VPS
Main PagecPanel and DirectAdmin LicensingServer Management PlansVirtual Private ServersDedicated Servers
Control Panel Licensing
ServerTune ResellersResellersSpecial PromotionsServerTune SpecialsHomeAbout ServerTuneContact usTechnical SupportKB
ServerTune Main Page
Space
Space
Our most popular products:

SPECIAL PROMOTION: cPanel License $36 /month. more info

 Issues, Tips, and Solutions

Protect your server with Mod Security rules written specifically for your system. more info ...
Space
Search:    Advanced search
Browse by category:
:: KB Home / Control Panels / cPanel/WHM / WHM :: Access Denied
WHM :: Access Denied
Printer Friendly
Printer friendly
email to a friend
Email to friend
Add comment Add comment
Views: 79
Votes: 0
Comments: 0
Posted: 17 May, 2008
by: Support T.
* * * * *
Updated: 17 May, 2008
by: Support T.

When you login to the WHM, you get the following error:

     Access Denied
    Functions in cPanel / WHM are available only directly through the cPanel and WHM interfaces or through our XML API. It appears that this request is coming from a referring site and might be malicious.

When XSRF attacks is enabled in the WHM, the cPanel will validate the referrer for every page. If the referrer matches one of the domains, the server 's hostname , or any of the server's IPs, then the request is allowed through. If the referrer does not match, then the user is shown the "Access Denied" page with the request information and given the option to proceed.

To get rid of that page:

  1. 1. Login to the WHM >> Server Configuration >> Tweak Settings
  2. Scroll down the page (about half way down) and find "Security", un-check the checkbox to deactivate "XSRF attacks"
  3. Click on the button Save at the bottom of the page.
    DONE
Other articles in this Category
document DOWNLOADS
document Documentation & HowTo
document FAQ and Bugzilla
document My hosting packages are not showing in the WHM
document How can I re-activate my WHM/cPanel license?
document I need to run one more backup session on my WHM/cPanel; How?
document Can't connect to local MySQL server through socket '/tmp/mysql.sock
document Is there a difference between the cPanel themes: x, x2 and x3?
document cPsrvd won't start, how can I fix it?
document How can I un-install or remove a Perl Module?
document (internal warning)
document What are the local paths to log files?
document Removing and/or re-installing the cPanel/WHM
document HowTo :: upgrade Perl to v5.8.8
document HowTo: set up the cPanel/WHM to use /home and /home2 partitions?
document HowTo: get rid of the pop-up login screen
document HowTo: reset bandwidth for a specific user
document rsync: failed to connect to rsync.cpanel.net: Connection refused (111)
document Your operating system's rpm update method (yum) was not able to locate the glibc package
document Can I remove the /home/Virtfs directory?
document sshd has failed, please contact the sysadmin.
document Webalizer stats is not in English
document HowTo :: restore cPanel powered server from an old to a new HD
document How can I disable Mod Security for a specific domain while keeping the Mod Security for the rest of domains enabled?
document HowTo :: install a Perl Module
document cPanel cpsrvd is down
document Where to buy or lease a License?
document Where to get technical support
document HowTo :: make scripts available to all clients on your server
document Error: Missing language key "BUAliasFilterTitle"
document HowTo :: install ASP
document HowTo :: clear a full partition?
document HowTo :: remove Tomcat
document Sorry modified cPanel addons are not allowed, contact your server admin for more info.
document Sorry, the nameserver ip 12.34.56.78 cannot be removed since it is still registered with an ICANN register.


RSS
Last update: August, 2008 ••• Copyright (c) 2004-2008 ServerTune Inc.