BuycPanel Blog

BuycPanel Blog

Latest news and updates

3/06/2015 – Disable Non-SSL Login for cPanel

Posted by Jamison on 06 03 2015.

SSL is an important feature of any website since it adds the vital layer of security to keep your website safe. This is why whenever your connection isn’t secured by SSL, your website won’t allow it just to protect your website. There are some entities that can try to access your website by hacking your login details.


However, when you’re at home or working away from the office, you may need to access your website from your own connection, your data plan or a public network. While this may pose threats to your website, when you need to access your email or domain from an unsecure connection for a moment is perfectly fine. Just make sure that you put back the SSL login preferences afterwards and return it to the secure setting.


Before you tweak the settings, here’s something you have to keep in mind, cPanel/WHM will use the certificate configured in:


“WHM Home » Service Configuration » Manage Service SSL Certificates”


Here’s how to disable Non-SSL Login for cPanel and WHM:


Set the Always redirect to SSL option to On in WHM’s Tweak Settings interface (Home >> Server Configuration >> Tweak Settings). This will disable the use of the insecure ports and redirect users to secure ports with the /cpanel alias, the /whm alias, and the /webmail alias.


Another instance


There are times you want to disable automatic to SSL connection while accessing WHM, cPanel, Webmail, so you can access cPanel/WHM via standard ports 2082 and 2086, this is pretty useful if you have SSL issue that’s preventing you from loging into your server or cPanel account because it may unable to decrypt your stored password.


Login to WHM >> Tweak Setting >> Uncheck the following options under Redirection


Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc.


Afterwards, you have to uncheck the following option under Security in Tweak Settings.


Require SSL for all remote logins to cPanel, WHM and Webmail. This setting is recommended.


If you are unable to login to WHM backend, you can disable those options from the shell. SSH to the server as root.


SSH to your server as root




# nano /var/cpanel/cpanel.config and set the following options to 0 (zero).














Save the file and exit.


Here’s another solution that involves using a subdomain:


This is using the cPanel proxy setup.
This is not recommended for setting up each individual account on a server. Instead  is recommended that you sett up a single cpanel subdomain account on the server and installing a certificate for that account. Afterwards, tell all of your users to access their control panel through this subdomain account. It’s a bit easier to manage.