... unless your username is longer than 8 characters :)Don't use the same password in cPanel as the one you use here for your user name.Nils

As another user said, the cPanel user name and the username here are for the most part the same... unless your username is longer than 8 characters

 

Don't use the same password in cPanel as the one you use here for your user name.

Nils

<{POST_SNAPBACK}>

Not to be rude Nils, but that still can be seen as a security risk, and it dosen't matter if you use a different password, a good password cracker can get through it in a heart beat. it would just make it a little more difficult to hack in. That is just my $0.02

P.S. If I might ask why all of a sudden that became mandatory? It seems like a waste of DB resources to have to add that field in and then having to look it up every time a post is viewed. Not that I'm not happy with this place, the uptime seems wonderfull. It just seems to me like that would be a waste of resources to show that on every post and not just on a report when needed.

I said that I would return to the penut gallery, and I will now......

The load is minimal, grabbing something from a DB is nanoseconds work. Its not really a security risk at all, people claim chmod 777 is a security risk its not. Theres nothing wrong with the way it works and your forum username and cpanel username are the same so it wouldnt provide you anymore protection, plus set a 15 digit password and crackers will even struggle, plus they prove inefective to people how make a good password.

It basically helps me to solve your queries easily. When you post complaints or queries.. I can directly check your account using the username. I dont think there is a security issue.. but you may have a point there.Also, I get soo many members who have tried to enter their forum username for logging in into Cpanel. This field makes it clear that forum username is seperate from Cpanel username. Anyway, I am disabling it. If you like.

This issue is now solved, the cPanel username are only visible to the user and to Admin / Moderators. This is so we can help faster like OpaQue said.

DO NOT, and I repeat DO NOT remove or alter your cpanel name. If you need it changed, ask OpaQue to reset it and he will (It'll cost you around 30 hosting credits so make sure you are sure before asking) Any account with the wrong cPanel username or missing the cPanel username will be deleted without any warning. When the script is run that terminates accounts with more than 30 days of no activity, it also removes accounts with missing or not matching cPanel names.

When your account is deleted that way there are no way that we can retrive it, it's gone. You will have to start all over with 10 hosting credits to get a new account, 50 for standard. It's not our fault if you mess with your cPanel name so don't come crying when the hosting is gone.

And just to remind you, there is NO warning email sent out to let you know your account is blocked due to inactivity. If you need a babysitter, ask your mom to remind you so you're hosting space don't get blocked due to lack of hosting credits.

If your account goes over bandwidth and we find movie or song hosting but no web-site to support any content, your account will be deleted or you will not receive bandwidth in the beginning of next month (That will be the same as a useless web-space)

Thank you,

Nils

OpaQue, you are so great, no wonder this site and service rocks...I was just curious, and you answered my question beautifully, thank you. I was not trying to be a pain in the rump, it was just a thought I had.If it creates a problem to hide it, then don't. That means if it even causes you a moment of trouble to verify it, then unhide it. I will support you in any decision that you make regarding this issue...