Manage Sub-Admins
A Sub-Admin is a special Admin account. You can restrict the permissions on different levels (view, edit, delete permissions, or no access) for different sections of the Admin Panel (Users, Domains, Logs, etc.). Furthermore, you can restrict login access to only specific known IPs.
Some examples for using sub-admins are the following:
- API integration - you shouldn't use your main Admin account to authenticate with the API.
- WHMCS plugin - use a Sub-Admin to authenticate your WHMCS plugin
- dividing the work and responsibilities within a team - each team member can have a Sub-Admin
Best Practices
API Integration
For API authentication, you must use an Admin username and password. This is the setup we recommend:
- secure your main Admin account by activating Two-factor authentication. You can continue to use these credentials for Admin Panel direct login and perform actions via the web interface of the Admin Panel.
- create a Sub-Admin for API access only. You can enable only the permissions you integrate with the API or allow unrestricted access.
- secure your API Sub-Admin by restricting login access to specific IPs - these should be the IPs of your servers that connect through the API.
- optional: create other Sub-Admin for your team members that will use the web interface.
WHMCS Plugin
To connect your WHMCS using our plugin, you must authenticate using an Admin username and password. This is the setup we recommend:
- secure your main Admin account by activating Two-factor authentication. You can continue to use these credentials for Admin Panel direct login and perform actions via the web interface of the Admin Panel.
- create a Sub-Admin for WHMCS access only. You can allow unrestricted permissions.
- secure your WHMCS Sub-Admin by restricting login access to specific IPs - the IP of your WHMCS server.
- optional: create other Sub-Admin for your team members that will use the web interface.
Team members
We don't recommend you share the same Admin account with other people, but instead, create a Sub-Admin for each member. This way, you can enable two-factor authentication for each and adequately secure your account.
Furthermore, you can set specific levels of access for each of the Sub-Admin and restrict the responsibilities of each member of your team.
Manage Sub-Admins
Add a Sub-Admin
-
Go to the Admin Panel.
- Log in using your main Admin username and password.
- Click on Sub-Admins in the menu.
- Click on the New button.
- Fill in the details of your new Sub-Admin:
- Sub-Admin username
- Sub-Admin password
- Sub-Admin e-mail address - will be used for password recovery
- Sub-Admin full name
- Select the permissions for each section. Each level of permission is numbered; the higher levels include the ones below it ( level 2 includes level 1, level 3 includes level 1 and 2, etc.):
- Account History: see the actions performed by Admin and Sub-Admins on the Home page
- Users: view/manage/remove/impersonate Users (mailboxes). The highest level is 5 - Impersonate and allows you to "sign in as" the User into Webmail and User Panel.
- Domains: view/manage/remove Domains.
- Aliases: view/manage/remove Aliases.
- Lists: view/manage/remove distribution Lists.
- Smart Lists: view/manage/remove Smart Lists.
- Branding: view/update branding settings for the main Admin account.
- Filtering: view/modify/remove whitelist and blacklist entries for Spam Filtering.
- Logs: view Incoming and Outgoing Logs, Last logins.
- Click on the Add Subadmin button to save.
Example:
Remove a Sub-Admin
-
Go to the Admin Panel.
- Log in using your main Admin username and password.
- Click on Sub-Admins in the menu.
- Click on the Delete icon next to the Sub-Admin you want to remove.
Update a Sub-Admin
You can update all the details and permissions of a Sub-Admin.
-
Go to the Admin Panel.
- Log in using your main Admin username and password.
- Click on Sub-Admins in the menu.
- Click on the Edit (pencil) button next to the Sub-Admin you want to update.
- Update the details. Leave the Password field blank if you want to update permissions but don't want to change the password.
- Click on the Update button to save the changes.
Restrict Sub-Admin login access
Log in as the Sub-Admin and follow the instructions for restricting login access.
Two-factor authentication for Sub-admins
Log in as the Sub-Admin and follow the instructions for enabling two-factor authentication. Please note you cannot enable two-factor authentication for a Sub-Admin that you use for API or WHMCS authentication - use restricted login access instead.