A cPanel bug just deleted my hosting site!

[BlackStorm]

Hey
My hosting site used the username "admin" then a reseller setup a domain with the username "Admin"
Last night the reseller forgot the password to his domain, so first he requested the password to be emailed out (cPanel feature)
I got a link in my email to reset the password for the account, because the username was Admin, I thought maybe it was for my domain, so I left it.

Because the reseller didnt get the email he needed to reset his domain, he decided to delete and recreate the site.

cPanel then deleted both accounts because they had the username admin and Admin, even though it allowed the reseller to create a seperate account using the same username, only with a cap A

:smash:

So I had to restore a backup for my whole site, which was old because hte latest backup had writen over the one from the previous night

This is the first major bug I have noticed in cPanel but its one that Im obviously not happy about as it could cause so many problems.

Make sure you let your resellers know about this problem or even check the accounts they create and the username as it could end up deleting your account or an account another reseller owns

 

[turnkey]

Now that really sucks. Did you report it to cPanel so they can get it fixed?

 

[Francisco]

Yep. That sucks Did you contacted Cpanel like Robert sugested?

 

[BlackStorm]

Just reported
Was meant to last night but forgot to do it

 

[imported_maxhest]

Ahhhh, The joy's of ensim pro!

 

[imported_Stephen]

Wow thats really bad..
You would have thought they noticed something as major as that!
They get enough money to test it and find something as basic as that I think

 

[turnkey]

Yea, but it is probally a common miss. I mean, what tester would enter "admin" for user 1 and "Admin" for user 2? They would just try "admin" and not think about the upercase. Then if that is the case what about "AdMin" or "aDmin" , "ADmin", etc. The list can go on and on. I work in test and this is the kind of things that are really missed. There are too many varables and not enough time so you have to hit the most important and practical ones first.

 

[BlackStorm]

But its not just for admin and Admin, its for any username that has any number of characters in a different case will cause the problem.
So adMin and Admin will also have the same problem, uSer and user would also.
I would have thought that would tested before.
They know now anyway so should be fixed for the next release

 

[Vovex Technology]

I find that rather funny for cPanel to be on their 8x release of their control panel and not had that bug reported and fixed by now. Sorry to hear about the drama there John, good thing you frequently backup otherwise that would of been a huge problem.

BTW, do you back up locally to your hard drive or is it an offsite backup?

 

[imported_Stephen]

Yeah thats not too good to hear is it...
They have had loads of versions out and this hasnt been caught.
maybe in earlier versions this problem wasnt able to happen though.
A few other bugs were found along with this, saw it on the cpanel forum.

its reported in the bug tracker now anyway

 

[imported_HadleyHost]

Thanks for making us aware of that error. I do weekly backups so that could be bad for me.