WHM :: Access Denied

When you login to the WHM, you get the following error:

    Access Denied
    Functions in cPanel / WHM are available only directly through the cPanel and WHM interfaces or through our XML API. It appears that this request is coming from a referring site and might be malicious.

When XSRF attacks is enabled in the WHM, the cPanel will validate the referrer for every page. If the referrer matches one of the domains, the server ‘s hostname , or any of the server’s IPs, then the request is allowed through. If the referrer does not match, then the user is shown the “Access Denied” page with the request information and given the option to proceed.

To get rid of that page:

  1. 1. Login to the WHM >> Server Configuration >> Tweak Settings
  2. Scroll down the page (about half way down) and find “Security”, un-check the checkbox to deactivate “XSRF attacks”
  3. Click on the button Save at the bottom of the page.

Leave a Comment