Home/ Questions/Q 8931689
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T09:10:00+00:00

Since recently, cPanel has changed the way that it logs in. Before login, the

  • 0

Since recently, cPanel has changed the way that it logs in.

Before login, the url is : https://accessurl:2083/

After login : https://accessurl:2083/cpsessXXXX/frontend/x3/index.html?post_login=89711792346495

You will note the cpsessXXXX embedded in the url.

And the page to access AWSTATS is :https://accessurl:2083/cpsessXXXX/awstats.pl?config=domain_name&ssl=&lang=en

I have tried the following PHP code

$username = 'xxx';
$password = 'xxx';
$loginUrl = 'https://<accessurl>';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $loginUrl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'user='.$username.'&pass='.$password);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_PORT,2083);
$store = curl_exec($ch);
curl_close($ch);

When I step through the code, the value of $store is FALSE, meaning that the login process failed.

The only reference that I found on the web to a similar problem is
at http://blog.mcfang.com/ in the March 28 entry.

I was hoping that cookies.txt would have the cpsessXXXX info, but no file is created.

Thanks for any help

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You need to reference the security token back to cPanel in order for your script to be accepted. As per the documentation over at cPanel documentation for Security tokens

    Take the following example:

    function createSession() { // Example details
$ip = "127.0.0.1";
$cp_user = "username";
$cp_pwd = "password";
$url = "http://$ip:2082/login";
$cookies = "/path/to/storage/for/cookies.txt";

// Create new curl handle
$ch=curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies); // Save cookies to
curl_setopt($ch, CURLOPT_POSTFIELDS, "user=$cp_user&pass=$cp_pwd");
curl_setopt($ch, CURLOPT_TIMEOUT, 100020);

// Execute the curl handle and fetch info then close streams.
$f = curl_exec($ch);
$h = curl_getinfo($ch);
curl_close($ch);

// If we had no issues then try to fetch the cpsess
if ($f == true and strpos($h['url'],"cpsess"))
{
    // Get the cpsess part of the url
    $pattern="/.*?(\/cpsess.*?)\/.*?/is";
    $preg_res=preg_match($pattern,$h['url'],$cpsess);
}

// If we have a session then return it otherwise return empty string
return (isset($cpsess[1])) ? $cpsess[1] : "";
}

    cpsess is used to append the URLs the correct token that cPanel expects back.

    • 0