Results 1 to 6 of 6
  1. #1
    Join Date
    Aug 2001
    Location
    Missouri
    Posts
    143

    Question Preventing cPanel User from Deleting an E-mail Account

    I've been requested by an organization I both host and also work on staff for to give their office administrator access to the account's cPanel. However, I have my staff e-mail account on that server and I don't want it to get accidentally deleted. Is there a way from cPanel, WHM or from the shell to lock the ability to edit my particular e-mail address to safeguard it while otherwise giving someone access to cPanel? Ideally, the office administrator would be able to add and delete other e-mail accounts, but not mine. I tried searching for a solution, but I'm not quite sure how to phrase what I'm trying to do other than to say I only want root to be able to delete my e-mail account.
    Universal Networks
    Web Design, Online Publishing and ServerForest Web Hosting

  2. #2
    Join Date
    Mar 2007
    Posts
    2,050
    They do not need that much access, create a website that they can use to create email accounts. None of the email accounts should be deleted unless you are the one deleting them or it has gone through a change control process. You can use the cPanel API to create a custom website for their use as what you are asking for is not possible out of the box and giving someone who is not technical that much access is a really bad business practice. You can create an array of restricted email address that are forbidden to delete (and send you an email if a delete is attempted) or just list emails without the ability for them to delete or send you an email with a delete request (I recommend requiring a justification before deletion), etc. Just insure the website is secured, has 2FA and you get a regular report of what was deleted, create an audit log, etc. to insure it is not abused or hacked into by a 3rd party if the office admin decides to share their credentials to make things more convenient for someone else.

  3. #3
    Join Date
    Mar 2013
    Posts
    142
    If I got you right you are hosting your website and someone's else website in one cPanel account? If so, my advise is to contact your host and ask them to convert you to reseller then split addon domain to separate cPanel account via WHM. Or just split to cPanel account.

  4. #4
    Join Date
    Aug 2001
    Location
    Missouri
    Posts
    143
    Thanks, @HelpOps. That sounds like a good idea, although it might take me a bit longer to build than I have time, particularly since they want access to the other parts of cPanel and not just e-mail. It is intriguing, though.
    @LeapWH, it's my own server and I have other accounts. But, I've worked with this particular organization on staff in addition to hosting them, so I have an e-mail address tied to their domain. I'd like to somehow move that e-mail address out of their control. Perhaps there would be a way to make a system level forwarder that wouldn't be listed in cPanel, but would still forward from that domain to a box I have on another account on the server or something?
    Universal Networks
    Web Design, Online Publishing and ServerForest Web Hosting

  5. #5
    Join Date
    Mar 2013
    Posts
    142
    Well, ask them not to delete it
    BTW, not everyone knows, but forward is working even if forwarded account is not created. For example if you wish to forward xxx@xxxx.com to yyy@gmail.com it is not necessary for xxx@xxxx.com to exist.
    So, you have 2 layers of protection:
    1 - forward, it will be working even if main account is deleted
    2 - use POP settings to collect emails from mailbox. By doing so you will receive a warning when the emails cannot be fetched from the server - means your account is gone

  6. #6
    Join Date
    Dec 2011
    Posts
    1,460
    Quote Originally Posted by uninet View Post
    I've been requested by an organization I both host and also work on staff for to give their office administrator access to the account's cPanel. However, I have my staff e-mail account on that server and I don't want it to get accidentally deleted.
    This is why you have backups.

    Either you trust the person with administrative access or you don't. If you don't, then do not give that person administrative access.

    If that's not your decision to make - then you give them administrative access just like you were told to do... because it's not your decision to make.

    Just make sure the backups are working properly. If you're really paranoid just run an rsync against your mail directory every 12 hours or so and copy all your mail to a safe location Just In Case.

    Remember - If they screw up, it's on them... not you.
    "I've seen spam you people wouldn't believe. Routers on fire off the OCs of AGIS. I watched MXes burning in the dark near the Cyberpromo Gateway. All those moments will be lost in time, like tears in rain. TTL=0."

Similar Threads

  1. Preventing cPanel users from spamming
    By robotwink in forum Hosting Security and Technology
    Replies: 10
    Last Post: 09-02-2009, 12:13 PM
  2. How To Prevent Cpanel User From Using A Particular Domain As Addon Or Parked?
    By bibleman in forum Hosting Security and Technology
    Replies: 5
    Last Post: 08-26-2009, 04:25 PM
  3. how to prevent a user from saving an html page
    By vikas_82 in forum Web Design and Content
    Replies: 25
    Last Post: 12-18-2005, 07:43 PM
  4. is there any way to delete mails from server in a mail account
    By junaidkhan in forum Hosting Security and Technology
    Replies: 7
    Last Post: 02-15-2004, 11:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •