Q1 . This in my opinion is a bug / security issue.
Anyone can reset any users password just by entering in there username since a new password is auto-generated and sent to the account email. This can cause problems for billing systems like whmcs which connect to an account to create new sub-accounts and will stop it working. Ideally the password should not be reset but a link sent to the account email to then go and reset the password so only the account email owner can reset the password.
Q2. SRV records do not seem to be being created in bind? Are they not supported?
Hi Marco – sorry for the delay replying! Nothing at all mentioned in logs as far as I can see. Yep we’ve tried adding by formatting it like that (tried every variation we could think of). When the SRV record is added, SolidCP says “Saving DNS Zone Record” but then the page refreshes and the SRV record isn’t there (and it’s not in the BIND .db file either). When we add the SRV record directly to the BIND .db file, it works fine (have tried copying and pasting from the BIND file and then trying to add another record within SolidCP and that still doesn’t work) but it looks like SolidCP isn’t able to add the SRV records directly (other DNS records work fine).
- Views1387 times
- Answers5 answers