Basic Security Concepts
This document describes some basic security concepts that you can use to protect your system from XSRF attacks.
authentication
cPanelID
cPanelID is an integrated set of credentials that customers can use to log in to various cPanel websites and services.
Manage API Tokens in cPanel
This feature lets you create, list, update, and revoke API tokens.
Manage API Tokens in WHM
This interface lets you to create, list, update, and revoke API tokens.
Manage External Authentications
The Manage External Authentications interface allows you to manage your server's OpenID Connect-compliant identity providers.
Manage Sudo Group Users
This interface allows you to manage the wheel group's membership.
Manage Wheel Group Users
This interface allows you to manage the wheel group's membership.
Security Best Practices
This document describes some security best practices you can use to protect your cPanel & WHM users, files, and websites.
The convert_accesshash_to_token Script
This script converts a WHM user's access hash to an API token.
The failurls File
If a user fails to authenticate with cPanel through a custom login form, the /var/cpanel/failurls file allows a reseller to redirect that user to a custom error page.
Two-Factor Authentication for cPanel
Two-factor authentication (2FA) is a security measure that requires two forms of identification.
Two-Factor Authentication for WHM
This function allows you to configure two-factor authentication (2FA), a security measure for the login interface of cPanel & WHM.