🔐 Disabling the cPanel Password Reset Option via WHM Root
In some cases, the password reset (Reset Password) feature visible on the cPanel login screen can pose a potential security risk.If your server lacks strict security controls or has been compromised through an uploaded shell, this option may allow unauthorized users to reset cPanel account passwords.
This guide explains, step by step, how to disable this feature securely via the WHM root panel.
⚠️ Why Should You Disable the Password Reset Option?
- Malicious scripts or shells can exploit the cPanel password reset feature.
- If user credentials are leaked, this option can make unauthorized access easier.
- It is recommended for administrators seeking an additional layer of security.
🔧 How to Disable the Password Reset Option
Follow the steps below after logging into your WHM root panel:- From the WHM main menu, go to
Server Configuration. - Then click on
Tweak Settings. - Scroll down to find the option
Reset Password for cPanel accounts. - Set this option to
Off. - Scroll to the bottom and click
Save.
"Forgot your password?" link will no longer appear on the cPanel login screen.