Solved

Cannot read CPanel login page (401 Access Denied Still Working)

Posted on 2008-10-07
7
1,528 Views
Last Modified: 2012-05-08
The following code attempts to read the CPanel login page on my own server. The code fails even though the login page can be read manually in any browser. The failure message is as follows:

Warning: file_get_contents(http://64.131.68.211:2082/): failed to open stream: HTTP request failed! HTTP/1.1 401 Access Denied Still Working in C:\Web\TestHTTPS-EE.php on line 5

I am using PHP 5.1.6 and openssl is enabled. I am using Apache 2.2.3 on Windows running on my local computer as localhost.

The problem also occurs if I move this PHP file to a remote server. It also occurs if I add the username and password to the URL.

Note that other websites, even secure ones, can be read without a problem by similar coding. For example, $url="https://65.200.16.78/"; works.

I have searched the Web but cannot find a solution.

<?php

// Read and display CPanel login page

$url="http://64.131.68.211:2082/"; // Fails ("401 Access Denied Still Working")

$C=file_get_contents($url);

echo $C;

?>

Open in new window

0
Comment
Question by:dspector
  • 5
  • 2
7 Comments
 
LVL 8

Accepted Solution

by:
RWJDCom earned 300 total points
ID: 22659549
I have had similar problems when I was trying to read the cPanal login page for something I was writing and what I found was that using file_get_contents was not the way to go and using cURL worked a alot better.  

cPanel also has an API you can use if you are just trying to run commands.  :)

Again, try using cURL instead of file_get_contents.   You can get the syntax from http://www.php.net, just do a search for cURL.

I hope this helps.
0
 
LVL 1

Author Comment

by:dspector
ID: 22660462
Thanks, but I don't want to use cURL, a separate library, since there is nothing that cURL can do that PHP proper should not be able to do. I want a genuine solution in PHP if it is possible. There should be one possible, since I believe that PHP proper can accomplish any kind of Internet connection that a browser can.

Since this bug affects other people, a solution will also benefit others. If this is a bug in file_get_contents or wrappers, that would be good to know, so I can report it to The PHP Group.

Perhaps someone else out there can find a way to make this work without using cURL?

Additional hint: what makes CPanel different from other sites is that it frequently uses a self-signed (untrusted) security certificate, as it does in this case. Browsers complain, too, the first time they try to read the page. Then they succeed when the user clicks a button or two.

0
 
LVL 1

Author Comment

by:dspector
ID: 22672371
I've implemented the solution using cURL, and it works fine if you set the parameters CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER to false, causing security certificates to be ignored. Of course, the application can query the user before doing this, so at least the lower security is made obvious.

But surely a page with a self-signed or untrusted certificate can be opened with fsockopen? Surely someone out there can figure out how to do this without requiring the entire cURL Library?

Someone? Anyone?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Author Comment

by:dspector
ID: 22711706
This question has been open for awhile, but there is as yet no good answer.

If no one knows the answer, I will delete or close this question so it doesn't remain open. EE doesn't like questions that are open for too long.

David
0
 
LVL 8

Expert Comment

by:RWJDCom
ID: 22713746
Unfortunately I don't think your going to be able to accomplish what you want using just standard PHP.  That's why I suggested that you use cURL to do it because most providers have cURL compiled into PHP or if not they can surely add it for you.

I wish I could help you more.

-Jeff
0
 
LVL 1

Author Comment

by:dspector
ID: 22717454
I can't imagine what cURL could do that PHP cannot do, since I believe that PHP gives full access to socket control.

Jeff, since you were the only person who even bothered answering, I'll give you the "answer", but like many questions I've asked here and elsewhere I'm not really satisfied with the answer. Our computer environment is great when we are doing something ordinary, but when we try to do something unique its limitations get revealed pretty fast.

David
0
 
LVL 1

Author Closing Comment

by:dspector
ID: 31656949
Thanks for taking the time to help!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now