Managing Security Token Settings to secure WHM

Posted:  May 14th, 2016

 

In order to allow an KEKhost/KEKhosting Customer Service agent connect to your server without problems, WHM Security Token settings must be tweaked. The default is set to "on". This default setting causes a disconnection between iWeb Customer Service and your server.  Change the default to "Off" to avoid an "Access Denied" message. Please note that changing this setting impacts server security, such as Cross Site Reference Forgery vulnerabilities, otherwise know as XSRF attacks.

 

> Log in as root and go to Server Configuration.

 

> Click on "Tweak Settings".

 

> Go to the "All" tab.

 

> Select "Off" at the far right.

 

> Click "Save" and exit.