No announcement yet.

Admin login to cp in steps

  • Filter
  • Time
  • Show
Clear All
new posts

  • Admin login to cp in steps

    I purchased the vB Cloud. I got the order confirmation and email. I chose to use (not the actual URL of course shown here). In the order confirmation email I got an Admin user name and pwd and instructions and a link with that URL/adminAction-quickConfig. I never even used that Admin login because my migration was handled by vB shortly thereafter. I have not yet done the CNAME as there are just a couple post icon and avatar path issues at hand.

    So at this point to login as Admin and reach the Admin CP I go to the initial provided for the Cloud site and see the site. I login with my Vb4 Admin / Admin pwd that was active in the migration of the Vb4. Then I turn on Edit Site and the menu that appears has a link to Admin Panel. I click that and get a URL and I have to login again with my same admin info I brought over from Vb 4 (since I have not changed it).

    Is it after I set the CNAME I will be able to directly login one time to reach the Admin CP. Right now if I go to first it says I don't have permission no id.

    Just want to confirm.

  • #2
    The AdminCP and Front-end logins are separate for security purposes. They are actually separate in vBulletin 4 as well. When you log into the front-end we create a front-end session and you need to login into the AdminCP to create a cpsession. If you log into the AdminCP directly, we create both the front-end session and the cpsession.

    When you log into the Front-end on vBulletin 5, it retrieves your usergroup permissions but doesn't create an AdminCP Session. This allows you to turn on Site Builder but doesn't actually allow access to the functions.. When you select an administrative function (Quick Setup, Channels, Edit Page, Bulk Deletion, Banning a user), it will ask for your password to verify that this Administrator actually has permission to do this. This will normally be in a popup window that asks for your password and if enabled the two-factor authentication code from an app on your phone. Once it verifies who you are, the system will grant you access to this information.

    This is primarily for the fact that some people work in locations where others may have access to the machine they log in with. If we left these functions open, someone could act with malicious intent and erase your entire forum without accessing the AdminCP.

    This behavior will remain the same after your CNAME is active. The work around would be to log into the AdminCP directly but know the session will only last an hour and you cannot select "Remember Me" when doing this.
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API - Full / Mobile
    Vote for your favorite feature requests and the bugs you want to see fixed.


    • #3
      Understood, thanks.


      Related Topics