If you’re encountering the common ‘Security Token Missing’ error upon logging in to WHM, cPanel or Webmail, read this guide for a quick fix:
HTTP error 401
Invalid security token
The requested URL does not contain your session’s correct security token.
Before we start, let’s learn about security tokens a little more. Security tokens are unique strings inserted into the URL that typically consist of randomly generated letters and numbers; these strings are unique to each individual cPanel, WHM or Webmail session.
As each individual user has their own security token generated in the URL each time they login to cPanel, WHM or Webmail, no other user can therefore hijack the session, as they do not posses the security token.
It’s highly recommended that you leave security tokens enabled, as indicated by the cPanel documentation:
Tokens are inserted into the URL and are unique to a single login session. Requests made without the appropriate token produce an error and result in a request for re-authentication. This action effectively thwarts XSRF attacks because the attacking URL will not contain the appropriate token.
How to disable ‘Security Token Missing’ in WHM / cPanel
If you’re still not convinced that this is an essential part of your servers cPanel / WHM security, there’s a simple way to disable security tokens below:
WHM > Tweak Settings > Security > Security Tokens > Off
Incoming search terms:
- The security token is missing from your request
- http error 401 invalid security token
- the requested url does not contain your session’s correct security token
- De error HTTP 401 Invalid security token
- error HTTP 401 Invalid security token
- The security token is missing from your request cpanel
- De error HTTP 401 Invalid security token The requested URL does not contain your session’s correct security token
- invalid security token cpanel
- invalid security token webmail
- cpanel email invalid security token