It'd be nice to be able to see what's been changed in WHM and in cPanel by other admins or customers or even yourself. Could there be a report created where we can view this?
Users Actions History
Open Discussion
Clients too often asked to provide some proves that they installed/changed/removed something. It would be awesome if cPanel has "Action History" item where a client can see history of all his actions.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
Is forensics the primary use of such a feature?
Is forensics the primary use of such a feature?
I've always felt that cPanel was lacking logging ability.
You can see where users go but not exactly what happened.
With the addition of subusers it's beginning to be important to see who did what.
I agree with a289, mostly for accountability and maybe partly for forensics.
I've always felt that cPanel was lacking logging ability.
You can see where users go but not exactly what happened.
With the addition of subusers it's beginning to be important to see who did what.
I agree with a289, mostly for accountability and maybe partly for forensics.
Moreover, with "User Manager" feature, this should be even more necessary than ever.
Moreover, with "User Manager" feature, this should be even more necessary than ever.
I second this feature. In fact, I was about to propose this feature. Specially when you have customers/staff/colleagues/resellers that misconfigured things but keep in denial of facts.
I hate to hijack threads but I have some ideas and use cases :)
Now that a User Manager is oncoming, forensics will become important, too.
I would consider this case scenario: it would be very helpful to track tasks made during illegal access/penetration, in order to determine what have been compromised, when, from where, and by whom (which user).
If this is the case, I think these kind of logs should be kept in a folder outside of /home, but with the user account permission access, in the same fashion as databases are currently handled: far from home folder but included in backups/transfers.
It's just a log of what settings have been changed via cPanel UI. Much like the history of changes in github repos. It should be an atomic task to record entries to these logs, so no performance struggle should be noticed. (Just appending data to a plain text file make sense for you?) If so, we will need some options in Tweak Settings:
[History of user account changes]
- Rotate changelogs every: (drop down: 50 MB, 300 MB ) of data. Default: 300 MB
- Time to keep changelogs locally: (drop down: 6 months, 1 year, 2 years, 5 years, indefinitely). Default: 6 months
- Keep changelogs after account deletion: yes/no. Default: no
Format of files: /account-changelog/[username]-[yyyy-mm-dd of rotation made].[log|tar.gz] (similar to exim_mainlog behaviour)
This format would make easy to locate, identify, and cat/zcat/grep via command line, and by being a plain txt you will be sure that no executable code could be even inserted on purpose :) (Because exploitation thru log viewers is always fun and feasible!)
Internal format: similar to Apache logs? (I leave it up to you)
Hope this help and this feature may become true some day this year.
Best regards
I second this feature. In fact, I was about to propose this feature. Specially when you have customers/staff/colleagues/resellers that misconfigured things but keep in denial of facts.
I hate to hijack threads but I have some ideas and use cases :)
Now that a User Manager is oncoming, forensics will become important, too.
I would consider this case scenario: it would be very helpful to track tasks made during illegal access/penetration, in order to determine what have been compromised, when, from where, and by whom (which user).
If this is the case, I think these kind of logs should be kept in a folder outside of /home, but with the user account permission access, in the same fashion as databases are currently handled: far from home folder but included in backups/transfers.
It's just a log of what settings have been changed via cPanel UI. Much like the history of changes in github repos. It should be an atomic task to record entries to these logs, so no performance struggle should be noticed. (Just appending data to a plain text file make sense for you?) If so, we will need some options in Tweak Settings:
[History of user account changes]
- Rotate changelogs every: (drop down: 50 MB, 300 MB ) of data. Default: 300 MB
- Time to keep changelogs locally: (drop down: 6 months, 1 year, 2 years, 5 years, indefinitely). Default: 6 months
- Keep changelogs after account deletion: yes/no. Default: no
Format of files: /account-changelog/[username]-[yyyy-mm-dd of rotation made].[log|tar.gz] (similar to exim_mainlog behaviour)
This format would make easy to locate, identify, and cat/zcat/grep via command line, and by being a plain txt you will be sure that no executable code could be even inserted on purpose :) (Because exploitation thru log viewers is always fun and feasible!)
Internal format: similar to Apache logs? (I leave it up to you)
Hope this help and this feature may become true some day this year.
Best regards
Replies have been locked on this page!